synbizsolutions.com
Open in
urlscan Pro
103.27.34.3
Malicious Activity!
Public Scan
Effective URL: https://synbizsolutions.com/wp-content/plugins/press/cranew/start.php?program=tax&target=details&lang=en&idp=cms;jsessnid=gt...
Submission: On December 06 via manual from CA — Scanned from CA
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 19th 2022. Valid for: 3 months.
This is the only time synbizsolutions.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Canadian Government (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 79.98.26.40 79.98.26.40 | 212531 (INTERNETO...) (INTERNETO-VIZIJA) | |
14 | 103.27.34.3 103.27.34.3 | 45638 (SYNERGYWH...) (SYNERGYWHOLESALE-AP SYNERGY WHOLESALE PTY LTD) | |
1 | 2606:4700:20:... 2606:4700:20::ac43:4739 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2606:4700:21:... 2606:4700:21::8d65:780a | () () | |
1 | 2606:4700:10:... 2606:4700:10::6816:4aab | () () | |
1 | 13.32.164.97 13.32.164.97 | () () | |
1 | 18.222.157.208 18.222.157.208 | () () | |
1 | 104.18.36.173 104.18.36.173 | () () | |
1 | 2606:4700:e2:... 2606:4700:e2::ac40:8c1f | () () | |
30 | 10 |
ASN212531 (INTERNETO-VIZIJA, LT)
PTR: storlapis.serveriai.lt
remigijusetp.lt |
ASN45638 (SYNERGYWHOLESALE-AP SYNERGY WHOLESALE PTY LTD, AU)
PTR: s311.syd3.hostingplatform.net.au
synbizsolutions.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
synbizsolutions.com
synbizsolutions.com |
144 KB |
3 |
dtscout.com
t.dtscout.com |
5 KB |
1 |
dtssrv.com
a.dtssrv.com |
592 B |
1 |
tynt.com
cdn.tynt.com |
7 KB |
1 |
sharethis.com
pd.sharethis.com t.sharethis.com Failed |
3 KB |
1 |
s-onetag.com
get.s-onetag.com onetag-geo.s-onetag.com Failed |
30 KB |
1 |
amung.us
whos.amung.us |
182 B |
1 |
waust.at
waust.at — Cisco Umbrella Rank: 32298 |
7 KB |
1 |
remigijusetp.lt
remigijusetp.lt |
266 B |
0 |
onaudience.com
Failed
pixel.onaudience.com Failed |
|
0 |
dtscdn.com
Failed
t.dtscdn.com Failed |
|
0 |
crwdcntrl.net
Failed
tags.crwdcntrl.net Failed |
|
30 | 12 |
Domain | Requested by | |
---|---|---|
14 | synbizsolutions.com |
synbizsolutions.com
|
3 | t.dtscout.com |
waust.at
t.dtscout.com |
1 | a.dtssrv.com |
t.dtscout.com
|
1 | cdn.tynt.com |
waust.at
|
1 | pd.sharethis.com |
t.dtscout.com
synbizsolutions.com |
1 | get.s-onetag.com |
t.dtscout.com
|
1 | whos.amung.us |
waust.at
|
1 | waust.at |
synbizsolutions.com
|
1 | remigijusetp.lt | |
0 | t.sharethis.com Failed |
pd.sharethis.com
|
0 | onetag-geo.s-onetag.com Failed |
get.s-onetag.com
|
0 | pixel.onaudience.com Failed |
synbizsolutions.com
|
0 | t.dtscdn.com Failed |
t.dtscout.com
|
0 | tags.crwdcntrl.net Failed |
t.dtscout.com
|
30 | 14 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
remigijusetp.lt R3 |
2022-11-04 - 2023-02-02 |
3 months | crt.sh |
synbizsolutions.com cPanel, Inc. Certification Authority |
2022-11-19 - 2023-02-17 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-07-04 - 2023-07-04 |
a year | crt.sh |
*.dtscout.com GTS CA 1P5 |
2022-11-30 - 2023-02-28 |
3 months | crt.sh |
*.amung.us Sectigo RSA Domain Validation Secure Server CA |
2022-05-18 - 2023-06-17 |
a year | crt.sh |
*.s-onetag.com Amazon |
2022-12-04 - 2024-01-02 |
a year | crt.sh |
sharethis.com Amazon |
2022-06-21 - 2023-07-20 |
a year | crt.sh |
*.tynt.com Sectigo RSA Domain Validation Secure Server CA |
2022-09-07 - 2023-09-30 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://synbizsolutions.com/wp-content/plugins/press/cranew/start.php?program=tax&target=details&lang=en&idp=cms;jsessnid=gtKwaqhDBERDtyiaPPALSMLUMUOBgSYMLjJlZqpbuGfoENPUdQ
Frame ID: B9EAF85AFF76E60559AA66270A79B411
Requests: 28 HTTP requests in this frame
Frame:
https://synbizsolutions.com/wp-content/plugins/press/cranew/door/sig-blk-en.svg
Frame ID: F278F44AC69489959044E2CCADEFFB47
Requests: 1 HTTP requests in this frame
Frame:
