service-dffgtsrthjkl.com Open in urlscan Pro
185.226.65.237  Malicious Activity! Public Scan

Submitted URL: http://avucan.com/aspx.php
Effective URL: https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
Submission: On September 25 via api from QA

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 23 HTTP transactions. The main IP is 185.226.65.237, located in Greece and belongs to AWEB-ASN, GR. The main domain is service-dffgtsrthjkl.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 21st 2020. Valid for: 3 months.
This is the only time service-dffgtsrthjkl.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Raiffeisen Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
1 78.142.209.111 209853 (VERIDYEN ...)
2 7 185.226.65.237 205053 (AWEB-ASN)
13 91.220.172.27 41694 (RB-HU-AS)
3 6 91.220.172.1 41694 (RB-HU-AS)
23 5
Apex Domain
Subdomains
Transfer
19 raiffeisen.hu
sso.raiffeisen.hu
www.raiffeisen.hu
931 KB
7 service-dffgtsrthjkl.com
service-dffgtsrthjkl.com
21 KB
1 avucan.com
avucan.com
319 B
23 3
Domain Requested by
13 sso.raiffeisen.hu service-dffgtsrthjkl.com
sso.raiffeisen.hu
7 service-dffgtsrthjkl.com 2 redirects avucan.com
service-dffgtsrthjkl.com
6 www.raiffeisen.hu 3 redirects service-dffgtsrthjkl.com
1 avucan.com
23 4

This site contains links to these domains. Also see Links.

Domain
www.raiffeisen.hu
direktnet.raiffeisen.hu
Subject Issuer Validity Valid
service-dffgtsrthjkl.com
cPanel, Inc. Certification Authority
2020-09-21 -
2020-12-20
3 months crt.sh
sso.raiffeisen.hu
GeoTrust EV RSA CA 2018
2019-09-13 -
2021-09-12
2 years crt.sh
www.raiffeisen.hu
GeoTrust EV RSA CA 2018
2019-07-02 -
2021-06-03
2 years crt.sh

This page contains 1 frames:

Primary Page: https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
Frame ID: 791FA89035051918AA8C466AFAFF3D53
Requests: 23 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://avucan.com/aspx.php Page URL
  2. https://service-dffgtsrthjkl.com/dirkt.raif/index.php HTTP 302
    https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279 HTTP 301
    https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i

Page Statistics

23
Requests

91 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

5
IPs

3
Countries

950 kB
Transfer

942 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://avucan.com/aspx.php Page URL
  2. https://service-dffgtsrthjkl.com/dirkt.raif/index.php HTTP 302
    https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279 HTTP 301
    https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://www.raiffeisen.hu/sso_2_login_banner_960x340 HTTP 302
  • https://www.raiffeisen.hu/documents/10165/1590567/sso_2_login_banner_960x340.jpg
Request Chain 17
  • https://www.raiffeisen.hu/sso_1_login_banner_960x340_en HTTP 302
  • https://www.raiffeisen.hu/documents/10165/1590567/sso_1_login_960x340px_en.png
Request Chain 18
  • https://www.raiffeisen.hu/sso_2_login_banner_960x340_en HTTP 302
  • https://www.raiffeisen.hu/documents/10165/1590567/sso_2_login_960x340px_en.jpg

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
aspx.php
avucan.com/
108 B
319 B
Document
General
Full URL
http://avucan.com/aspx.php
Protocol
HTTP/1.1
Server
78.142.209.111 , Turkey, ASN209853 (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi, TR),
Reverse DNS
agena.veridyen.com
Software
LiteSpeed /
Resource Hash
90da3d722cd2a3dc2c63b965fd4f3c651e7c8057c16bc83efcca4b992215468f

Request headers

Host
avucan.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Content-Length
112
Content-Encoding
gzip
Vary
Accept-Encoding
Date
Fri, 25 Sep 2020 02:00:52 GMT
Server
LiteSpeed
Primary Request /
service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
Redirect Chain
  • https://service-dffgtsrthjkl.com/dirkt.raif/index.php
  • https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279
  • https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
20 KB
20 KB
Document
General
Full URL
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
Requested by
Host: avucan.com
URL: http://avucan.com/aspx.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.226.65.237 , Greece, ASN205053 (AWEB-ASN, GR),
Reverse DNS
Software
Apache /
Resource Hash
17e5c830fc409e98e7647eaa5b5ebf6f0c682ae83da4399622ffcf8cf3ca9642

