ib-vub-sk.online Open in urlscan Pro
2606:4700:3036::ac43:df2a  Malicious Activity! Public Scan

11 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
9 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ib-vub-sk.online/	1 MB 872 KB	880ms 610ms	Document text/html	2606:4700:3036::ac43:df2a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ib-vub-sk.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:df2a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash b55243a401ba8d064fe07aac5c8b7491f2c1240db4119005ba1fd48b10f44b02 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 848baa9289b0474f-DFW content-encoding br content-type text/html; charset=utf-8 date Sun, 21 Jan 2024 01:08:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=16J0x6t5iZS9tXmG5EvM9a%2BQhmpw2F2q6ms4HFz68VVu5L22ZHT6sAnY8C%2Fs0dTL5f05yksrku%2BXSc5xRd%2B2Bo7zhEKsbGp04RPdgzSe0I%2BqPfR4n6OH%2B5GjvC%2Fy%2Bkp8cj5uQjmmvNJgOKH6fs3c"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by Express
GET H2	200	external.css ib-vub-sk.online/	312 KB 36 KB	1117ms 1116ms	Stylesheet text/css	2606:4700:3036::ac43:df2a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ib-vub-sk.online/external.css?1 Requested by Host: ib-vub-sk.online URL: https://ib-vub-sk.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:df2a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 790e81224263739f967c367e918daecd46bc43200cc2c1a43fabd7a7d73ce180 Request headers accept-language de-DE,de;q=0.9 Referer https://ib-vub-sk.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 01:08:30 GMT content-encoding br cf-cache-status MISS last-modified Tue, 30 May 2023 09:10:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"4e051-1886bec7e68" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xE78qK8b%2F5M74r9ofpnynjADyH4O1yoPGUaP31aLss2dGDE2m8XAmcK7wJcmdHzE9RDmlGBgFfgQui0QuyWvQG74GixDIhOUwwuhQKMVOw3oVL5HyFSl7v%2FKfNtGIn7UanW0pBFljEmEgpUhlrQS"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=14400 cf-ray 848baa965e55474f-DFW alt-svc h3=":443"; ma=86400
GET H2	200	vub.css ib-vub-sk.online/	917 KB 211 KB	1256ms 1255ms	Stylesheet text/css	2606:4700:3036::ac43:df2a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ib-vub-sk.online/vub.css?1 Requested by Host: ib-vub-sk.online URL: https://ib-vub-sk.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:df2a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash e5125e947330ddc2e61cb9b7ff12caf27fb7f26856d33bb1ac084992a16ab585 Request headers accept-language de-DE,de;q=0.9 Referer https://ib-vub-sk.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 01:08:30 GMT content-encoding br cf-cache-status MISS last-modified Tue, 30 May 2023 09:10:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"e53dc-1886bec8638" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvWcg9zzP3VT3gSf1%2FqaAa3tN2cy%2BKt1MAmZdR%2FYvru5VHJCZxTIsBv1etrxU8Z2joA2zxh%2BIORI8egI%2F5OXTETcwmjSO%2BxI3DAt%2B4QM5sYHPnrGrHyQfMs8D3dtWQISRPQP9W3wz3t7dLVYTbwQ"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=14400 cf-ray 848baa965e56474f-DFW alt-svc h3=":443"; ma=86400
GET H2	200	jquery-3.6.3.min.js Show response code.jquery.com/	88 KB 31 KB	28ms 6ms	Script application/javascript	2a04:4e42::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.3.min.js Requested by Host: ib-vub-sk.online URL: https://ib-vub-sk.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575 Request headers accept-language de-DE,de;q=0.9 Referer https://ib-vub-sk.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 01:08:29 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 3266371 x-cache HIT, HIT content-length 31046 x-served-by cache-lga13623-LGA, cache-fra-eddf8230110-FRA last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1705799310.780283,VS0,VE0 etag W/"28feccc0-15f5b" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 3, 38729
