timestatetech.com
Open in
urlscan Pro
91.214.114.10
Malicious Activity!
Public Scan
Submission: On April 01 via api from CA
Summary
This is the only time timestatetech.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Sparkasse (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 91.214.114.10 91.214.114.10 | 24703 (UN-UKRAIN...) (UN-UKRAINE-AS Kiev) | |
1 | 213.150.6.28 213.150.6.28 | 12895 (IT-AUSTRI...) (IT-AUSTRIA Vienna) | |
20 | 3 |
ASN24703 (UN-UKRAINE-AS Kiev, Ukraine, UA)
PTR: 10.114.214.91.ukrdc.net
timestatetech.com |
ASN12895 (IT-AUSTRIA Vienna, Austria, AT)
PTR: login.sparkasse.at
login.sparkasse.at |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
timestatetech.com
timestatetech.com |
1 MB |
1 |
sparkasse.at
login.sparkasse.at |
378 B |
0 |
webtrekk.net
Failed
erstegroup01.webtrekk.net Failed |
|
20 | 3 |
Domain | Requested by | |
---|---|---|
16 | timestatetech.com |
timestatetech.com
|
1 | login.sparkasse.at |
timestatetech.com
|
0 | erstegroup01.webtrekk.net Failed | |
20 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
login.sparkasse.at |
www.sparkasse.at |
Subject Issuer | Validity | Valid | |
---|---|---|---|
login.sparkasse.at DigiCert SHA2 Extended Validation Server CA |
2019-05-13 - 2020-05-20 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://timestatetech.com/Erste%20Bank%20und%20Sparkassen%20Login.html
Frame ID: 6E0345AD023194E8CEE10B38C771CB3D
Requests: 24 HTTP requests in this frame
8 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Impressum
Search URL Search Domain Scan URL
Title: Datenschutz
Search URL Search Domain Scan URL
Title: Geschäftsbedingungen
Search URL Search Domain Scan URL
Title: Service & Kontakt
Search URL Search Domain Scan URL
Title: App statt SMS - s Identity: Die neue Freigabemethode.
Search URL Search Domain Scan URL
Title: Sie nutzen s Identity und brauchen einen neuen Aktivierungscode?
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Erste%20Bank%20und%20Sparkassen%20Login.html
timestatetech.com/ |
165 KB 165 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MrzQfuEGGBFphCI.css
timestatetech.com/Erste%20Bank%20und%20Sparkassen%20Login_files/ |
159 B 400 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lib.css
timestatetech.com/Erste%20Bank%20und%20Sparkassen%20Login_files/ |
92 KB 92 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
7374732f6f617574682f617574686f72697a65.js
timestatetech.com/Erste%20Bank%20und%20Sparkassen%20Login_files/ |
31 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0819247478ab18000e55cbdd47992544f62637dc5b24e53c9733997a482a2.js
timestatetech.com/Erste%20Bank%20und%20Sparkassen%20Login_files/ |
737 KB 738 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Doppel-Logo_o_Claim.svg
timestatetech.com/Erste%20Bank%20und%20Sparkassen%20Login_files/ |
6 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
George-symbol.svg
timestatetech.com/Erste%20Bank%20und%20Sparkassen%20Login_files/ |
915 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bankcard.gif
timestatetech.com/Erste%20Bank%20und%20Sparkassen%20Login_files/ |
49 KB 49 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
webtrekk_v4.js
timestatetech.com/Erste%20Bank%20und%20Sparkassen%20Login_files/ |
48 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1z87wC3bGvE0.gif
timestatetech.com/Erste%20Bank%20und%20Sparkassen%20Login_files/ |
43 B 283 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
68 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
900 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
erstewf-bold-webfont.woff
timestatetech.com/Erste%20Bank%20und%20Sparkassen%20Login_files/DST_ErsteWeb/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
erstewf-book-webfont.woff
timestatetech.com/Erste%20Bank%20und%20Sparkassen%20Login_files/DST_ErsteWeb/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Doppel-Logo_o_Claim.svg
