service-dffgtsrthjkl.com
Open in
urlscan Pro
185.226.65.237
Malicious Activity!
Public Scan
Effective URL: https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
Submission: On September 25 via api from QA
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 21st 2020. Valid for: 3 months.
This is the only time service-dffgtsrthjkl.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Raiffeisen Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 78.142.209.111 78.142.209.111 | 209853 (VERIDYEN ...) (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi) | |
2 7 | 185.226.65.237 185.226.65.237 | 205053 (AWEB-ASN) (AWEB-ASN) | |
13 | 91.220.172.27 91.220.172.27 | 41694 (RB-HU-AS) (RB-HU-AS) | |
3 6 | 91.220.172.1 91.220.172.1 | 41694 (RB-HU-AS) (RB-HU-AS) | |
23 | 5 |
ASN209853 (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi, TR)
PTR: agena.veridyen.com
avucan.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
raiffeisen.hu
3 redirects
sso.raiffeisen.hu www.raiffeisen.hu |
931 KB |
7 |
service-dffgtsrthjkl.com
2 redirects
service-dffgtsrthjkl.com |
21 KB |
1 |
avucan.com
avucan.com |
319 B |
23 | 3 |
Domain | Requested by | |
---|---|---|
13 | sso.raiffeisen.hu |
service-dffgtsrthjkl.com
sso.raiffeisen.hu |
7 | service-dffgtsrthjkl.com |
2 redirects
avucan.com
service-dffgtsrthjkl.com |
6 | www.raiffeisen.hu |
3 redirects
service-dffgtsrthjkl.com
|
1 | avucan.com | |
23 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.raiffeisen.hu |
direktnet.raiffeisen.hu |
Subject Issuer | Validity | Valid | |
---|---|---|---|
service-dffgtsrthjkl.com cPanel, Inc. Certification Authority |
2020-09-21 - 2020-12-20 |
3 months | crt.sh |
sso.raiffeisen.hu GeoTrust EV RSA CA 2018 |
2019-09-13 - 2021-09-12 |
2 years | crt.sh |
www.raiffeisen.hu GeoTrust EV RSA CA 2018 |
2019-07-02 - 2021-06-03 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/
Frame ID: 791FA89035051918AA8C466AFAFF3D53
Requests: 23 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://avucan.com/aspx.php Page URL
-
https://service-dffgtsrthjkl.com/dirkt.raif/index.php
HTTP 302
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279 HTTP 301
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/ Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Bootstrap (Web Frameworks) Expand
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
LiteSpeed (Web Servers) Expand
Detected patterns
- headers server /^LiteSpeed$/i
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Hírek
Search URL Search Domain Scan URL
Title: Útmutató a bejelentkezéshez és aktiváláshoz
Search URL Search Domain Scan URL
Title: Internetbank felhasználói kézikönyv
Search URL Search Domain Scan URL
Title: Internetbank - Raiffeisen DirektNet
Search URL Search Domain Scan URL
Title: DirektNet demo magánszemély ügyfeleknek
Search URL Search Domain Scan URL
Title: DirektNet demo vállalati ügyfeleknek
Search URL Search Domain Scan URL
Title: Általános üzleti feltételek
Search URL Search Domain Scan URL
Title: Jogi nyilatkozatok
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://avucan.com/aspx.php Page URL
-
https://service-dffgtsrthjkl.com/dirkt.raif/index.php
HTTP 302
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279 HTTP 301
https://service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 12- https://www.raiffeisen.hu/sso_2_login_banner_960x340 HTTP 302
- https://www.raiffeisen.hu/documents/10165/1590567/sso_2_login_banner_960x340.jpg
- https://www.raiffeisen.hu/sso_1_login_banner_960x340_en HTTP 302
- https://www.raiffeisen.hu/documents/10165/1590567/sso_1_login_960x340px_en.png
- https://www.raiffeisen.hu/sso_2_login_banner_960x340_en HTTP 302
- https://www.raiffeisen.hu/documents/10165/1590567/sso_2_login_960x340px_en.jpg
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
aspx.php
avucan.com/ |
108 B 319 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/ Redirect Chain
|
20 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
sso.raiffeisen.hu/sso/XUI/ |
497 KB 498 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AppConfiguration.js
sso.raiffeisen.hu/sso/XUI/config/ |
11 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ThemeConfiguration.js
