protivaeducation.com Open in urlscan Pro
144.91.74.140 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://protivaeducation.com/George.html
Submission: On September 17 via manual (September 17th 2021, 8:08:41 am UTC) from HU — Scanned from DE

Summary HTTP 25 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 25 HTTP transactions. The main IP is 144.91.74.140, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is protivaeducation.com.
TLS certificate: Issued by R3 on September 5th 2021. Valid for: 3 months.

This is the only time protivaeducation.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Erste Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
18	144.91.74.140 144.91.74.140	51167 (CONTABO) (CONTABO)
1 8	213.150.2.151 213.150.2.151	12895 (IT-AUSTRI...) (IT-AUSTRIA Vienna)
25	3

18 144.91.74.140 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: edge.intelwebhost.net

protivaeducation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 213.150.2.151 (Vienna, Austria) 1 redirects

ASN12895 (IT-AUSTRIA Vienna, Austria, AT)

www.erstebank.hu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	protivaeducation.com protivaeducation.com	1 MB
8	erstebank.hu 1 redirects www.erstebank.hu	904 KB
25	2

	Domain	Requested by
18	protivaeducation.com	protivaeducation.com
8	www.erstebank.hu	1 redirects protivaeducation.com www.erstebank.hu
25	2

This site contains links to these domains. Also see Links.

Domain
www.erstebank.hu

Subject Issuer	Validity	Valid
protivaeducation.com R3	`2021-09-05` - `2021-12-04`	3 months	crt.sh
www.erstebank.hu NetLock Üzleti (Class B) Tanúsítványkiadó	`2021-08-16` - `2022-08-16`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://protivaeducation.com/George.html
Frame ID: B0B9BC3F81678D6E523055D6313C035A
Requests: 19 HTTP requests in this frame

Frame: https://www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/index.html
Frame ID: 6F762D83E1B336089654F9832503FBB4
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

George

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Page Statistics

25
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1951 kB
Transfer

1944 kB
Size

6
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.erstebank.hu/hu/ebh-nyito/mindennapi-penzugyek/elektronikus-szolgaltatasok/erste-telebank
Title: TeleBank

Search URL Search Domain Scan URL

URL: http://www.erstebank.hu/hu/biztonsagi-tanacs-netbank-ugyfelek-szamara
Title: Security advice

Search URL Search Domain Scan URL

URL: https://www.erstebank.hu/
Title: www.erstebank.hu

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://www.erstebank.hu/hu/george-login-en HTTP 301
https://www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/index.html

25 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request George.html Show response
protivaeducation.com/ 8 KB
8 KB 62ms
11ms Document
text/html 144.91.74.140
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://protivaeducation.com/George.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.74.140 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: edge.intelwebhost.net
Software: Apache /
Resource Hash: d049226515b666d81d2c65cbf028c1db5e299501f4fb5e96d12397fe3c671bab

Request headers

Host: protivaeducation.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Fri, 17 Sep 2021 08:08:36 GMT
Server: Apache
Last-Modified: Wed, 28 Apr 2021 21:54:34 GMT
Accept-Ranges: bytes
Content-Length: 8351
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK ruxitagentjs_ICA2SVfjqru_10207210127152629.js Show response
protivaeducation.com/George_files/ 184 KB
184 KB 11ms
11ms Script
application/javascript 144.91.74.140
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://protivaeducation.com/George_files/ruxitagentjs_ICA2SVfjqru_10207210127152629.js
Requested by: Host: protivaeducation.com
URL: https://protivaeducation.com/George.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.74.140 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: edge.intelwebhost.net
Software: Apache /
Resource Hash: 2dc7fe4a784ab88299a6ea0c88a3406cb1a71db3937ad1fc31d4c00be47586dd

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: protivaeducation.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://protivaeducation.com/George.html
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://protivaeducation.com/George.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 08:08:36 GMT
Last-Modified: Wed, 28 Apr 2021 21:52:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 188637

