ibfio.czauth.com
Open in
urlscan Pro
181.215.79.185
Malicious Activity!
Public Scan
Submission: On December 12 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on December 12th 2022. Valid for: 3 months.
This is the only time ibfio.czauth.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Fio Banka (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
24 | 181.215.79.185 181.215.79.185 | 47583 (AS-HOSTINGER) (AS-HOSTINGER) | |
1 | 92.38.6.11 92.38.6.11 | 44546 (ALFATELECOM) (ALFATELECOM) | |
26 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
czauth.com
ibfio.czauth.com |
686 KB |
1 |
fio.cz
www.fio.cz Failed |
|
26 | 2 |
Domain | Requested by | |
---|---|---|
24 | ibfio.czauth.com |
ibfio.czauth.com
|
1 | www.fio.cz |
ibfio.czauth.com
|
26 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.fio.cz |
www.rmsystem.cz |
www.akcie.cz |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ibfio.czauth.com R3 |
2022-12-12 - 2023-03-12 |
3 months | crt.sh |
www.fio.cz GeoTrust EV RSA CA 2018 |
2022-05-06 - 2023-06-06 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://ibfio.czauth.com/
Frame ID: 4FE09E463385004725CD24732C1F028A
Requests: 25 HTTP requests in this frame
Screenshot
Page Title
Internetové bankovnictví | Fio bankaDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- jquery-ui[.-]([\d.]*\d)[^/]*\.js
- jquery-ui.*\.js
Page Statistics
11 Outgoing links
These are links going to different origins than the main page.
Title: Nemusíte čekat ve frontách na úřadech, z domova si můžete sami zjistit třeba stav bodového konta řidiče nebo požádat o řidičský průkaz. Přesvědčte se, jak je to snadné.
Search URL Search Domain Scan URL
Title: Při přihlašování by v políčku s internetovou adresou mělo být https://ib.fio.cz/ib/login a pod ikonou zámečku byste vždy měli najít certifikát dokládající, že jste na webu Fio banky.
Search URL Search Domain Scan URL
Title: napište nám
Search URL Search Domain Scan URL
Title: seznam
Search URL Search Domain Scan URL
Title: Desatero bezpečného používání Internetbankingu
Search URL Search Domain Scan URL
Title: Ceníky a sazebníky
Search URL Search Domain Scan URL
Title: Technická podpora, manuály
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Právní prohlášení
Search URL Search Domain Scan URL
Title: RM-SYSTÉM
Search URL Search Domain Scan URL
Title: AKCIE.CZ
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
ibfio.czauth.com/ |
35 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-2.1.1.min-ver-E40EC2161FE7993196F23C8A07346306.js
ibfio.czauth.com/ib/fio/resource/cz.fio.ib2.common.wicket.web.layout.jquery.JQuery/js/ |
82 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wicket-ajax-jquery-ver-6C3579C63E0C4EBFA954D232A7F1B943.js
ibfio.czauth.com/ib/fio/resource/org.apache.wicket.ajax.AbstractDefaultAjaxBehavior/res/js/ |
27 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui-1.10.3.min-ver-EC5989164B6776F16D8586D0E8CE0FAC.js
ibfio.czauth.com/ib/fio/resource/cz.fio.ib2.common.wicket.web.layout.jqueryUI.JQueryUI/ |
140 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui-1.10.3.min-ver-731ACB920C9707A160221C521B92C583.css
ibfio.czauth.com/ib/fio/resource/cz.fio.ib2.common.wicket.web.layout.jqueryUI.JQueryUI/ |
20 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap_331.min-ver-3AB3438F85AD9F9E27E1AF1FACF0A9C4.css
ibfio.czauth.com/ib/fio/resource/cz.fio.ib2.common.wicket.web.layout.bootstrap.Bootstrap/css/ |
111 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap_331.min-ver-2616D3564578D8F845813483352802A9.js
ibfio.czauth.com/ib/fio/resource/cz.fio.ib2.common.wicket.web.layout.bootstrap.Bootstrap/js/ |
35 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
keyboard-ver-010269CDA913A412C9FA5EA0B447728B.css
ibfio.czauth.com/ib/fio/resource/cz.fio.ib2.common.wicket.web.component.virtual_keyboard.VirtualKeyboard/ |
1 KB 711 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bs_select.min-ver-48D31BCCE684C3E8012F27479890B2BD.css
ibfio.czauth.com/ib/fio/resource/cz.fio.ib2.common.wicket.web.layout.bootstrapSelect.BsSelect/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bs_select.min-ver-C1B87DE9A72651219420FD1AD8A917E5.js
ibfio.czauth.com/ib/fio/resource/cz.fio.ib2.common.wicket.web.layout.bootstrapSelect.BsSelect/js/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome_4.min-ver-269550530CC127B6AA5A35925A7DE6CE.css
ibfio.czauth.com/ib/fio/resource/cz.fio.ib2.common.wicket.web.layout.fontawesome.FontAwesome/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
defaultJsFunctions-ver-9E9CA8D2CC0C8564BE7215594E80225E.js
ibfio.czauth.com/ib/fio/resource/cz.fio.ib2.web.js.scripts.Scripts/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
