envirochem.com.pl
Open in
urlscan Pro
77.55.252.16
Malicious Activity!
Public Scan
Submission: On March 15 via manual from CR — Scanned from DE
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 19th 2022. Valid for: 3 months.
This is the only time envirochem.com.pl was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banco Nacional (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 77.55.252.16 77.55.252.16 | 15967 (NAZWA) (NAZWA) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::200a | 15169 (GOOGLE) (GOOGLE) | |
13 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
envirochem.com.pl
envirochem.com.pl |
194 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35 |
1 KB |
13 | 2 |
Domain | Requested by | |
---|---|---|
12 | envirochem.com.pl |
envirochem.com.pl
|
1 | fonts.googleapis.com |
envirochem.com.pl
|
13 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
envirochem.com.pl cPanel, Inc. Certification Authority |
2022-02-19 - 2022-05-20 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-02-17 - 2022-05-12 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://envirochem.com.pl/bncr/
Frame ID: 8CCE8D0792F184738EB73295000A3B8D
Requests: 13 HTTP requests in this frame
Screenshot
Detected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
envirochem.com.pl/bncr/ |
2 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Untitled1.css
envirochem.com.pl/bncr/css/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.css
envirochem.com.pl/bncr/css/ |
5 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s-logo.png
envirochem.com.pl/bncr/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nav-li.png
envirochem.com.pl/bncr/images/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
frma.png
envirochem.com.pl/bncr/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ftimg01.svg
envirochem.com.pl/bncr/images/ |
26 KB 26 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ftimg02.svg
envirochem.com.pl/bncr/images/ |
18 KB 18 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
frm02.svg
envirochem.com.pl/bncr/images/ |
15 KB 16 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scrp.js
envirochem.com.pl/bncr/js/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-img.jpg
envirochem.com.pl/bncr/images/ |
83 KB 84 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
frm01.svg
envirochem.com.pl/bncr/images/ |
26 KB 26 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banco Nacional (Banking)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored function| ldc1 function| ldc21 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
envirochem.com.pl/ | Name: PHPSESSID Value: umpv3qoh507ohgaqk4g3fbv8k6 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubdomains; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
envirochem.com.pl
fonts.googleapis.com
2a00:1450:4001:830::200a
77.55.252.16
0b4e7878ba59f5bb3fd33d95a2888c70afda673068daf8f60e94cf43c3214ef2
1562282ff45361e8442ffa1ef7a466d88952c1d8b6a6c83a37b5dd214ebcab19
2acf2baa1f6409f390bcf43d7b36404bb878d33e330a54b2af6a5a3defd47a22
2e4ecfa7866203cf7f8f705c2c9fffa8cdeb3b11bea0cae4399f6bc974b07b6f
338bde6e1a395c3183116793210cc943ae13aa0c98646319f4be8a29832cebb3
3418b63d522f3f45f2fcec01477d78db0923183b4ea92162839ba7549d965eae
52691c4f90034c90a93cb95cf2c62e8bfee3f2da454e5ad4195b89db97dfe446
6e52d0997bda3bdcfe3a458f6f3c7ad31b5ac830d277e2df3c79036ebd70a9bb
73a61b82e13de3fe0bb1b61d29fbeb0accb88184697d7723ef110deda2b034a3
77770cc742b8105fb1e487f9b858e4c7554daf947196a8a12f336bd702564339
a11306b40a20c1d8d40e2746d1ee259b7556c00bcbc719e5e1065f02b7cc427c
a25ba1b157ec936592d10b603b83173744a279f8be236e4dc3f25aab9fbbd452
b405dd644db23c801cb19d3890733ad22055c67526e55bc719ae12e38cddd000