Request headers

Host
service-dffgtsrthjkl.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://avucan.com/aspx.php
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://avucan.com/aspx.php

Response headers

Date
Fri, 25 Sep 2020 02:00:53 GMT
Server
Apache
Last-Modified
Fri, 25 Sep 2020 02:00:52 GMT
Accept-Ranges
bytes
Content-Length
20566
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Content-Type
text/html

Redirect headers

Date
Fri, 25 Sep 2020 02:00:53 GMT
Server
Apache
Location
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
Content-Length
285
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
main.js
sso.raiffeisen.hu/sso/XUI/
497 KB
498 KB
Script
General
Full URL
https://sso.raiffeisen.hu/sso/XUI/main.js?v=14.1.17-build9
Requested by
Host: service-dffgtsrthjkl.com
URL: https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.172.27 Budapest, Hungary, ASN41694 (RB-HU-AS, HU),
Reverse DNS
Software
/
Resource Hash
0717340118bc896d063190154e53ca4377e1902ea8279f76e4f1b9b2e4ef20c8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 02:00:53 GMT
Last-Modified
Wed, 15 Jul 2020 08:03:28 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
509284
AppConfiguration.js
sso.raiffeisen.hu/sso/XUI/config/
11 KB
12 KB
Script
General
Full URL
https://sso.raiffeisen.hu/sso/XUI/config/AppConfiguration.js?v=14.1.17-build9
Requested by
Host: service-dffgtsrthjkl.com
URL: https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.172.27 Budapest, Hungary, ASN41694 (RB-HU-AS, HU),
Reverse DNS
Software
/
Resource Hash
fcb9dc9bf9c04f9f2891ac83bce8e7ff41f5b1776f7d9c5f3a9e171052e30723
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 02:00:53 GMT
Last-Modified
Wed, 15 Jul 2020 08:03:28 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11420
ThemeConfiguration.js
sso.raiffeisen.hu/sso/XUI/config/
6 KB
6 KB
Script
General
Full URL
https://sso.raiffeisen.hu/sso/XUI/config/ThemeConfiguration.js?v=14.1.17-build9
Requested by
Host: service-dffgtsrthjkl.com
URL: https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.172.27 Budapest, Hungary, ASN41694 (RB-HU-AS, HU),
Reverse DNS
Software
/
Resource Hash
0b9d13d5690b53ec4fe0b02209c487ff0552952633805a22b6eddb94bc6291ea
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 02:00:53 GMT
Last-Modified
Mon, 04 May 2020 09:00:44 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5754
bootstrap.min.css
sso.raiffeisen.hu/sso/XUI/themes/rsso/css/
109 KB
109 KB
Stylesheet
General
Full URL
https://sso.raiffeisen.hu/sso/XUI/themes/rsso/css/bootstrap.min.css?v=14.1.17-build9
Requested by
Host: service-dffgtsrthjkl.com
URL: https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.172.27 Budapest, Hungary, ASN41694 (RB-HU-AS, HU),
Reverse DNS
Software
/
Resource Hash
53ca2d953a5d8c48b468ee55d9b64223ed1b37ee221a9dfe308e10c55ad3db90
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 02:00:53 GMT
Last-Modified
Mon, 04 May 2020 09:00:44 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
111622
structure.css
sso.raiffeisen.hu/sso/XUI/css/
87 KB
88 KB
Stylesheet
General
Full URL
https://sso.raiffeisen.hu/sso/XUI/css/structure.css?v=14.1.17-build9
Requested by
Host: service-dffgtsrthjkl.com
URL: https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.172.27 Budapest, Hungary, ASN41694 (RB-HU-AS, HU),
Reverse DNS
Software
/
Resource Hash
d1bfefae8013a12c42cead9d1da250a76ebf14bcd06eb3c30c52a6417797471a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 02:00:53 GMT
Last-Modified
Wed, 15 Jul 2020 08:03:28 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
89175
theme-rsso.css
sso.raiffeisen.hu/sso/XUI/themes/rsso/css/
4 KB
5 KB
Stylesheet
General
Full URL
https://sso.raiffeisen.hu/sso/XUI/themes/rsso/css/theme-rsso.css?v=14.1.17-build9
Requested by
Host: service-dffgtsrthjkl.com
URL: https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.172.27 Budapest, Hungary, ASN41694 (RB-HU-AS, HU),
Reverse DNS
Software
/
Resource Hash
e4c8b05d681b1d22b1aa3d6812ee4df8f11a8e91668ed8b6ee26c4297f4741b4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 02:00:53 GMT
Last-Modified
Mon, 04 May 2020 09:00:44 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4454