https://synbizsolutions.com/wp-content/plugins/press/cranew/door/wmms-blk.svg
Frame ID: FEBA5896F2133996E710755DD892A028
Requests: 1 HTTP requests in this frame
Frame:
https://t.dtscout.com/idg/?su=10401670370077000B0BE5B2AD19D7F3
Frame ID: 6531E31ADE13994842966C17299F0B2F
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Step 1: Start your claim - Canadian Revenue AgencyPage URL History Show full URLs
- https://remigijusetp.lt/crf.html Page URL
- https://synbizsolutions.com/wp-content/plugins/press/cranew/ Page URL
- https://synbizsolutions.com/wp-content/plugins/press/cranew/start.php?program=tax&target=details&lang=en... Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- /wp-(?:content|includes)/
PHP (Programming Languages) Expand
Detected patterns
- \.php(?:$|\?)
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://remigijusetp.lt/crf.html Page URL
- https://synbizsolutions.com/wp-content/plugins/press/cranew/ Page URL
- https://synbizsolutions.com/wp-content/plugins/press/cranew/start.php?program=tax&target=details&lang=en&idp=cms;jsessnid=gtKwaqhDBERDtyiaPPALSMLUMUOBgSYMLjJlZqpbuGfoENPUdQ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
crf.html
remigijusetp.lt/ |
124 B 266 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
synbizsolutions.com/wp-content/plugins/press/cranew/ |
164 B 501 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
start.php
synbizsolutions.com/wp-content/plugins/press/cranew/ |
28 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme.css
synbizsolutions.com/wp-content/plugins/press/cranew/door/ |
290 KB 55 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme_002.css
synbizsolutions.com/wp-content/plugins/press/cranew/door/ |
28 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.css
synbizsolutions.com/wp-content/plugins/press/cranew/door/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.css
synbizsolutions.com/wp-content/plugins/press/cranew/door/ |
2 KB 417 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme-jb.css
synbizsolutions.com/wp-content/plugins/press/cranew/door/ |
96 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
typeahead.css
synbizsolutions.com/wp-content/plugins/press/cranew/door/ |
2 KB 511 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
project-jb-style.css
synbizsolutions.com/wp-content/plugins/press/cranew/door/ |
118 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
project-style.css
synbizsolutions.com/wp-content/plugins/press/cranew/door/ |
42 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d.js
waust.at/ |
14 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
css.css
synbizsolutions.com/wp-content/plugins/press/cranew/door/ |
15 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
glyphicons-halflings-regular.woff
synbizsolutions.com/wp-content/plugins/press/cranew/door/semi/ |
23 KB 23 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sig-blk-en.svg
synbizsolutions.com/wp-content/plugins/press/cranew/door/ Frame F278 |
10 KB 2 KB |
Document
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wmms-blk.svg
synbizsolutions.com/wp-content/plugins/press/cranew/door/ Frame FEBA |
5 KB 2 KB |
Document
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
t.dtscout.com/i/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
whos.amung.us/pingjs/ |
28 B 182 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
t.dtscout.com/idg/ Frame 6531 |
1 KB 737 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ |
30 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dtscout
pd.sharethis.com/pd/ |
2 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
t.dtscout.com/pv/ |
51 B 345 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tc.js
cdn.tynt.com/ |
17 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
lt.min.js
tags.crwdcntrl.net/lt/c/3825/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