defaultLocalizedJsFunctions-ver-B7988DA714EE0C935177B500A92B1537.js
ibfio.czauth.com/ib/fio/resource/cz.fio.ib2.web.js.scripts.Scripts/ |
414 B 642 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
typeahead.min-ver-D223EF84ECB16144225340B5E227D67A.js
ibfio.czauth.com/ib/fio/resource/cz.fio.ib2.web.layout.StandardPage/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style-ver-3E1DEA72E728B4FA6F9374384DD8178A.css
ibfio.czauth.com/ib/fio/resource/cz.fio.ib2.web.layout.BasePage/ |
69 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_fio-ver-894B2A39F77CABA34D70A4AC4C0FE0B6.png
ibfio.czauth.com/ib/fio/resource/cz.fio.ib2.common.wicket.web.layout.image.FioImage/png/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
457x125_Fio_bankovni_identita_ridicak_v4.png
ibfio.czauth.com/ib_pict/ |
140 KB 140 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1140x150_Fio_bankovni_identita_Ridicak.png
ibfio.czauth.com/ib_pict/ |
212 KB 213 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
print-ver-98E7EA0529EA6D60F27CD68E8A462E77.css
ibfio.czauth.com/ib/fio/resource/cz.fio.ib2.web.layout.BasePage/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont3e6e.html
ibfio.czauth.com/ib/fio/resource/cz.fio.ib2.common.wicket.web.layout.fontawesome.FontAwesome/fonts/ |
136 KB 63 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont3e6e.woff
ibfio.czauth.com/ib/fio/resource/cz.fio.ib2.common.wicket.web.layout.fontawesome.FontAwesome/fonts/ |
96 KB 96 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
logout.html |
ibextapi.cgi
www.fio.cz/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VlajkaCzMala-ver-425A2FE80A90297180F0DCC77B3F66B6.png
ibfio.czauth.com/ib/fio/resource/cz.fio.ib2.common.wicket.web.layout.image.FioImage/png/ |
492 B 700 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VlajkaSkMala-ver-54AA18CD9834A48A7616BB29EA79F102.png
ibfio.czauth.com/ib/fio/resource/cz.fio.ib2.common.wicket.web.layout.image.FioImage/png/ |
495 B 703 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VlajkaGbMala-ver-E4896565595FC22E344FD619C0ED15BB.png
ibfio.czauth.com/ib/fio/resource/cz.fio.ib2.common.wicket.web.layout.image.FioImage/png/ |
707 B 915 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
ibextapi.cgi
www.fio.cz/ |
0 0 |
Preflight
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.fio.cz
- URL
- https://www.fio.cz/ibextapi.cgi
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Fio Banka (Banking)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| $ function| jQuery object| Wicket function| resizeWidgets function| goBack function| resizeWidgetsCallbackFunction object| resizeChartCallbackFunctions function| numberSeparator function| resizeAllResponsiveTable function| setMinimalContentSize object| docCookies function| moneyFormat1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ibfio.czauth.com/ | Name: PHPSESSID Value: kgigidqoervjf1d8kju3jpdram |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15768000; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ibfio.czauth.com
www.fio.cz
www.fio.cz
181.215.79.185
92.38.6.11
2bafa27f943f5e086ad84963b732eca79e42103df7a6cc4d084037febc9781fa
399a321f2bb0a3ceef3d81c3694a30597e373699d5e0d9337df1265815aa4aa5
5909162c02a4a4d0d416ef6c415ef7ac13ce245129596c567cbaaca68aef0d36
5c3d45f53d6b8a38cb793ec94b8a7d0998899af7a2941c45526ec4d40adcc187
60f4d9cb492d4ef98245718903db454c203e8e84c694dc2294e93a7fc4009bb1
6d686a670a9d75c0a217203481a6ff41d8383cf7237d387e8fdd704e746ebe77
821b0cb76cb7e98668728b0e17c8f9a9bf1ea6e864ad33786ff5f092c4c34f64
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
91cded2b91e16fadd367609c46abdfe26cc441e9a0b9ff8d1b709db37a2a1ea6
aa9ceaef02f9f799162f39f52676b76d7527459723ecf7fb492d3f302495abf8
af8e4937abd00aa1221f7fdfce9ee9a5c64ead6a48c1d8960f727e1b40218ef5
b111fc877d145c82079ab929d7477713204b35f10bc19b51b6bcd2e3d754c3a2
b4d51a32d4b78dd543f3795524982d00d0c081ba12d112e1b4360daf49cf1aa0
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
c128b1bc859b3236910c62f01291184d91ec44a91a2f6155f673d2d77eb61e64
c3a4cb8f32ef0cd89e6429d40d1faebd359e02e34d69764052c8402a391e9a00
d672c72b2e5e53b4a95f560d88d40744e318b6963b0b24cd7bf910e8565244ec
e87df7af2736769ae5a182fc99cffd6222c8a12ce2705949410d3f9d6753f75a
f6e1d11e6e624a4fd085dbaeff86aa71d7adb008c2c37c3d0675a34511cb1c0b
f85095798419c5c46708ca8385355f32faf4129b217042168848f8d34e756181
f8b277e001f803f670c680188638df38453e57bac727b8ac80afee720fc07be4
f971b901aeb9e55b07d472afee09bd5ae05159e1119dbd16d993e473565e7fc0
fedcd5acc68e4ad4e9287f3c26f33ec3be01ce15ec69ff24657723b39af33f84
fef6feb74fe0e975fd7fef220538e0d892ab87ba5ed00eb3d11dc52ef370d980