dskdireonline-bg.com
Open in
urlscan Pro
3.24.40.204
Malicious Activity!
Public Scan
Submission Tags: 6564325
Submission: On May 13 via api from NL
Summary
This is the only time dskdireonline-bg.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DSK Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
21 | 3.24.40.204 3.24.40.204 | 16509 (AMAZON-02) (AMAZON-02) | |
21 | 1 |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-24-40-204.ap-southeast-2.compute.amazonaws.com
dskdireonline-bg.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
dskdireonline-bg.com
dskdireonline-bg.com |
2 MB |
21 | 1 |
Domain | Requested by | |
---|---|---|
21 | dskdireonline-bg.com |
dskdireonline-bg.com
|
21 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://dskdireonline-bg.com/default/=BG/file/sAuth/bg/5239e/logon.php?dd9e5de77974e651b07230bbfc49697333ea5f54
Frame ID: C3F0157CD736F992A15006C2274ECB8B
Requests: 21 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
logon.php
dskdireonline-bg.com/default/=BG/file/sAuth/bg/5239e/ |
18 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.direct.2018.css
dskdireonline-bg.com/default/=BG/file/sAuth/bg/5239e/index_files/ |
844 KB 844 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js.js
dskdireonline-bg.com/default/=BG/file/sAuth/bg/5239e/index_files/ |
69 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Direct.bg.svg
dskdireonline-bg.com/default/=BG/file/sAuth/bg/5239e/index_files/ |
10 KB 10 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DSK_Security_1104x74.jpg
dskdireonline-bg.com/default/=BG/file/sAuth/bg/5239e/index_files/ |
32 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
potrebitelski_kredit_dskbank.jpg
dskdireonline-bg.com/default/=BG/file/sAuth/bg/5239e/index_files/ |
107 KB 108 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getseal.gif
dskdireonline-bg.com/default/=BG/file/sAuth/bg/5239e/index_files/ |
3 KB 3 KB |
Script
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getseal.gif
dskdireonline-bg.com/default/=BG/file/sAuth/bg/5239e/index_files/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DSK_CarInsurance_360x160_BG.png
dskdireonline-bg.com/default/=BG/file/sAuth/bg/5239e/index_files/ |
75 KB 75 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
smart.svg
dskdireonline-bg.com/default/=BG/file/sAuth/bg/5239e/index_files/ |
37 KB 37 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
facebook.svg
dskdireonline-bg.com/default/=BG/file/sAuth/bg/5239e/index_files/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
youtube.svg
dskdireonline-bg.com/default/=BG/file/sAuth/bg/5239e/index_files/ |
6 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
linkedin.svg
dskdireonline-bg.com/default/=BG/file/sAuth/bg/5239e/index_files/ |
949 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BankaDSK_ciril_CM_White.svg
dskdireonline-bg.com/default/=BG/file/sAuth/bg/5239e/index_files/ |
8 KB 8 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mobile-phone-icon-white.png
dskdireonline-bg.com/default/=BG/file/sAuth/bg/5239e/index_files/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
smartphone-icon-white.png
dskdireonline-bg.com/default/=BG/file/sAuth/bg/5239e/index_files/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SourceSansPro-Regular.ttf.woff
dskdireonline-bg.com/default/=BG/file/sAuth/bg/5239e/index_files/fonta/ |
100 KB 100 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SourceSansPro-Semibold.ttf.woff
dskdireonline-bg.com/default/=BG/file/sAuth/bg/5239e/index_files/fonta/ |
100 KB 100 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SourceSansPro-Bold.ttf.woff
dskdireonline-bg.com/default/=BG/file/sAuth/bg/5239e/index_files/fonta/ |
100 KB 100 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DSK_Smart_1600x700px.jpg
dskdireonline-bg.com/repository/photos/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
smart.png
dskdireonline-bg.com/default/=BG/file/sAuth/bg/5239e/index_files/ |
79 KB 79 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DSK Bank (Banking)153 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate number| STATFORMAMOUNT object| objLastContent object| objLastImage boolean| bHideLastPanel boolean| bGrayPlus function| ClearHighlight function| HilightMe function| changeLoginChannel function| changeLoginChannelOtp function| setLoginChannel function| GetPageID function| openLastOpenedPagelet function| setLastOpenedPagelet function| showHideContent function| txtNormal function| txtFocus function| btnNormal function| btnOnFocus function| tdOnFocus function| tdNormal function| radioNormal function| radioOnFocus function| MySubmit function| MySubmitNoValidate function| NormalSubmit function| DisabledSubmitButton function| MyDisabledSubmit