GET
H/1.1 200
OK main.js Show response
protivaeducation.com/George_files/ 452 KB
452 KB 35ms
11ms Script
application/javascript 144.91.74.140
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://protivaeducation.com/George_files/main.js
Requested by: Host: protivaeducation.com
URL: https://protivaeducation.com/George.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.74.140 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: edge.intelwebhost.net
Software: Apache /
Resource Hash: 5ccd1db80b06a54230b9110761aa4a58f57f5c742cbc82e94dac16258235f3eb

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: protivaeducation.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://protivaeducation.com/George.html
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://protivaeducation.com/George.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 08:08:36 GMT
Last-Modified: Wed, 28 Apr 2021 21:52:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 462672

GET
H/1.1 200
OK AppConfiguration.js Show response
protivaeducation.com/George_files/ 13 KB
13 KB 14ms
14ms Script
application/javascript 144.91.74.140
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://protivaeducation.com/George_files/AppConfiguration.js
Requested by: Host: protivaeducation.com
URL: https://protivaeducation.com/George.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.74.140 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: edge.intelwebhost.net
Software: Apache /
Resource Hash: a22066e226be4c303c158b0e6e0c1b4a17eab81aacc7c99109961eddc63b11b5

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: protivaeducation.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://protivaeducation.com/George.html
Cookie: dtCookie=-10$6RCD9PQBLQBFRSF7O2EK2K2HIU36382J; rxVisitor=1631866116148G37J4NPBEU5C009FQOO5VL7UQ1FV0HOR; dtSa=-; dtLatC=26; rxvt=1631867916157|1631866116149; dtPC=-10$466116144_227h1vFRHKKAPCROJSDOGJRPTRBPHOFWCKGPMP-0e1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://protivaeducation.com/George.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 08:08:36 GMT
Last-Modified: Wed, 28 Apr 2021 21:52:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 12997

GET
H/1.1 200
OK ThemeConfiguration.js Show response
protivaeducation.com/George_files/ 8 KB
9 KB 13ms
12ms Script
application/javascript 144.91.74.140
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://protivaeducation.com/George_files/ThemeConfiguration.js
Requested by: Host: protivaeducation.com
URL: https://protivaeducation.com/George.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.74.140 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: edge.intelwebhost.net
Software: Apache /
Resource Hash: d5949838923cc110a1ecbae7aad65d703bb7ccc61003e11cf47f76d1e4a637ac

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: protivaeducation.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://protivaeducation.com/George.html
Cookie: dtCookie=-10$6RCD9PQBLQBFRSF7O2EK2K2HIU36382J; rxVisitor=1631866116148G37J4NPBEU5C009FQOO5VL7UQ1FV0HOR; dtSa=-; dtLatC=26; rxvt=1631867916157|1631866116149; dtPC=-10$466116144_227h1vFRHKKAPCROJSDOGJRPTRBPHOFWCKGPMP-0e1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://protivaeducation.com/George.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 08:08:36 GMT
Last-Modified: Wed, 28 Apr 2021 21:52:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 8696

GET
H/1.1 200
OK bootstrap.css
protivaeducation.com/George_files/ 158 KB
158 KB 30ms
11ms Stylesheet
text/css 144.91.74.140
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://protivaeducation.com/George_files/bootstrap.css
Requested by: Host: protivaeducation.com
URL: https://protivaeducation.com/George.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.74.140 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: edge.intelwebhost.net
Software: Apache /
Resource Hash: db5bd855f43dccd056953e442ad88e2e99a9dfd1dca243f89ba492da96bc67f6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: protivaeducation.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://protivaeducation.com/George.html
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://protivaeducation.com/George.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 08:08:36 GMT
Last-Modified: Wed, 28 Apr 2021 21:52:58 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 161992

GET
H/1.1 200
OK inter.css
protivaeducation.com/George_files/ 6 KB
6 KB 33ms
10ms Stylesheet
text/css 144.91.74.140
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://protivaeducation.com/George_files/inter.css
Requested by: Host: protivaeducation.com
URL: https://protivaeducation.com/George.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.74.140 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: edge.intelwebhost.net
Software: Apache /
Resource Hash: f2184b65d973bceb7298c079fe46cb9cad62c9067a5f3b13e016c3b1eb35304b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: protivaeducation.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://protivaeducation.com/George.html
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://protivaeducation.com/George.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 08:08:36 GMT
Last-Modified: Wed, 28 Apr 2021 21:52:58 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6113