GET H2	200	socket.io.min.js Show response cdn.socket.io/4.4.1/	40 KB 13 KB	62ms 14ms	Script application/javascript	18.173.187.42 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.socket.io/4.4.1/socket.io.min.js Requested by Host: ib-vub-sk.online URL: https://ib-vub-sk.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.187.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-187-42.muc50.r.cloudfront.net Software Vercel / Resource Hash 907ae7db99cd3733cf8d56529300bb9e6e2c1dfc69ad9a05a7f875618d64a14a Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language de-DE,de;q=0.9 Referer https://ib-vub-sk.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 30 Sep 2023 06:21:29 GMT content-encoding gzip via 1.1 ed0321bab00e6823808eaacb7b137e08.cloudfront.net (CloudFront) strict-transport-security max-age=63072000 x-amz-cf-pop MUC50-P4 age 14517155 x-cache Hit from cloudfront content-disposition inline; filename="socket.io.min.js" server Vercel x-vercel-id fra1::9cqt8-1696054889822-0378c419edf6 etag W/"a51b4692d112bfa2f54ba01e7d42d0df" x-vercel-cache HIT content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, immutable x-amz-cf-id YnYEeF2xc_00C_jla0XGfsIhsxUeOLfLhjGzhx1FsIg8f5EvsCuFFA==
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2665211418355e44e2242af34ba05ddb2a5afdc31f8d9b51ec30ff4e230dd4ba Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/png
GET H3	200	326c5ad41f4fee17fbdffb7295f413ee.jpg ib-vub-sk.online/	439 KB 440 KB	1063ms 1062ms	Image image/jpeg	2606:4700:3036::ac43:df2a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ib-vub-sk.online/326c5ad41f4fee17fbdffb7295f413ee.jpg Requested by Host: ib-vub-sk.online URL: https://ib-vub-sk.online/vub.css?1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:df2a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 9b6f2260eb186615573feee9a18482a1a8a48bea4d16998fb872a2f90eabe2d7 Request headers accept-language de-DE,de;q=0.9 Referer https://ib-vub-sk.online/vub.css?1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 01:08:32 GMT cf-cache-status MISS last-modified Fri, 13 Jan 2023 12:27:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"6dd30-185ab19c940" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrwlxx6TqM%2FxwwVvC14rlaenlA%2B9Y1mZttPRaxzxAQ27LzJRMeDDs220qdtjvgUNxmaC0fWinRBC%2Bzfyz5HX311sMYmhcCl3bQnqTPZcFPsHomdx2YD5MrIKlcuHaML4nGgC6jZftDYjY57vUuDo"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=14400 accept-ranges bytes cf-ray 848baaa09fd6405f-SIN alt-svc h3=":443"; ma=86400 content-length 449840
GET H3	404	f5278935e5d452dabe1f3ea40ddb94f9.woff2 ib-vub-sk.online/	0 0	593ms 593ms	Font text/html	2606:4700:3036::ac43:df2a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ib-vub-sk.online/f5278935e5d452dabe1f3ea40ddb94f9.woff2 Requested by Host: ib-vub-sk.online URL: https://ib-vub-sk.online/vub.css?1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:df2a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Security Headers Name Value Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff Request headers Referer https://ib-vub-sk.online/vub.css?1 Origin https://ib-vub-sk.online accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 01:08:31 GMT content-security-policy default-src 'none' x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare content-encoding br x-powered-by Express vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12vIVggsZklITIYAyBgvnIfaiWx0r0TRK689WCADCaeTsK3dogNw8HTy%2B2CJGoKanWlBqTX1lthy2RPrtDN547QlLyOAU4NT87AzEOxeUgxnaG6UZOE3yY%2Fio7OWVKRQUcjJZD8xmqqIkc3FPK2b"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 cache-control max-age=14400 cf-ray 848baaa09fdb405f-SIN alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	829 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b27ab759a7fb4609cfefd80d1f94041143574c73e52fbe34a12b936577852252 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/gif
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 830245d9cdc18b16170459769c5d8258b3f639af52776d6acadc89f2e0ebf451 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	30 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 37e0974417c31dbb93e5261df26e22b9122bfc519d2b24acc724647bc9f29d48 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/jpeg