rbsso.css
sso.raiffeisen.hu/sso/XUI/themes/rsso/css/
23 KB
23 KB
Stylesheet
General
Full URL
https://sso.raiffeisen.hu/sso/XUI/themes/rsso/css/rbsso.css?v=14.1.17-build9
Requested by
Host: service-dffgtsrthjkl.com
URL: https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.172.27 Budapest, Hungary, ASN41694 (RB-HU-AS, HU),
Reverse DNS
Software
/
Resource Hash
0d8d5ca805cf82ab4e6f195b3d73f74b818e3e716186493a5c5b9e26290d3fc1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 02:00:53 GMT
Last-Modified
Tue, 21 Jul 2020 14:46:54 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23516
Footer.js
sso.raiffeisen.hu/sso/XUI/org/forgerock/openam/ui/common/components/
1 KB
2 KB
Script
General
Full URL
https://sso.raiffeisen.hu/sso/XUI/org/forgerock/openam/ui/common/components/Footer.js?v=14.1.17-build9
Requested by
Host: service-dffgtsrthjkl.com
URL: https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.172.27 Budapest, Hungary, ASN41694 (RB-HU-AS, HU),
Reverse DNS
Software
/
Resource Hash
191cbf6625670a91d1b6bd273572762e97f56e9ea9103adecd88d13ece0d0126
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 02:00:53 GMT
Last-Modified
Wed, 15 Jul 2020 08:03:28 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1421
LoginHeader.js
sso.raiffeisen.hu/sso/XUI/org/forgerock/commons/ui/common/components/
1 KB
1 KB
Script
General
Full URL
https://sso.raiffeisen.hu/sso/XUI/org/forgerock/commons/ui/common/components/LoginHeader.js?v=14.1.17-build9
Requested by
Host: service-dffgtsrthjkl.com
URL: https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.172.27 Budapest, Hungary, ASN41694 (RB-HU-AS, HU),
Reverse DNS
Software
/
Resource Hash
a12b918de03244a0d1a86980907336d97a72a443f5a9d0dab91a2e77691ad317
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 02:00:53 GMT
Last-Modified
Wed, 15 Jul 2020 08:03:28 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1069
logo.jpg
sso.raiffeisen.hu/sso/XUI/themes/rsso/images/
4 KB
4 KB
Image
General
Full URL
https://sso.raiffeisen.hu/sso/XUI/themes/rsso/images/logo.jpg?v=14.1.17-build9
Requested by
Host: service-dffgtsrthjkl.com
URL: https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.172.27 Budapest, Hungary, ASN41694 (RB-HU-AS, HU),
Reverse DNS
Software
/
Resource Hash
a5a935fa780fa290efbd34e1580876462619ccd71bb664c45b41dc53329e8767
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 02:00:53 GMT
Last-Modified
Mon, 04 May 2020 09:00:44 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3837
letter.jpg
sso.raiffeisen.hu/sso/XUI/themes/rsso/images/
1 KB
2 KB
Image
General
Full URL
https://sso.raiffeisen.hu/sso/XUI/themes/rsso/images/letter.jpg
Requested by
Host: service-dffgtsrthjkl.com
URL: https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.172.27 Budapest, Hungary, ASN41694 (RB-HU-AS, HU),
Reverse DNS
Software
/
Resource Hash
b1f6129a9cfdf5d953553d6a0f2ece97abab9b2c8fd7240faef98c4aeaa85979
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 02:00:53 GMT
Last-Modified
Mon, 04 May 2020 09:00:44 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1350
sso_2_login_banner_960x340.jpg
www.raiffeisen.hu/documents/10165/1590567/
Redirect Chain
  • https://www.raiffeisen.hu/sso_2_login_banner_960x340
  • https://www.raiffeisen.hu/documents/10165/1590567/sso_2_login_banner_960x340.jpg
45 KB
46 KB
Image
General
Full URL
https://www.raiffeisen.hu/documents/10165/1590567/sso_2_login_banner_960x340.jpg
Requested by
Host: service-dffgtsrthjkl.com
URL: https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.172.1 Budapest, Hungary, ASN41694 (RB-HU-AS, HU),
Reverse DNS
www.raiffeisen.hu
Software
Apache /
Resource Hash
65dc51e090866b9fd5f12961fa4adc0098448baf94b0038987b93ebfade4c9c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 02:00:53 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Mon, 21 Sep 2020 07:39:06 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=604800, s-maxage=604800,public
Content-Disposition
inline; filename="sso_2_login_banner_960x340.jpg"
Connection
Keep-Alive
Keep-Alive
timeout=15, max=99
Content-Length
46514
X-XSS-Protection
1; mode=block
Expires
Fri, 02 Oct 2020 02:00:53 GMT