function| disabelButton function| disabelButtonRewrite function| MyDisabledSubmit_New function| NormalSubmit2 function| NormalSubmitNoValidate function| ExportSubmit function| OpenSmallWindow function| OpenBigWindow function| OpenNewWindowFilledWith function| CancelBubbleEvent function| SpecialHRef function| ReturnToOpener function| showHelper function| showHelpWindow function| BindAllInputControls function| BindInputToSpan function| BindCheckInputToSpan function| BindSelectInputToSpan function| UpdateBoundFieldValue function| UpdateBoundCheckFieldValue function| UpdateBoundSelectFieldValue undefined| OnSubmitOldBackoStyle function| CatchOnSubmitToValidate function| ValidateInputFields function| StringValidater function| CustomValidateLimit function| GetUserAgent function| CancelValidation function| DAISConvertToDate function| CCookies function| PreSubmitForm_Filters function| LesThen function| IsLessThan function| IsGreaterThan function| printInfo function| hideInfo function| showInfo function| getX function| getY function| IsBGNAccount function| IsBudgetAccount function| isBudgetIban function| isInteger function| stripCharsInBag function| daysInFebruary function| DaysArray function| CheckDateRaw function| CheckDate function| dateCompare function| NumberCompare function| string2date function| TrimString function| getIframe function| FillParentCtrl function| MakeWorking function| hideTooltip function| getPageLeft function| getPageTop function| StringValidaterPartial function| GetBICByIBAN function| GetBICByIBAN_MVC function| doSomeCustomValidation function| OnGetBICByIBANCompleted function| showHelperCustom function| fRoundNum function| IsGreaterOrEqualThan function| LessThan function| LessOrEqualThan function| RadioClear function| ContainsNegative function| setCookie function| getCookie function| GetCheckSum function| MyParseFloat function| GoBack function| CheckDirtyMoney function| CheckBurPosDeclDirtyMoney function| CheckStatForm function| NewWindowSubmit function| CalcMoney function| CalcInLeva function| getHttpUserAgent function| UpdateMonthPicker function| dais_fix_null function| And function| Or string| keyStr function| encode64 function| decode64 function| OnEnterDownCall function| UpdateCheckLimits function| setFieldChecked function| showBoxContent function| ResizeLeftColumn function| setCurrentTime function| EnableConnected function| ShowPhoneFields function| getPropVal function| SetErrorMsgValidationSpan function| StringIsNullOrEmpty function| ShowGeneralError function| HideGeneralError function| ToFloat function| InitHidenFieldBeforeChoosingFromRadioButtonOrCheckBox function| ValidationForInputElementFromCheckBoxOrRadioButtonOnClick function| ValidationForInputElementFromCheckBoxOrRadioButton function| InitHidenFieldRemoveValidationInThem function| ShowHideElementsOnChoosingFromRadioButtonOrCheckBoxWithValidationElementsOnClick function| dateFormat_ddMMyyyy function| DaisPrint function| cloneToEmptyObj function| getElementByAttributeAndValue function| isIE7 function| GenerateNewCaptcha function| setImgSrc function| ClearPagingData function| GetFormInputsAsKeyValuePair function| DownloadFileJS function| utf8ArrayToStr function| ParseAmountAndCCyToAmountWithCCY function| bindEvent function| extractBirthDate function| SubmitToIFrame function| fillValidationSummary0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dskdireonline-bg.com
3.24.40.204
0e3bc0ec0269a5201ee96b28118478d690189840798c2f80dedf259a06a2c535
1daa4277916dd050fb98fe61a6d1f584871d477094885219c4ea900ee7fc07a8
35132ca2b6de83f6f297f89869e95fe5e957f474fe3e1f5eecfdf7836e22b314
4dc2784d1bf184b593dd4d447f1037407dbbf62d5ad04d730636513b57a067bd
530e394110f957dabfd6594bee1c31e5a2847e9317cb8839678617c53da3018d
53bc5492a313ba107db7d1ed00b25f4986588c97df074ca12a16259a14ae74d6
556dbd4447b2f9e872db058bdc0cc11b1f24b1d9fdabaf3d6c5e2a0f96ca9131
59112ed4801f8c7528bb2cb4aecd536dd4b480e89a39eadecf61fc6fa4c4a148
6387816e768ca03ce33dfae76ccbc4c6b99a15326c27fe368baa08548f1333fc
7a9d2e26c43294bfc2f43d7c8de599e8ebdb1e930dec633e62c58293986a50b6
87b33a80bb4f47d3ff712564c806bdebce198780a2a1b3fb61a8ca526ffda6ca
885ba059f6960be2f0c3f240641c2935c88401fe000b1c11db9074650fd4c216
a11a44f163fe95c3872726bf16dcd4d25c4893088fb113598e09166845d3cfc8
b6fb3abc677a66e3a6575b2dbaec9950f8d8630e26922f33094afdeaba7f004e
bcc71ba4680f7fecde3b159ca93c9ee6ff438360c431002bb60679e2cfd07eaf
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
db923b9dfc974938937a074b4791203f9d0b381674aecfd934a3fca95583f816
dbd180cb704fcbb12a683a2ff0d9ab2c1565db2d7c889022c02560876ebae70b
f6613c4bd974b120dc3c8319e187cdd40361c0e3307a19b4b8ffc2f51ce26059
f8e97632438b10ae297aac3b13b7aa711d02d6ea1e492c3ba18374329f4b0d42
faa57da39d66803cdb67d6f8744006d5d9adeea10d363e23070fb2d46f0f0187