acs.seiomnsaocno.com Open in urlscan Pro
104.21.47.155  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
11 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response acs.seiomnsaocno.com/account/login/	517 B 881 B	427ms 375ms	Document text/html	104.21.47.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://acs.seiomnsaocno.com/account/login/?sins=5332654548898456450000154654897999865445652320123&emainsx=OPSIAC12354655/account/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.47.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e75328d6933c2a3491de009c90102a91049d6e7ca600fed5538b68a3394e1fea Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Tue, 02 Nov 2021 06:53:38 GMT content-type text/html; charset=utf-8 x-frame-options DENY x-content-type-options nosniff referrer-policy same-origin cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUVOHuuo5NBLn63u0%2F5QrgDJHaz%2BTudS3MBuvsjQ2ICh%2BYXN3W1ftmXml1jez23RN2HY%2BKY8oLw479PhbOGs6Lg7W6iTehO91EuOzRv81ujQhmvg99z0EW9mrr8hLpaaGp9RHV%2FEUA%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6a7b726bb941410e-PRG content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	404	iframeResizer.min.js acs.seiomnsaocno.com/static/	0 0	245ms 244ms	Script text/html	104.21.47.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://acs.seiomnsaocno.com/static/iframeResizer.min.js Requested by Host: acs.seiomnsaocno.com URL: https://acs.seiomnsaocno.com/account/login/?sins=5332654548898456450000154654897999865445652320123&emainsx=OPSIAC12354655/account/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.47.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://acs.seiomnsaocno.com/account/login/?sins=5332654548898456450000154654897999865445652320123&emainsx=OPSIAC12354655/account/login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 02 Nov 2021 06:53:39 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xue0tD4j1bFAufmgkVLsG8giPyVz2QFMSO6x4IA1kI48RYtP%2FAxLSwPEGRaIKYMMrnrjQ90WMrdSkE2xH%2FceuCITMLWJf6E5hNuZHVa8YM1TAxgOg1aRWEr7EhkwmwfA0pS9GbiOYA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 6a7b726e3cac410e-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	404	main.js acs.seiomnsaocno.com/static/	0 0	243ms 243ms	Script text/html	104.21.47.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://acs.seiomnsaocno.com/static/main.js Requested by Host: acs.seiomnsaocno.com URL: https://acs.seiomnsaocno.com/account/login/?sins=5332654548898456450000154654897999865445652320123&emainsx=OPSIAC12354655/account/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.47.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://acs.seiomnsaocno.com/account/login/?sins=5332654548898456450000154654897999865445652320123&emainsx=OPSIAC12354655/account/login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 02 Nov 2021 06:53:39 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ANbU2ghdL8djEs8iUPr1DaSW%2FqHKyH7BM8qSLYXjytCAPm%2Bcm%2FCNO%2B%2BHzLW3mJwTv1Jgj13JgVZIsT5mCwgWkVjJODUn1Ts9hF0g7%2BNoTCXzS825djgtoxJEu4fbmTzA%2BTWoJkgAg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 6a7b726e3cae410e-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	/ Show response acs.seiomnsaocno.com/soporte/plataforma/identidad/api/v11/account/login/ Frame DFE3	1 MB 311 KB	139ms 139ms	Document text/html	104.21.47.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://acs.seiomnsaocno.com/soporte/plataforma/identidad/api/v11/account/login/ Requested by Host: acs.seiomnsaocno.com URL: https://acs.seiomnsaocno.com/account/login/?sins=5332654548898456450000154654897999865445652320123&emainsx=OPSIAC12354655/account/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.47.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 50131dfac4c807010f51ad285bb1f7b1a31d0cfe7fb7ab83169c111b8a60c81c Security Headers Name Value X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://acs.seiomnsaocno.com/account/login/?sins=5332654548898456450000154654897999865445652320123&emainsx=OPSIAC12354655/account/login/ Response headers date Tue, 02 Nov 2021 06:53:39 GMT content-type text/html; charset=utf-8 vary Cookie x-content-type-options nosniff referrer-policy same-origin cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skUHsXsFPuNkfHG%2F4aNzYC7kYk05N6OOOXEj%2FNe4RnJ9bp4r5Pc7DvP1ToJs%2BB58kIGN7nCTUScdP70HnoLW5VV82KX6jgjlZa%2Bsf9TDSwXGC0LZv%2BFpO9mVkskGRE%2B1jaFgzKO0TQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6a7b726e3cb0410e-PRG content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	404	main.js acs.seiomnsaocno.com/static/	0 0	20ms 20ms	Script text/html	104.21.47.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://acs.seiomnsaocno.com/static/main.js Requested by Host: acs.seiomnsaocno.com URL: https://acs.seiomnsaocno.com/account/login/?sins=5332654548898456450000154654897999865445652320123&emainsx=OPSIAC12354655/account/login/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.47.