www.gulfxs.com
Open in
urlscan Pro
198.23.59.167
Malicious Activity!
Public Scan
Effective URL: https://www.gulfxs.com/wp-includes/certificates/idkbank/
Submission: On March 25 via api from US
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 12th 2021. Valid for: 3 months.
This is the only time www.gulfxs.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Raiffeisen Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 103.143.46.48 103.143.46.48 | 17439 (NETMAGIC-...) (NETMAGIC-AP Netmagic Datacenter Mumbai) | |
11 | 198.23.59.167 198.23.59.167 | 32748 (STEADFAST) (STEADFAST) | |
8 | 194.48.206.22 194.48.206.22 | 44396 (RBB-) (RBB-) | |
2 | 2a00:1450:400... 2a00:1450:4001:810::200e | 15169 (GOOGLE) (GOOGLE) | |
7 | 2a00:1450:400... 2a00:1450:4001:808::200e | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:808::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:810::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:80e::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:800::2006 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:80e::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:813::2001 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:809::2016 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::2003 | 15169 (GOOGLE) (GOOGLE) | |
44 | 12 |
ASN17439 (NETMAGIC-AP Netmagic Datacenter Mumbai, IN)
PTR: server30a.hostingraja.org
watch4sell.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
static.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
gulfxs.com
www.gulfxs.com |
245 KB |
9 |
youtube.com
www.youtube.com |
686 KB |
8 |
rbb.bg
online.rbb.bg |
243 KB |
3 |
doubleclick.net
1 redirects
googleads.g.doubleclick.net static.doubleclick.net |
1 KB |
3 |
gstatic.com
fonts.gstatic.com www.gstatic.com |
27 KB |
1 |
ytimg.com
i.ytimg.com |
33 KB |
1 |
ggpht.com
yt3.ggpht.com |
3 KB |
1 |
google.com
www.google.com |
12 KB |
1 |
watch4sell.com
1 redirects
watch4sell.com |
295 B |
44 | 9 |
Domain | Requested by | |
---|---|---|
11 | www.gulfxs.com |
www.gulfxs.com
|
9 | www.youtube.com |
www.gulfxs.com
www.youtube.com |
8 | online.rbb.bg |
www.gulfxs.com
online.rbb.bg |
2 | googleads.g.doubleclick.net |
1 redirects
www.youtube.com
|
2 | fonts.gstatic.com |
www.youtube.com
|
1 | www.gstatic.com |
www.youtube.com
|
1 | i.ytimg.com |
www.youtube.com
|
1 | yt3.ggpht.com |
www.youtube.com
|
1 | www.google.com |
www.youtube.com
|
1 | static.doubleclick.net |
www.youtube.com
|
1 | watch4sell.com | 1 redirects |
44 | 11 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
gulfxs.com cPanel, Inc. Certification Authority |
2021-03-12 - 2021-06-10 |
3 months | crt.sh |
online.rbb.bg Sectigo RSA Extended Validation Secure Server CA |
2020-04-15 - 2022-04-15 |
2 years | crt.sh |
*.google.com GTS CA 1O1 |
2021-03-11 - 2021-06-03 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-02-23 - 2021-05-18 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2021-03-11 - 2021-06-03 |
3 months | crt.sh |
*.doubleclick.net GTS CA 1O1 |
2021-03-11 - 2021-06-03 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2021-03-11 - 2021-06-03 |
3 months | crt.sh |
*.googleusercontent.com GTS CA 1O1 |
2021-02-23 - 2021-05-18 |
3 months | crt.sh |
edgestatic.com GTS CA 1O1 |
2021-02-23 - 2021-05-18 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.gulfxs.com/wp-includes/certificates/idkbank/
Frame ID: 71E1CC8D1D650AE44D5D942BC6A8F1A4
Requests: 27 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/1Wh2xI03Tgs
Frame ID: 58BCE63EF6775CF7F4B67F0DE82AD05B
Requests: 18 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://watch4sell.com/oum.php
HTTP 302
https://www.gulfxs.com/wp-includes/certificates/idkbank/ Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
RequireJS (JavaScript Frameworks) Expand
Detected patterns
- script /require.*\.js/i
Page Statistics
47 Outgoing links
These are links going to different origins than the main page.
Title: Научи повече
Search URL Search Domain Scan URL
Title: Google Play
Search URL Search Domain Scan URL
Title: App Store
Search URL Search Domain Scan URL
Title: AppGallery
Search URL Search Domain Scan URL
Title: ТУК
Search URL Search Domain Scan URL
Title: Грижа за клиента в извънредно положение
Search URL Search Domain Scan URL
Title: Промяна в тарифите за ЮЛ и ЕТ в сила от 14.01.2019 г.
