ld34konta-ridice-gov-cz.eu
Open in
urlscan Pro
2a06:6440:0:2d2c::1
Malicious Activity!
Public Scan
Submission Tags: @phish_report
Submission: On September 25 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by R11 on September 25th 2024. Valid for: 3 months.
This is the only time ld34konta-ridice-gov-cz.eu was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Fio Banka (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 2a06:6440:0:2... 2a06:6440:0:2d2c::1 | 200000 (UKRAINE-AS) (UKRAINE-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 92.38.6.13 92.38.6.13 | 44546 (ALFATELEC...) (ALFATELECOM-AS) | |
15 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
ld34konta-ridice-gov-cz.eu
ld34konta-ridice-gov-cz.eu |
446 KB |
1 |
fio.cz
ib.fio.cz |
2 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 454 |
30 KB |
15 | 3 |
Domain | Requested by | |
---|---|---|
13 | ld34konta-ridice-gov-cz.eu |
ld34konta-ridice-gov-cz.eu
|
1 | ib.fio.cz | |
1 | ajax.googleapis.com |
ld34konta-ridice-gov-cz.eu
|
15 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.ld34konta-ridice-gov-cz.eu R11 |
2024-09-25 - 2024-12-24 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-08-26 - 2024-11-18 |
3 months | crt.sh |
www.fio.cz GeoTrust EV RSA CA G2 |
2024-04-25 - 2025-05-26 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://ld34konta-ridice-gov-cz.eu/fio/
Frame ID: 1FF28FA7D2A19B3B1AE73CE7F4F61AA7
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
Fio bankaDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
ld34konta-ridice-gov-cz.eu/fio/ |
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bs_select.min-ver-48D31BCCE684C3E8012F27479890B2BD.css
ld34konta-ridice-gov-cz.eu/fio/index_files/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui-1.10.3.min-ver-731ACB920C9707A160221C521B92C583.css
ld34konta-ridice-gov-cz.eu/fio/index_files/ |
20 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap_331.min-ver-3AB3438F85AD9F9E27E1AF1FACF0A9C4.css
ld34konta-ridice-gov-cz.eu/fio/index_files/ |
111 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap_331.min-ver-2616D3564578D8F845813483352802A9.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
ld34konta-ridice-gov-cz.eu/fio/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
keyboard-ver-010269CDA913A412C9FA5EA0B447728B.css
ld34konta-ridice-gov-cz.eu/fio/index_files/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome_4.min-ver-269550530CC127B6AA5A35925A7DE6CE.css
ld34konta-ridice-gov-cz.eu/fio/index_files/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style-ver-FF3BC999B0D4F289EF24383874389488.css
ld34konta-ridice-gov-cz.eu/fio/index_files/ |
68 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_fio-ver-894B2A39F77CABA34D70A4AC4C0FE0B6.png
ld34konta-ridice-gov-cz.eu/fio/index_files/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
00.jpg
ld34konta-ridice-gov-cz.eu/fio/img/ |
112 KB 113 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
000.png
ld34konta-ridice-gov-cz.eu/fio/img/ |
251 KB 251 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
01.jpg
ld34konta-ridice-gov-cz.eu/fio/img/ |
21 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.maskedinput.min.js
ld34konta-ridice-gov-cz.eu/fio/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon-ver-BED52CBBA61C3C2EFBCD2A3F722B3146.ico
ib.fio.cz/platba/wicket/resource/cz.fio.ib2.common.wicket.web.layout.image.FioImage/png/ |
1 KB 2 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Fio Banka (Banking)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
ib.fio.cz
ld34konta-ridice-gov-cz.eu
2a00:1450:4001:80b::200a
2a06:6440:0:2d2c::1
92.38.6.13
0aca050a4591f115a630de050baa9c53e85f33973165ffa8c1628e7cbd4d7956
29a15ce48cec440f2745da88f96e6e59174cab6127d9f26e981bda384b8676a0
2f034ea1dd7b3dc9cbf90e63295942a2531db3b009f4ec8abb8aeec6c2e3767b
3edb8f4818e5cc987fdcb63445ac1e6a20d8a9321603f8b73ae485869d48cb7e
58c5fb14d40e03a30b242153b35222ef2c66912229fe98e3bad88afd8bb4aa37
5d04b9e9a218b57ba9cc1d763efa548b2fcd2658e8b16c50b12dd7bc7db5308a
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
98bdaa04d68966160bd6a9b1bec5702249b072684183413536bdcc5b3f7e5777
d21fda51272532f76104d4565f07226a96f9c9ede65b1d0bb15427bc668630f1
e5c7317eb8faab139b5d5187e67d957043cfea7e779a38223f61d3242cf900e4
e7289ebfc5f87ab56a5e04c5b4cd47ca491fe93fc6178c5524100907fb7f48b2
f66e97fd6c6f3c2e5c21877e138891c2e808d19898d6720fcf90aa1ae6beb129
fef6feb74fe0e975fd7fef220538e0d892ab87ba5ed00eb3d11dc52ef370d980