Redirect headers

Date
Fri, 25 Sep 2020 02:00:53 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000
Location
https://www.raiffeisen.hu/documents/10165/1590567/sso_2_login_banner_960x340.jpg
Connection
Keep-Alive
Keep-Alive
timeout=15, max=100
Content-Length
0
X-XSS-Protection
1; mode=block
arrow_down.jpg
sso.raiffeisen.hu/sso/XUI/themes/rsso/images/
1 KB
2 KB
Image
General
Full URL
https://sso.raiffeisen.hu/sso/XUI/themes/rsso/images/arrow_down.jpg
Requested by
Host: service-dffgtsrthjkl.com
URL: https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.172.27 Budapest, Hungary, ASN41694 (RB-HU-AS, HU),
Reverse DNS
Software
/
Resource Hash
25e16461f26bc4b49ac990fde0d412634ed2c048e15b4db7027e5ef67bbde779
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 02:00:53 GMT
Last-Modified
Mon, 04 May 2020 09:00:44 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1315
arrow_up.jpg
sso.raiffeisen.hu/sso/XUI/themes/rsso/images/
1 KB
2 KB
Image
General
Full URL
https://sso.raiffeisen.hu/sso/XUI/themes/rsso/images/arrow_up.jpg
Requested by
Host: service-dffgtsrthjkl.com
URL: https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.172.27 Budapest, Hungary, ASN41694 (RB-HU-AS, HU),
Reverse DNS
Software
/
Resource Hash
7574ff7e0c4518fb90222cef12b0d2f1afe17f23852f2b4c47cddfc79f1c2745
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 02:00:53 GMT
Last-Modified
Mon, 04 May 2020 09:00:44 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1303
base64-1.0.0-min.js
service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/libs/
0
0
Script
General
Full URL
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/libs/base64-1.0.0-min.js
Requested by
Host: service-dffgtsrthjkl.com
URL: https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.226.65.237 , Greece, ASN205053 (AWEB-ASN, GR),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 02:00:53 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
requirejs-2.1.14-min.js
service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/libs/
0
0
Script
General
Full URL
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/libs/requirejs-2.1.14-min.js
Requested by
Host: service-dffgtsrthjkl.com
URL: https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.226.65.237 , Greece, ASN205053 (AWEB-ASN, GR),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 02:00:53 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=96
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
sso_1_login_960x340px_en.png
www.raiffeisen.hu/documents/10165/1590567/
Redirect Chain
  • https://www.raiffeisen.hu/sso_1_login_banner_960x340_en
  • https://www.raiffeisen.hu/documents/10165/1590567/sso_1_login_960x340px_en.png
58 KB
59 KB
Image
General
Full URL
https://www.raiffeisen.hu/documents/10165/1590567/sso_1_login_960x340px_en.png
Requested by
Host: service-dffgtsrthjkl.com
URL: https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.172.1 Budapest, Hungary, ASN41694 (RB-HU-AS, HU),
Reverse DNS
www.raiffeisen.hu
Software
Apache /
Resource Hash
bb48c865c64f125eb13bfa60b59cbf9333c834869ef2e6c7129daad6cf7e2c63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 02:00:53 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Mon, 21 Sep 2020 07:45:08 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=604800, s-maxage=604800,public
Content-Disposition
inline; filename="sso_1_login_960x340px_en.png"
Connection
Keep-Alive
Keep-Alive
timeout=15, max=100
Content-Length
59449
X-XSS-Protection
1; mode=block
Expires
Fri, 02 Oct 2020 02:00:53 GMT

