m-p-s-v-gov.info
Open in
urlscan Pro
185.104.45.154
Malicious Activity!
Public Scan
Submission: On January 30 via manual from CZ — Scanned from DE
Summary
TLS certificate: Issued by R3 on January 29th 2023. Valid for: 3 months.
This is the only time m-p-s-v-gov.info was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Community Verdicts: Malicious — 1 votes Show Verdicts
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
20 | 185.104.45.154 185.104.45.154 | 200000 (UKRAINE-AS) (UKRAINE-AS) | |
1 | 2a00:1450:400... 2a00:1450:400d:80c::200a | 15169 (GOOGLE) (GOOGLE) | |
21 | 2 |
ASN200000 (UKRAINE-AS, UA)
PTR: web377.default-host.net
m-p-s-v-gov.info |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
m-p-s-v-gov.info
m-p-s-v-gov.info |
1 MB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 295 |
30 KB |
21 | 2 |
Domain | Requested by | |
---|---|---|
20 | m-p-s-v-gov.info |
m-p-s-v-gov.info
|
1 | ajax.googleapis.com |
m-p-s-v-gov.info
|
21 | 2 |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.m-p-s-v-gov.info R3 |
2023-01-29 - 2023-04-29 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-01-09 - 2023-04-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://m-p-s-v-gov.info/rb/index.php?id=176
Frame ID: 4820043DA2EE1D54ACD37ABF5969B152
Requests: 21 HTTP requests in this frame
Screenshot
Page Title
RaiffeisenbankDetected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: .a { fill: #1a1919; } .a, .b { fill-rule: evenodd; } .b { fill: #fee600; }
Search URL Search Domain Scan URL
Title: Kontakty
Search URL Search Domain Scan URL
Title: Bezpečnost
Search URL Search Domain Scan URL
Title: Nápověda
Search URL Search Domain Scan URL
Title: RB klíč
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index.php
m-p-s-v-gov.info/rb/ |
30 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ruxitagentjs_ICA27NVfgjqrux_10217210531114014.js
m-p-s-v-gov.info/rb/rb_css_icon_2/ |
228 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.41aaeb67c441ea25.css
m-p-s-v-gov.info/rb/rb_css_icon_2/ |
665 KB 88 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gib-fragments.css
m-p-s-v-gov.info/rb/rb_css_icon_2/ |
239 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie-wall.js
m-p-s-v-gov.info/rb/rb_css_icon_2/ |
590 KB 154 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login_fish.png
m-p-s-v-gov.info/rb/rb_css_icon_2/ |
32 KB 33 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.892ba7ec3cdddc43.js
m-p-s-v-gov.info/rb/rb_css_icon_2/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfills.00402c2e5e3c967c.js
m-p-s-v-gov.info/rb/rb_css_icon_2/ |
37 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.75ee292b454a9ae6.js
m-p-s-v-gov.info/rb/rb_css_icon_2/ |
70 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.f0a0700b6752a83a.js
m-p-s-v-gov.info/rb/rb_css_icon_2/ |
846 KB 230 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.2d51b8dd3024a4df.js
m-p-s-v-gov.info/rb/rb_css_icon_2/ |
440 KB 90 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Amalia-Regular.ab82a771649b53bc.otf
m-p-s-v-gov.info/rb/rb_css_icon_2/ |
134 KB 135 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rb-iconfont.aa2dd6032efbb35d.ttf
m-p-s-v-gov.info/rb/rb_css_icon_2/ |
230 KB 230 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Amalia-Medium.11e23baac77f5042.otf
m-p-s-v-gov.info/rb/rb_css_icon_2/ |
135 KB 135 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Amalia-Black.b40c3c8b29c4f380.otf
m-p-s-v-gov.info/rb/rb_css_icon_2/ |
137 KB 137 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Amalia-Bold.1828c420aa8911c2.otf
m-p-s-v-gov.info/rb/rb_css_icon_2/ |
137 KB 137 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-phone-footer.5eb4f9663409977c.png
m-p-s-v-gov.info/rb/rb_css_icon_2/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-mail-info-footer.f5f998d3f7c656c3.png
m-p-s-v-gov.info/rb/rb_css_icon_2/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
rb_b39968db-7b60-43bf-addb-908646178f3d
m-p-s-v-gov.info/gaas/ |
196 B 318 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
rb_b39968db-7b60-43bf-addb-908646178f3d
m-p-s-v-gov.info/gaas/ |
196 B 317 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Malicious