GET H3	404	entrust_site_seal_xs.png ib-vub-sk.online/VUB%20Bank%20-%20Internet%20banking_files/	205 B 205 B	570ms 570ms	Image text/html	2606:4700:3036::ac43:df2a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ib-vub-sk.online/VUB%20Bank%20-%20Internet%20banking_files/entrust_site_seal_xs.png Requested by Host: ib-vub-sk.online URL: https://ib-vub-sk.online/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:df2a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash df93db54d003254550c0f5ebac38cae210b75e8d55a9ea48a486f3a694dc196d Security Headers Name Value Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ib-vub-sk.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 01:08:31 GMT content-security-policy default-src 'none' x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare content-encoding br x-powered-by Express vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dT654i8odzA68m3iBA8%2B6lDJ%2F96FSYMzg5B4DqR5Ek09miY%2FZOaXKW68KISnqKOAJcCc0weUTJ1Qjr2lmlfT8f%2BSxM1w0Qdats0TKH08NFH7K0SZlCcucWAynq2sMCJFzYTRXNf9b7lS0IIOPCa%2B"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 cache-control max-age=14400 cf-ray 848baaa14852405f-SIN alt-svc h3=":443"; ma=86400
GET H3	200	app.js Show response ib-vub-sk.online/	7 KB 2 KB	607ms 607ms	Script application/javascript	2606:4700:3036::ac43:df2a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ib-vub-sk.online/app.js?v=18 Requested by Host: ib-vub-sk.online URL: https://ib-vub-sk.online/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:df2a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash ed0c5f78e3fad1e63eba92e73139bae7daa578f1aa180bf377acc152bef062b1 Request headers accept-language de-DE,de;q=0.9 Referer https://ib-vub-sk.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 01:08:32 GMT content-encoding br cf-cache-status MISS last-modified Sat, 20 Jan 2024 13:29:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"1b48-18d270f90b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3T06UxsHSKYiTjZZiRxi%2BY1X0Qj46tnoVL%2B6P1%2B8gAHWgJYG2do9d8t%2B53TzmFpsad9CRdo7j6B6D1gkju1EUfKiNxwK7EqZRKpslV4wwEccyBofhTNwzj8LqGkYQIAbw2ew21js8W%2BpbCDeW7po"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=14400 cf-ray 848baaa14854405f-SIN alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	659 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a6e8db1b49f0d9e040e95568691920b99040039d2cfa64d949f7e5bf82bb55fc Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash cc799d3f27c5ccb431502b70c5ced338d84402f3af7f3b6daf9d7277117311c9 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	6 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 00ecc4c49c9bc5b3e4b23db2a07fd5c3903eca5eee315e49c37fb7d38faefc0a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c0dde680b27ab14aade6fb9f25b2f171dc28de9f9b1f03409bcbd379993fb40e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b781f5e0307b3db8ae5115db02a66dc72baf60f78e7598bfa3c74e30e50f69bd Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/png
GET H3	200	52ee3af62319d2be26d2f21c9b71f020.ttf ib-vub-sk.online/	108 KB 59 KB	1589ms 1588ms	Font font/ttf	2606:4700:3036::ac43:df2a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ib-vub-sk.online/52ee3af62319d2be26d2f21c9b71f020.ttf Requested by Host: ib-vub-sk.online URL: https://ib-vub-sk.online/vub.css?1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:df2a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 5a8519d06608641230907f86b49a1b766a8442a60ffcfd40a978b98e751253fb Request headers Referer https://ib-vub-sk.online/vub.css?1 Origin https://ib-vub-sk.online accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 01:08:32 GMT content-encoding br cf-cache-status MISS last-modified Fri, 13 Jan 2023 12:26:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"1ae14-185ab18e2c8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uoKa4YOPr3FUrrn%2BOaTUg2DkakDgMVS%2FWW%2FczIwhMGA6UjfyqBFX7qsdEqxTVXmqTJ6Jgy9xcVmxP7bidhhgsOxss81rH3hb3D1A2NvJQSRuj9yWqf%2Fb43img2BuSOox7KU0fhd2JiY2qVEH5wbh"}],"group":"cf-nel","max_age":604800} content-type font/ttf cache-control public, max-age=14400 cf-ray 848baaa1485d405f-SIN alt-svc h3=":443"; ma=86400