Redirect headers

Date
Fri, 25 Sep 2020 02:00:53 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000
Location
https://www.raiffeisen.hu/documents/10165/1590567/sso_1_login_960x340px_en.png
Connection
Keep-Alive
Keep-Alive
timeout=15, max=98
Content-Length
0
X-XSS-Protection
1; mode=block
sso_2_login_960x340px_en.jpg
www.raiffeisen.hu/documents/10165/1590567/
Redirect Chain
  • https://www.raiffeisen.hu/sso_2_login_banner_960x340_en
  • https://www.raiffeisen.hu/documents/10165/1590567/sso_2_login_960x340px_en.jpg
70 KB
71 KB
Image
General
Full URL
https://www.raiffeisen.hu/documents/10165/1590567/sso_2_login_960x340px_en.jpg
Requested by
Host: service-dffgtsrthjkl.com
URL: https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.172.1 Budapest, Hungary, ASN41694 (RB-HU-AS, HU),
Reverse DNS
www.raiffeisen.hu
Software
Apache /
Resource Hash
9420156d444c865825ead3b53189551061b7d5c14a54e1939658866f7059f758
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 02:00:53 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Thu, 18 Jun 2020 12:52:36 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=604800, s-maxage=604800,public
Content-Disposition
inline; filename="sso_2_login_960x340px_en.jpg"
Connection
Keep-Alive
Keep-Alive
timeout=15, max=96
Content-Length
72149
X-XSS-Protection
1; mode=block
Expires
Fri, 02 Oct 2020 02:00:53 GMT

Redirect headers

Date
Fri, 25 Sep 2020 02:00:53 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000
Location
https://www.raiffeisen.hu/documents/10165/1590567/sso_2_login_960x340px_en.jpg
Connection
Keep-Alive
Keep-Alive
timeout=15, max=97
Content-Length
0
X-XSS-Protection
1; mode=block
base64-1.0.0-min.js
service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/libs/
0
0
Script
General
Full URL
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/libs/base64-1.0.0-min.js
Requested by
Host: service-dffgtsrthjkl.com
URL: https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.226.65.237 , Greece, ASN205053 (AWEB-ASN, GR),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 02:00:53 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=95
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Roboto-Regular.ttf
sso.raiffeisen.hu/sso/XUI/themes/rsso/fonts/
0
0

requirejs-2.1.14-min.js
service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/libs/
0
0
Script
General
Full URL
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/libs/requirejs-2.1.14-min.js
Requested by
Host: service-dffgtsrthjkl.com
URL: https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.226.65.237 , Greece, ASN205053 (AWEB-ASN, GR),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 02:00:53 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=94
Content-Length
315
Content-Type
text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sso.raiffeisen.hu
URL
https://sso.raiffeisen.hu/sso/XUI/themes/rsso/fonts/Roboto-Regular.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Raiffeisen Bank (Banking)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| changeLng function| getCookie function| changeLngText function| createBanner function| clickArea function| validateForm function| validateInputField function| validatePasswordFields function| openBannerLink object| require undefined| _typeof

0 Cookies