page.url
Submitted on
January 30th 2023, 5:49:52 pm
UTC —
From Czech Republic
Threats:
Phishing
Comment: Phishing site targeting Raiffeisen bank CZ, does not seem to be geofenced
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
235 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange object| dT_ object| dtrum function| $ object| webpackChunkangular_standalone_cookie_wall function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__legacyPatch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched object| webpackJsonpRbczLogin number| base number| v_length string| v_hexstr number| hLen function| Pkey function| strToHex function| hexToDec function| decToHex function| int2str function| hexToStr function| hex2binb function| fncXOR function| MGF function| OS2IP function| I2OSP function| RSAEP function| toOpokornyBCD function| rsaesOaepEnrypt function| PINBLOB function| inverseModInt function| negative function| greaterShift function| greater function| divide function| carry function| modInt function| int2bigInt function| str2bigInt function| isZero function| bigInt2str function| dup function| copy function| copyInt function| addInt function| rightShift function| leftShift function| multInt function| divInt function| linCombShift function| addShift function| subShift function| sub function| mod function| multMod function| powMod function| mont number| hexcase number| chrsz function| hex_sha1 function| str_sha1 function| core_sha1 function| sha1_ft function| sha1_kt function| safe_add function| rol function| str2binb function| binb2hex function| binb2str object| trask object| TA object| PluginDetect function| aotpLog object| __zone_symbol__loadfalse function| AuthMinderPlugin function| StoreBase function| StoreString function| StoreImplCookies function| StoreImplLocalStorage function| StoreImplPlugin function| StoreImplUserData object| _rmclient_instance_ object| arcotrf number| FLASH_REQ_VERSION_MAJ number| FLASH_REQ_VERSION_MIN number| FLASH_REQ_VERSION_REV object| ca function| __zone_symbol__ON_PROPERTYresize object| __zone_symbol__resizefalse number| gmescDefaultNumberOfIterations number| gmescDefaultCalibrationDuration number| gmescDefaultIntervalDelay object| RMLogger boolean| flashLoaded function| flashReadyCallback function| checkFlashLoaded function| TimePeriod function| TimeSpan object| angular function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.m-p-s-v-gov.info/ | Name: dtCookie Value: v_4_srv_-2D33_sn_VU00U8NSH7K6HID7FI069BHCA9KGAJD0 |
|
.m-p-s-v-gov.info/ | Name: rxVisitor Value: 1675100853042M68L2M5HUSAHTJ7L6MU0362RK3T7JPSH |
|
.m-p-s-v-gov.info/ | Name: dtSa Value: - |
|
.m-p-s-v-gov.info/ | Name: dtLatC Value: 65 |
|
.m-p-s-v-gov.info/ | Name: rxvt Value: 1675102655502|1675100853043 |
|
.m-p-s-v-gov.info/ | Name: dtPC Value: -33$500853039_241h-vTNVOCJFLALHCOHNKRIKOQRHTFFDKAALV-0 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
m-p-s-v-gov.info
185.104.45.154
2a00:1450:400d:80c::200a
0774cb1ee16432c6be1c0f348f6e4745dc89e42d51cb52ebc33f7f94ea3361a1
0ee076fb765d7807b041a3a2685e7f052697c8a98db482ad12cd2a3135a3caaa
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8d19776201c1b27a36e75ade54382d197e2d3a9cf5a0fbbcd50484fa368e4740
8e485f1efb8ac4732b3de63abe08a48541ecb0d0a1048f425c90deba2f66f621
91de1005a9207f14ecfb3926c4d6b6bcaca2b3f0304d25185ad3f7f7d7abba06
945c79d14bb4f553651762a70a28818267b5a3ec84972396c09d7e9b7f1ed896
a2924179074e5e509f516906e20ef4ef2754c276dacbb1ceb1833a6f45b4a123
aa71753b1f769dab3a56d7def8d3292bfb5732823d7eee83fcf6ec2515112346
ac3693a04e27d10baba6388416aca8b8d7f46c6a3bc4b77facfe2d3fdaafabf3
ad75b3203de13d24befe5f9ae4022683aa77d2f2573a21b525d2ac94db90647e
b99e4045a096765acedf59b82ebdef2015f3e6d6b3895ba149d79b42211785bd
bf9656563129549a40e992ada1777bc286b32f94bc326bb4ad989bf3d5910ff5
c20dc8556a777c40ea7ae80db7fa1193b04e10093b0f9f9a1b934a7800ced635
c2c7e7463f437f7b4369eb3f00118844d14537b896f8bbe3d2a185cada07900e
c9b82a008c17eb547ed2993d77b1ae642f4c7743f85b6b5f1fb897996182a888
d098b939c8847f5d9f8d24c9e299aa8403a1c207515c68153a39211254f5f8d1
e97a89693a5ca035fdeddf44dbf78795b2a5e85fa5e5c73a2e68ad08dd6285ed
f75f3975efde8bef5c0c062b9b283eab6d3c7be801898495e0ba4a477707fd98