GET H3	200	92ddf6b1d7b9c73d1e800f5b79d5bea6.woff2 ib-vub-sk.online/	36 KB 36 KB	792ms 792ms	Font font/woff2	2606:4700:3036::ac43:df2a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ib-vub-sk.online/92ddf6b1d7b9c73d1e800f5b79d5bea6.woff2 Requested by Host: ib-vub-sk.online URL: https://ib-vub-sk.online/vub.css?1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:df2a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 1a359520a00657c09d7a3ff7bfcd6cb0fbc131b3fa1b71910b6c174f9fc9895e Request headers Referer https://ib-vub-sk.online/vub.css?1 Origin https://ib-vub-sk.online accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 01:08:32 GMT cf-cache-status MISS last-modified Fri, 13 Jan 2023 12:28:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"8e84-185ab19ec68" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2B%2F3SE3JMMGYSs3TTZ4UYc6SUyKl6PrkxwJSS9%2BlVcwBkfFx3MSaJ1%2FUXZpJMp1U3PS2iqrLb4Xx1OwcHD5xbWjHiDv9gwp0AkPetZWIuzzXG7CcnxYfKJQ5DmD6VRpW1PCe8A94SCr5rLU6ZZQG"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=14400 accept-ranges bytes cf-ray 848baaa1485f405f-SIN alt-svc h3=":443"; ma=86400 content-length 36484
GET H3	404	a6e2d3921c9ea0fd81897d9ae7a33ba4.woff ib-vub-sk.online/	0 0	1261ms 1261ms	Font text/html	2606:4700:3036::ac43:df2a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ib-vub-sk.online/a6e2d3921c9ea0fd81897d9ae7a33ba4.woff Requested by Host: ib-vub-sk.online URL: https://ib-vub-sk.online/vub.css?1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:df2a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Security Headers Name Value Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff Request headers Referer https://ib-vub-sk.online/vub.css?1 Origin https://ib-vub-sk.online accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 01:08:32 GMT content-security-policy default-src 'none' x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare content-encoding br x-powered-by Express vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fk0jru%2BL%2B5jBsagnvLIbSm%2BVPHGjv11wDrL5e17v2n35KTCe50EUGBaphq3nBs27slDcPu66GXjpSK21uFko2qB5NBZEJvy7J72xCMMphFkfdSf8UPiyEYOXxSPec8gDs2p8%2FRjzNxNASnA%2Ft7F0"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 cache-control max-age=14400 cf-ray 848baaa45ae8405f-SIN alt-svc h3=":443"; ma=86400
GET H3	200	/ Show response ib-vub-sk.online/socket.io/	97 B 510 B	1144ms 1143ms	XHR text/plain	2606:4700:3036::ac43:df2a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ib-vub-sk.online/socket.io/?EIO=4&transport=polling&t=OqfZ-BR Requested by Host: cdn.socket.io URL: https://cdn.socket.io/4.4.1/socket.io.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:df2a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2f22e68a762f125738697167e58585f10728df03b9b8cd875d246d296bf9c2b3 Request headers Accept */* Referer https://ib-vub-sk.online/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 01:08:32 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObWFoJo%2BEXfBgwzAnvFvlv5x%2Bxei7vDvVtrcqTMEv1RDbHSVchQF1WOYdufKXUJBn7d7wARkmem7aCtkXBIj9aIE3ebsD2HHwrqTdqQn5UdWwGs%2BYU6G3Sh7h17ZoOhoZDGrL44AirtR70%2Boq%2Bxm"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 848baaa51bb1405f-SIN alt-svc h3=":443"; ma=86400
GET H3	404	c7d7d1136a4a6d39a82705577b9ec629.ttf ib-vub-sk.online/	0 0	563ms 563ms	Font text/html	2606:4700:3036::ac43:df2a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ib-vub-sk.online/c7d7d1136a4a6d39a82705577b9ec629.ttf Requested by Host: ib-vub-sk.online URL: https://ib-vub-sk.online/vub.css?1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:df2a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Security Headers Name Value Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff Request headers Referer https://ib-vub-sk.online/vub.css?1 Origin https://ib-vub-sk.online accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 01:08:33 GMT content-security-policy default-src 'none' x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare content-encoding br x-powered-by Express vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tgG963nbDiQbf3RcKjwhAhgroBm%2BOlw8V3w1BFdPFojgrh8kRiIsmYis3YLe5wzytHf6hCoT3G2xSnytSUhDJfZY1GYQQaY12k06hLvHetg1PWitzLKzqGA4pB3FfU3w%2BXrAsp0u0hQE0eW24KVz"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 cache-control max-age=14400 cf-ray 848baaac4a78405f-SIN alt-svc h3=":443"; ma=86400