sso.raiffeisen.hu/sso/XUI/config/ |
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
sso.raiffeisen.hu/sso/XUI/themes/rsso/css/ |
109 KB 109 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
structure.css
sso.raiffeisen.hu/sso/XUI/css/ |
87 KB 88 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
theme-rsso.css
sso.raiffeisen.hu/sso/XUI/themes/rsso/css/ |
4 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rbsso.css
sso.raiffeisen.hu/sso/XUI/themes/rsso/css/ |
23 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Footer.js
sso.raiffeisen.hu/sso/XUI/org/forgerock/openam/ui/common/components/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LoginHeader.js
sso.raiffeisen.hu/sso/XUI/org/forgerock/commons/ui/common/components/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.jpg
sso.raiffeisen.hu/sso/XUI/themes/rsso/images/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
letter.jpg
sso.raiffeisen.hu/sso/XUI/themes/rsso/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sso_2_login_banner_960x340.jpg
www.raiffeisen.hu/documents/10165/1590567/ Redirect Chain
|
45 KB 46 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow_down.jpg
sso.raiffeisen.hu/sso/XUI/themes/rsso/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow_up.jpg
sso.raiffeisen.hu/sso/XUI/themes/rsso/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base64-1.0.0-min.js
service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/libs/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
requirejs-2.1.14-min.js
service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/libs/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sso_1_login_960x340px_en.png
www.raiffeisen.hu/documents/10165/1590567/ Redirect Chain
|
58 KB 59 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sso_2_login_960x340px_en.jpg
www.raiffeisen.hu/documents/10165/1590567/ Redirect Chain
|
70 KB 71 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base64-1.0.0-min.js
service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/libs/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Roboto-Regular.ttf
sso.raiffeisen.hu/sso/XUI/themes/rsso/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
requirejs-2.1.14-min.js
service-dffgtsrthjkl.com/dirkt.raif/d2017fc44d89d4e2a9268b29c195f279/libs/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- sso.raiffeisen.hu
- URL
- https://sso.raiffeisen.hu/sso/XUI/themes/rsso/fonts/Roboto-Regular.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Raiffeisen Bank (Banking)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes function| changeLng function| getCookie function| changeLngText function| createBanner function| clickArea function| validateForm function| validateInputField function| validatePasswordFields function| openBannerLink object| require undefined| _typeof0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
avucan.com
service-dffgtsrthjkl.com
sso.raiffeisen.hu
www.raiffeisen.hu
sso.raiffeisen.hu
185.226.65.237
78.142.209.111
91.220.172.1
91.220.172.27
0717340118bc896d063190154e53ca4377e1902ea8279f76e4f1b9b2e4ef20c8
0b9d13d5690b53ec4fe0b02209c487ff0552952633805a22b6eddb94bc6291ea
0d8d5ca805cf82ab4e6f195b3d73f74b818e3e716186493a5c5b9e26290d3fc1
17e5c830fc409e98e7647eaa5b5ebf6f0c682ae83da4399622ffcf8cf3ca9642
191cbf6625670a91d1b6bd273572762e97f56e9ea9103adecd88d13ece0d0126
25e16461f26bc4b49ac990fde0d412634ed2c048e15b4db7027e5ef67bbde779
53ca2d953a5d8c48b468ee55d9b64223ed1b37ee221a9dfe308e10c55ad3db90
65dc51e090866b9fd5f12961fa4adc0098448baf94b0038987b93ebfade4c9c2
7574ff7e0c4518fb90222cef12b0d2f1afe17f23852f2b4c47cddfc79f1c2745
90da3d722cd2a3dc2c63b965fd4f3c651e7c8057c16bc83efcca4b992215468f
9420156d444c865825ead3b53189551061b7d5c14a54e1939658866f7059f758
a12b918de03244a0d1a86980907336d97a72a443f5a9d0dab91a2e77691ad317
a5a935fa780fa290efbd34e1580876462619ccd71bb664c45b41dc53329e8767
b1f6129a9cfdf5d953553d6a0f2ece97abab9b2c8fd7240faef98c4aeaa85979
bb48c865c64f125eb13bfa60b59cbf9333c834869ef2e6c7129daad6cf7e2c63
d1bfefae8013a12c42cead9d1da250a76ebf14bcd06eb3c30c52a6417797471a
e4c8b05d681b1d22b1aa3d6812ee4df8f11a8e91668ed8b6ee26c4297f4741b4
fcb9dc9bf9c04f9f2891ac83bce8e7ff41f5b1776f7d9c5f3a9e171052e30723