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://acs.seiomnsaocno.com/account/login/?sins=5332654548898456450000154654897999865445652320123&emainsx=OPSIAC12354655/account/login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 02 Nov 2021 06:53:39 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2J8JL%2BVgDDcJAx14JlGEjUs7Z2E4NnP%2FweidvShGqKsdQMHLfu5sczF%2BI6N9G5vgI6buz7S%2BhXLt9VWeLD7NxtbZq99na9RLtijR4ox8nO%2BpzpE%2FALextihRzlIvu5%2FS9gCkhAmIlw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 6a7b726fba294119-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET DATA	200 OK	truncated / Frame DFE3	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7d0e419128063fd3d993214f54946694e4ac4e42b76c017aa458e0554ed3cd0a Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame DFE3	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c6877717f9d15962857fb1d0455a92449077e57da14830ea11eea9117704db44 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame DFE3	3 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 26359a128171c70243653389fc47a488829d9073a3e0c091acf6910aca5c6115 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame DFE3	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2a1ae5aabcbf783103edfe7ee2ea39c168ed1c28856497e8951ade5c735e60f4 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame DFE3	881 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a0fec0084aae53a47fc01da23e111adffc897632020c3f019f414831c519f416 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame DFE3	362 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5e7135fb6fcb42788f84e1d82f413667fa2dd82447155753188b1f0f8f76d2e3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame DFE3	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2c90b695073907415c50ad27debaeba90f284ee146247fcc0c7bd73accc79448 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame DFE3	18 KB 18 KB		Font application/font-woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 07d2c8c90ec319c0c06a9a3b38fd0ef3850eeca2fb1cf4e76b7d38ea19f369c4 Request headers Referer Origin https://acs.seiomnsaocno.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type application/font-woff2
GET DATA	200 OK	truncated / Frame DFE3	19 KB 19 KB		Font application/font-woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1a204a10d52fd978f736cba753a8bbe5c69c3b245f96afc8d0c350fc3c580f4c Request headers Referer Origin https://acs.seiomnsaocno.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type application/font-woff2
GET DATA	200 OK	truncated / Frame DFE3	19 KB 19 KB		Font application/font-woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f042f641c6166ce63b11d310f9462a22ba200eaa9a5c8f83f8387f712a0dbb39 Request headers Referer Origin https://acs.seiomnsaocno.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type application/font-woff2
GET DATA	200 OK	truncated / Frame DFE3	19 KB 19 KB		Font application/font-woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8df8cd29b1d1bb0356ddebff3ad5ea86ac3d66e311bd4b8920bef40e908ba0bb Request headers Referer Origin https://acs.seiomnsaocno.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type application/font-woff2

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banca Comercială Română (Banking)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			acs.seiomnsaocno.com/	1970-01-20 07:08:05	Name: csrftoken Value: 3I73jIIqK7a1Htryush1nwTg8MhNWOEsIVA4mDqkg77qSgdVwC3ytayXGs8algxR

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://acs.seiomnsaocno.com/static/main.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://acs.seiomnsaocno.com/static/iframeResizer.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://acs.seiomnsaocno.com/static/main.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acs.seiomnsaocno.com
104.21.47.155
07d2c8c90ec319c0c06a9a3b38fd0ef3850eeca2fb1cf4e76b7d38ea19f369c4
1a204a10d52fd978f736cba753a8bbe5c69c3b245f96afc8d0c350fc3c580f4c
26359a128171c70243653389fc47a488829d9073a3e0c091acf6910aca5c6115
2a1ae5aabcbf783103edfe7ee2ea39c168ed1c28856497e8951ade5c735e60f4
2c90b695073907415c50ad27debaeba90f284ee146247fcc0c7bd73accc79448
50131dfac4c807010f51ad285bb1f7b1a31d0cfe7fb7ab83169c111b8a60c81c
5e7135fb6fcb42788f84e1d82f413667fa2dd82447155753188b1f0f8f76d2e3
7d0e419128063fd3d993214f54946694e4ac4e42b76c017aa458e0554ed3cd0a
8df8cd29b1d1bb0356ddebff3ad5ea86ac3d66e311bd4b8920bef40e908ba0bb
a0fec0084aae53a47fc01da23e111adffc897632020c3f019f414831c519f416
c6877717f9d15962857fb1d0455a92449077e57da14830ea11eea9117704db44
e75328d6933c2a3491de009c90102a91049d6e7ca600fed5538b68a3394e1fea
f042f641c6166ce63b11d310f9462a22ba200eaa9a5c8f83f8387f712a0dbb39