POST H3	200	/ Show response ib-vub-sk.online/socket.io/	2 B 409 B	358ms 358ms	XHR text/html	2606:4700:3036::ac43:df2a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ib-vub-sk.online/socket.io/?EIO=4&transport=polling&t=OqfZ-TQ&sid=S1Uph1BCFeq1MOCfAAGj Requested by Host: cdn.socket.io URL: https://cdn.socket.io/4.4.1/socket.io.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:df2a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Accept */* Referer https://ib-vub-sk.online/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-type text/plain;charset=UTF-8 Response headers date Sun, 21 Jan 2024 01:08:33 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cv%2FwOopaJfGv1kNwB%2Bh%2FYJTB7dCC0r4lp6cv9K50GmUMpd6Wg5A8NxHArlPRiBNgsuguycZSlSsF3Fs35oGb4jwykQQPQLSsBC5d9HDPT74Tw1bFRIHodCf%2FhO0Pc3OsLrQG%2FkcFjBRDqszLDkn3"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 848baaac4a7e405f-SIN alt-svc h3=":443"; ma=86400
GET H3	200	/ Show response ib-vub-sk.online/socket.io/	32 B 444 B	565ms 565ms	XHR text/plain	2606:4700:3036::ac43:df2a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ib-vub-sk.online/socket.io/?EIO=4&transport=polling&t=OqfZ-TR&sid=S1Uph1BCFeq1MOCfAAGj Requested by Host: cdn.socket.io URL: https://cdn.socket.io/4.4.1/socket.io.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:df2a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b41d7ae0eee7822d71b522df7d09129f10d11d3ff2b19ec1ec50c38aa96ce96d Request headers Accept */* Referer https://ib-vub-sk.online/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 01:08:33 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ek91uKC1LrYY0fTPsMhcxSwh%2FVDTIzu0hXlosYZxdHewNn3xnNhMInro8rKQAyazteD3ThwOPwmdh268lwVWfs%2FEwqYWf9fxFj9fGSMDSvBDynLtYPQ0iyh6WGS9AeTOOdP1vjCPi2sYhlXmyL1L"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 848baaac4a7f405f-SIN alt-svc h3=":443"; ma=86400 content-length 32

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Vub Banka (Banking)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| io string| gref string| gcountry string| glinkid object| socket function| oneStep

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ib-vub-sk.online/	1970-01-20 17:50:00	Name: uid Value: 2684915720004897
			ib-vub-sk.online/	1970-01-20 17:50:00	Name: worker Value: 1
			ib-vub-sk.online/	1970-01-20 17:50:00	Name: step Value:

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ib-vub-sk.online/f5278935e5d452dabe1f3ea40ddb94f9.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ib-vub-sk.online/VUB%20Bank%20-%20Internet%20banking_files/entrust_site_seal_xs.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ib-vub-sk.online/a6e2d3921c9ea0fd81897d9ae7a33ba4.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ib-vub-sk.online/c7d7d1136a4a6d39a82705577b9ec629.ttf Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.socket.io
code.jquery.com
ib-vub-sk.online
18.173.187.42
2606:4700:3036::ac43:df2a
2a04:4e42::649
00ecc4c49c9bc5b3e4b23db2a07fd5c3903eca5eee315e49c37fb7d38faefc0a
1a359520a00657c09d7a3ff7bfcd6cb0fbc131b3fa1b71910b6c174f9fc9895e
2665211418355e44e2242af34ba05ddb2a5afdc31f8d9b51ec30ff4e230dd4ba
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2f22e68a762f125738697167e58585f10728df03b9b8cd875d246d296bf9c2b3
37e0974417c31dbb93e5261df26e22b9122bfc519d2b24acc724647bc9f29d48
5a8519d06608641230907f86b49a1b766a8442a60ffcfd40a978b98e751253fb
790e81224263739f967c367e918daecd46bc43200cc2c1a43fabd7a7d73ce180
830245d9cdc18b16170459769c5d8258b3f639af52776d6acadc89f2e0ebf451
907ae7db99cd3733cf8d56529300bb9e6e2c1dfc69ad9a05a7f875618d64a14a
9b6f2260eb186615573feee9a18482a1a8a48bea4d16998fb872a2f90eabe2d7
a6e8db1b49f0d9e040e95568691920b99040039d2cfa64d949f7e5bf82bb55fc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
b27ab759a7fb4609cfefd80d1f94041143574c73e52fbe34a12b936577852252
b41d7ae0eee7822d71b522df7d09129f10d11d3ff2b19ec1ec50c38aa96ce96d
b55243a401ba8d064fe07aac5c8b7491f2c1240db4119005ba1fd48b10f44b02
b781f5e0307b3db8ae5115db02a66dc72baf60f78e7598bfa3c74e30e50f69bd
c0dde680b27ab14aade6fb9f25b2f171dc28de9f9b1f03409bcbd379993fb40e
cc799d3f27c5ccb431502b70c5ced338d84402f3af7f3b6daf9d7277117311c9
df93db54d003254550c0f5ebac38cae210b75e8d55a9ea48a486f3a694dc196d
e5125e947330ddc2e61cb9b7ff12caf27fb7f26856d33bb1ac084992a16ab585
ed0c5f78e3fad1e63eba92e73139bae7daa578f1aa180bf377acc152bef062b1