timestatetech.com/sts/images/logos/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
erstewf-book-webfont.ttf
timestatetech.com/Erste%20Bank%20und%20Sparkassen%20Login_files/DST_ErsteWeb/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
erstewf-bold-webfont.ttf
timestatetech.com/Erste%20Bank%20und%20Sparkassen%20Login_files/DST_ErsteWeb/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
login.sparkasse.at/05ylY8/ |
43 B 378 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tupXlcVhOVYnZJqPT.html
timestatetech.com/ |
315 B 515 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS |
/
login.sparkasse.at/05ylY8/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
wt
erstegroup01.webtrekk.net/483115921051253/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS |
/
login.sparkasse.at/05ylY8/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- login.sparkasse.at
- URL
- https://login.sparkasse.at/05ylY8/
- Domain
- erstegroup01.webtrekk.net
- URL
- http://erstegroup01.webtrekk.net/483115921051253/wt?p=405,login_sparkasse_at.sts.web-inf.standardlogin_jsp,1,1600x1200,24,1,1585778775622,0,1600x1200,0&tz=2&eid=2158577877500790816&one=1&fns=0&la=en&cg1=login.sparkasse.at&cg2=de&cg9=at&cg10=0009&cp1=Anmeldung%20-%20Erste%20Bank%20und%20Sparkassen&fvc=202004020006&lvc=202004020006&pu=http%3A%2F%2Ftimestatetech.com%2FErste%2520Bank%2520und%2520Sparkassen%2520Login.html&np=&eor=1
- Domain
- login.sparkasse.at
- URL
- https://login.sparkasse.at/05ylY8/
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Sparkasse (Banking)52 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| keepalive function| setupKeepaliveInterval number| FLIP_ICON_HEIGHT undefined| myWindow function| sumNumbers function| doRwd function| removeEmptyIEAlertPadding function| calcCol2Height function| calcVisibleWhiteboxHeight function| centerpage function| confirmmsg function| windowtracker function| $ function| jQuery object| reWhiteSpace function| Utf8Encode function| htmlToJsConversion function| nbalert function| setFldFocus function| isWhiteSpace function| isEmpty function| doDisableSpecifiedForm function| doSubmitAndDisable function| jsxEncrypt function| encodeToHex object| STS function| setFocus function| displayError function| checkUser function| submitCredentials function| submitCancelLoginForm undefined| ie9rgb4 boolean| tSN string| anti_fraud object| JS function| oldscrollTo boolean| bLauNCTx boolean| Tpimob function| qmqKZQxFma object| webtrekkConfig object| webtrekkUnloadObjects object| webtrekkLinktrackObjects object| webtrekkHeatmapObjects function| webtrekkV3 undefined| wts undefined| wt_safetagConfig object| pageConfig object| wt string| KYKi91 string| htmlPart0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
erstegroup01.webtrekk.net
login.sparkasse.at
timestatetech.com
erstegroup01.webtrekk.net
login.sparkasse.at
213.150.6.28
91.214.114.10
04cf169a10f64a9ce6b5650e37e047651690b18b238e1f431636aa292d6fb600
23a6326c310bdc4bb4522f4111606108d3d0d23b41fd267d15b33fba2fdd5f41
2be619cc5beea0741f128be0d78e61032b2bf67c60dce137842ef05f8a9a3879
2ef681aee9a74dbdb418977f24a8b0c06e8af55f5331df472fce382249f5a161
31ec71bfaf80ada336aad30af2ef7fed91679ede4687aa4d3d8b926a01c9deea
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
48c24fd8fb19b02949a64918eb768e58dbe70210ad7de1f7f78dfc0052dfde82
5e56ac9805ee0270342fd50f0d7fc556dea7c578ef397fc1659f3e231ac14afa
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
ac46b34d79ab1942b00cfcf903cf75e0e2ed9f354ed493a2cf7d5fa0d85c569b
b0f484443bd01c61cebbfb1c3abe4a253e3a0c314150025521712fefc3284224
b8bb52fdbcbdc0b034daee432a3eb2f3232cb0ba16a3eb527bae55cdbc4aaa96
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e14dac0cc8ebcbaf8e481b9ac984fe6c019a8fa149118607249ba088cd6c9a1d
fcefa276f4f9af1acd48ef626f2c53be9990253a7498d22bae50689baa834af7