Search URL Search Domain Scan URL
Title: 10 години Райфайзенбанк прави историите по-добри
Search URL Search Domain Scan URL
Title: Преводи
Search URL Search Domain Scan URL
Title: Битови сметки
Search URL Search Domain Scan URL
Title: Сметки
Search URL Search Domain Scan URL
Title: Карти
Search URL Search Domain Scan URL
Title: Кредити
Search URL Search Domain Scan URL
Title: Заявки
Search URL Search Domain Scan URL
Title: Настройки
Search URL Search Domain Scan URL
Title: Ръководство на потребителя
Search URL Search Domain Scan URL
Title: Общи условия
Search URL Search Domain Scan URL
Title: Инструкция за сигурност
Search URL Search Domain Scan URL
Title: Често задавани въпроси
Search URL Search Domain Scan URL
Title: Анкета за Райфайзен ОНЛАЙН
Search URL Search Domain Scan URL
Title: Индивидуални клиенти
Search URL Search Domain Scan URL
Title: Premium banking
Search URL Search Domain Scan URL
Title: Малки предприятия
Search URL Search Domain Scan URL
Title: Корпоративни клиенти
Search URL Search Domain Scan URL
Title: Картов обменен курс
Search URL Search Domain Scan URL
Title: Калкулатор за потребителски кредит
Search URL Search Domain Scan URL
Title: Калкулатор за ипотечен кредит
Search URL Search Domain Scan URL
Title: Райфайзенбанк България
Search URL Search Domain Scan URL
Title: Raiffeisen Bank International
Search URL Search Domain Scan URL
Title: Райфайзен Лизинг
Search URL Search Domain Scan URL
Title: Райфайзен Асет Мениджмънт
Search URL Search Domain Scan URL
Title: Райфайзен Застрахователен брокер
Search URL Search Domain Scan URL
Title: Избери, за да помогнеш
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: YouTube
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Viber
Search URL Search Domain Scan URL
Title: Блог
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: За нас
Search URL Search Domain Scan URL
Title: Тарифи
Search URL Search Domain Scan URL
Title: Уведомления
Search URL Search Domain Scan URL
Title: Контакти
Search URL Search Domain Scan URL
Title: Офиси и банкомати
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://watch4sell.com/oum.php
HTTP 302
https://www.gulfxs.com/wp-includes/certificates/idkbank/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 32- https://googleads.g.doubleclick.net/pagead/id HTTP 302
- https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
44 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.gulfxs.com/wp-includes/certificates/idkbank/ Redirect Chain
|
37 KB 38 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
smartbanner.min.css
online.rbb.bg/Content/css/smartbanner/ |
12 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
online.rbb.bg/Content/css/ |
563 KB 67 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
require.js
www.gulfxs.com/Scripts/libs/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
promise.js
www.gulfxs.com/Scripts/libs/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
smartbanner.min.js
www.gulfxs.com/Scripts/libs/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fb.png
www.gulfxs.com/Content/images/ |
44 KB 44 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
youtube.png
www.gulfxs.com/Content/images/ |
44 KB 44 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkedin.png
www.gulfxs.com/Content/images/ |
44 KB 44 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twitter.png
www.gulfxs.com/Content/images/ |
10 KB 10 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
instagram.png
www.gulfxs.com/Content/images/ |
9 KB 9 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
viber.png
www.gulfxs.com/Content/images/ |
44 KB 44 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rbb-blog.png
www.gulfxs.com/Content/images/ |
11 KB 11 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1Wh2xI03Tgs
www.youtube.com/embed/ Frame 58BC |
51 KB 22 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-body.png
online.rbb.bg/Content/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-rbb-white-bg.svg
online.rbb.bg/Content/svg/ |
10 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RBB_1920x498_site_banner.jpg
online.rbb.bg/Content/images/ |
148 KB 149 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
326381_1_0.woff
online.rbb.bg/Content/fonts/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FuturaPT-Medium.woff
online.rbb.bg/Content/fonts/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
326381_0_0.woff
online.rbb.bg/Content/fonts/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
iconset-rbb.ttf
online.rbb.bg/Content/fonts/iconset-rbb// |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mobileApp.png
online.rbb.bg/Content/images/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-store-bg.png
online.rbb.bg/Content/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
google-play-bg.png
online.rbb.bg/Content/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
326381_1_0.ttf
online.rbb.bg/Content/fonts/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
www-player-webp.css
www.youtube.com/s/player/38c5f870/ Frame 58BC |
339 KB 51 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
www-embed-player.js