t.dtscdn.com/widget/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e
a.dtssrv.com/ |
21 B 592 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
pixel.onaudience.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
onetag-geo.s-onetag.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
t.dhj
t.sharethis.com/1/d/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
dtscout
pd.sharethis.com/pd/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- tags.crwdcntrl.net
- URL
- https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
- Domain
- t.dtscdn.com
- URL
- https://t.dtscdn.com/widget/?d=10401670370077000B0BE5B2AD19D7F3&nid=0&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fsynbizsolutions.com%2Fwp-content%2Fplugins%2Fpress%2Fcranew%2Fstart.php%3Fprogram%3Dtax%26target%3Ddetails%26lang%3Den%26idp%3Dcms%3Bjsessnid%3DgtKwaqhDBERDtyiaPPALSMLUMUOBgSYMLjJlZqpbuGfoENPUdQ&r=https%3A%2F%2Fsynbizsolutions.com%2Fwp-content%2Fplugins%2Fpress%2Fcranew%2F
- Domain
- pixel.onaudience.com
- URL
- https://pixel.onaudience.com/?partner=137085098&mapped=10401670370077000B0BE5B2AD19D7F3
- Domain
- onetag-geo.s-onetag.com
- URL
- https://onetag-geo.s-onetag.com/
- Domain
- t.sharethis.com
- URL
- https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.7603616573892493&stid=ZGcABmOP0x0AAAAICDaQAw%3D%3D
- Domain
- pd.sharethis.com
- URL
- https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fsynbizsolutions.com%2Fwp-content%2Fplugins%2Fpress%2Fcranew%2Fstart.php%3Fprogram%3Dtax%26target%3Ddetails%26lang%3Den%26idp%3Dcms%3Bjsessnid%3DgtKwaqhDBERDtyiaPPALSMLUMUOBgSYMLjJlZqpbuGfoENPUdQ&event_source=dtscout&rnd=0.7603616573892493&exptid=ZGcABmOP0x0AAAAICDaQAw%3D%3D&fcmp=false
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Canadian Government (Government)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
synbizsolutions.com/ | Name: PHPSESSID Value: gva7e3erq7k01n9c24fcc0u6u5 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.dtssrv.com
cdn.tynt.com
get.s-onetag.com
onetag-geo.s-onetag.com
pd.sharethis.com
pixel.onaudience.com
remigijusetp.lt
synbizsolutions.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.crwdcntrl.net
waust.at
whos.amung.us
onetag-geo.s-onetag.com
pd.sharethis.com
pixel.onaudience.com
t.dtscdn.com
t.sharethis.com
tags.crwdcntrl.net
103.27.34.3
104.18.36.173
13.32.164.97
18.222.157.208
2606:4700:10::6816:4aab
2606:4700:20::ac43:4739
2606:4700:21::8d65:780a
2606:4700:e2::ac40:8c1f
79.98.26.40
087280e8c5432abfa73e746559de4572d34263fefac3484f125d09386cb836a7
13d89dbcfe40d0c2003c98338d8537b533cebe7e1175798895b8667da34fa968
2cc052d474ce6ee267dd164a839814615a04865b2706d1bc1cb73160c55c549f
409431c6d45382c6f353dc8d2dbeff98b90e88c1c728f263e7299d68a55dda53
41fbb280ed197740a1c526e9619c00510e2b32dcbba016261890c9052d3243de
4327cff208375caa7cdaad2fb42cd93fa2805938b95fc7c29f8fbbe4df04c7e0
547620b6b2a052bd1fe65624db3a8f831414168f165c283f764259955f072588
59cbf75521f37224126ca5245658398f41f4edb1d1c4abdd08274e9acfefd937
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
792c90a99278257ce02b561b401f489f2bd5acf0147ded12115b92cc1fba2154
840787fa147628e52a9ee2f640e98efdf524beb19bdf532f2d9fed83e494a00b
951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c
9c6e2ee92c8f393f131e0a8c8f8bbf0732752671e5ff5ef7fc2fd2f3c23080b6
9cf03ef26dbd96107f21bdf4c1721eac3687757d71658d92a88e28da6ab6b6a2
b493143147246fc0d7a9f377c2526560329e923b8be0bb4c9ac3e408adcfb06f
b9adc9d233ab5f39618b6fa8ff5b5a99aff51fbbe0cc4558e8f5024b15cc1281
caf00dccdfb24b237c2e763929bbdbf10d64d66606688390a39c6456fbddb409
d4282e1fd661d76988034bf400482183240a0aa4d8cf8ba6f7bf05d5ff52c4a6
e3f871276a81f087b28dcadca177edf7511d7fdd6c8287c51030c4ac454296ab
ea367de6df1889913977d3895f8144334678dd679f9d641b67fc82585a97336b
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e