www.youtube.com/s/player/38c5f870/www-embed-player.vflset/ Frame 58BC |
161 KB 58 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
base.js
www.youtube.com/s/player/38c5f870/player_ias.vflset/en_US/ Frame 58BC |
2 MB 507 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
fetch-polyfill.js
www.youtube.com/s/player/38c5f870/fetch-polyfill.vflset/ Frame 58BC |
8 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 58BC |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FuturaPT-Medium.ttf
online.rbb.bg/Content/fonts/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
326381_0_0.ttf
online.rbb.bg/Content/fonts/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
iconset-rbb.woff
online.rbb.bg/Content/fonts/iconset-rbb// |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
id
googleads.g.doubleclick.net/pagead/ Frame 58BC Redirect Chain
|
113 B 921 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ad_status.js
static.doubleclick.net/instream/ Frame 58BC |
29 B 91 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
remote.js
www.youtube.com/s/player/38c5f870/player_ias.vflset/en_US/ Frame 58BC |
97 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zo4Agt5SJcnoXNS4M1MG4WyhXvbc_d-XVm4sRsRj_20.js
www.google.com/js/th/ Frame 58BC |
33 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
embed.js
www.youtube.com/s/player/38c5f870/player_ias.vflset/en_US/ Frame 58BC |
24 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 58BC |
175 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AAUvwnho-hBZguvxqeFBlYvKWYgd7suP6iK-R8wE-BiRrg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 58BC |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sddefault.webp
i.ytimg.com/vi_webp/1Wh2xI03Tgs/ Frame 58BC |
33 KB 33 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 58BC |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 58BC |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
generate_204
www.youtube.com/ Frame 58BC |
0 38 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
log_event
www.youtube.com/youtubei/v1/ Frame 58BC |
28 B 191 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- online.rbb.bg
- URL
- https://online.rbb.bg/Content/fonts/webfonts/326381_1_0.woff
- Domain
- online.rbb.bg
- URL
- https://online.rbb.bg/Content/fonts/webfonts/FuturaPT-Medium.woff
- Domain
- online.rbb.bg
- URL
- https://online.rbb.bg/Content/fonts/webfonts/326381_0_0.woff
- Domain
- online.rbb.bg
- URL
- https://online.rbb.bg/Content/fonts/iconset-rbb//iconset-rbb.ttf?wxo579
- Domain
- online.rbb.bg
- URL
- https://online.rbb.bg/Content/fonts/webfonts/326381_1_0.ttf
- Domain
- online.rbb.bg
- URL
- https://online.rbb.bg/Content/fonts/webfonts/FuturaPT-Medium.ttf
- Domain
- online.rbb.bg
- URL
- https://online.rbb.bg/Content/fonts/webfonts/326381_0_0.ttf
- Domain
- online.rbb.bg
- URL
- https://online.rbb.bg/Content/fonts/iconset-rbb//iconset-rbb.woff?wxo579
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Raiffeisen Bank (Banking)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: JofxVBdlbes |
|
.youtube.com/ | Name: YSC Value: g3wupYOiHEQ |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
online.rbb.bg
static.doubleclick.net
watch4sell.com
www.google.com
www.gstatic.com
www.gulfxs.com
www.youtube.com
yt3.ggpht.com
online.rbb.bg
103.143.46.48
194.48.206.22
198.23.59.167
2a00:1450:4001:800::2006
2a00:1450:4001:808::2003
2a00:1450:4001:808::200e
2a00:1450:4001:809::2016
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:813::2001
2a00:1450:4001:82a::2003
024f472b5e2bbcd3fb3c37358806810a206f82aa7a0dba99d3a30a5e03ce9ccc
1af1054fde4c9fa4ab8cd305fb5d88dda8124e214556b1338bfbb0a5b762cb75
1f47665d4cc35069e17635c7584d07b44765a0634fad1475d8a6a0a163c6d246
20a37521486e408f00f8cdc929f5532e568dd2dc68e011cac039da9cf9aa184f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
5a95a6473130a7f166440a4008d265278e3af71adffe6bbe32230148ef543886
5c95c6c1193ef4afdf14770fe02d2f008be731d477b38ad44e3a497241984696
5d3d9b84177c0d0ef12e7e1e01ac96ba5db052f972e816d0276e69f2c17ee6ae
5e0d14229ae0f4d80a6e75cf1344fd3d32cccfa42e39ee154993eea24064eb63
61d36005a5c2101a9f6cf19ad60dfa6c4b29fa0b9d7ff87018c50ab37ee6a11b
66e9c373f8e295700917cb31e8b1d212e61f692e14ac98abfa16d0ca6cb8d38c
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6d80dfe07d24a3d6be3c36cf7b4f5b954ae99c49668e4c00e9c4c9598d98ad44
83076093eef62bdd7f942250b7c798e62478266f3286f53c3dbdb57a4efc2d26
89dff036ab45ec3efd6e551ab3679501670c50882bcb04e3aefbc787983773b0
9c6de398b00be04297ce1aebdf24eed587464488127326a6611438bc65dc26e3
a20336a648e840ea05405464c67782e3deff240b1c6260c7c1eff298046fa2de
b065d519a47e9f19646102ce5337382fcdc7a3f8fc7399f0d26e214c4824a1a0
b2b769bc93904f1ed851dd0c266c5a14ae9fca670ec9cc39fa00065286fb1ae4
b3d3224be7e87dc55749502732ba5ad5b85128bd21a60ead42aa0d5b805817d7
b4551596f954aa5759824aea3f0069656fcacb1f8a2c52d1d871f3f2e0057847
ba74790b1e9670ae6429a7cf9f8949d51e042dfa3d2a43f34e779ee3954330eb
c2855cefb7e8c6c29bf546fcc5c022efe6e9fda9c10f19d74dbb6d9b9ebe59ea
c84158c02aa08b902be924e5b9b81fd349cd09510aa72710c70a6d55ac931fcd
ce8e0082de5225c9e85cd4b8335306e16ca15ef6dcfddf97566e2c46c463ff6d
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9