GET
H/1.1 200
OK gds-main.css
protivaeducation.com/George_files/ 175 KB
175 KB 33ms
11ms Stylesheet
text/css 144.91.74.140
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://protivaeducation.com/George_files/gds-main.css
Requested by: Host: protivaeducation.com
URL: https://protivaeducation.com/George.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.74.140 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: edge.intelwebhost.net
Software: Apache /
Resource Hash: c34279ccec1a6dcd60207ad677232d168b33b2f85f5b325bf75dec1a6bf0e0b2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: protivaeducation.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://protivaeducation.com/George.html
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://protivaeducation.com/George.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 08:08:36 GMT
Last-Modified: Wed, 28 Apr 2021 21:52:58 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 178705

GET
H/1.1 200
OK erste.css
protivaeducation.com/George_files/ 10 KB
10 KB 34ms
11ms Stylesheet
text/css 144.91.74.140
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://protivaeducation.com/George_files/erste.css
Requested by: Host: protivaeducation.com
URL: https://protivaeducation.com/George.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.74.140 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: edge.intelwebhost.net
Software: Apache /
Resource Hash: df493cf3045105b4a5348f2dde953b55dca337df46c11288c3bf3534487a7676

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: protivaeducation.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://protivaeducation.com/George.html
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://protivaeducation.com/George.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 08:08:36 GMT
Last-Modified: Wed, 28 Apr 2021 21:52:58 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 9731

GET
H/1.1 200
OK Footer.js Show response
protivaeducation.com/George_files/ 1 KB
2 KB 12ms
11ms Script
application/javascript 144.91.74.140
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://protivaeducation.com/George_files/Footer.js
Requested by: Host: protivaeducation.com
URL: https://protivaeducation.com/George.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.74.140 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: edge.intelwebhost.net
Software: Apache /
Resource Hash: a735b1c43fd61434d79b1dba7e830a0457f7160175a8b3aa6ed5592f17832730

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: protivaeducation.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://protivaeducation.com/George.html
Cookie: dtCookie=-10$6RCD9PQBLQBFRSF7O2EK2K2HIU36382J; rxVisitor=1631866116148G37J4NPBEU5C009FQOO5VL7UQ1FV0HOR; dtSa=-; dtLatC=26; rxvt=1631867916157|1631866116149; dtPC=-10$466116144_227h1vFRHKKAPCROJSDOGJRPTRBPHOFWCKGPMP-0e1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://protivaeducation.com/George.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 08:08:36 GMT
Last-Modified: Wed, 28 Apr 2021 21:52:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1407

GET
H/1.1 200
OK LoginHeader.js Show response
protivaeducation.com/George_files/ 1 KB
1 KB 11ms
10ms Script
application/javascript 144.91.74.140
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://protivaeducation.com/George_files/LoginHeader.js
Requested by: Host: protivaeducation.com
URL: https://protivaeducation.com/George.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.74.140 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: edge.intelwebhost.net
Software: Apache /
Resource Hash: a12b918de03244a0d1a86980907336d97a72a443f5a9d0dab91a2e77691ad317

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: protivaeducation.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://protivaeducation.com/George.html
Cookie: dtCookie=-10$6RCD9PQBLQBFRSF7O2EK2K2HIU36382J; rxVisitor=1631866116148G37J4NPBEU5C009FQOO5VL7UQ1FV0HOR; dtSa=-; dtLatC=26; rxvt=1631867916157|1631866116149; dtPC=-10$466116144_227h1vFRHKKAPCROJSDOGJRPTRBPHOFWCKGPMP-0e1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://protivaeducation.com/George.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 08:08:36 GMT
Last-Modified: Wed, 28 Apr 2021 21:52:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1069

GET
H/1.1 200
OK flag-hu.png
protivaeducation.com/George_files/ 177 B
418 B 14ms
12ms Image
image/png 144.91.74.140
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protivaeducation.com/George_files/flag-hu.png
Requested by: Host: protivaeducation.com
URL: https://protivaeducation.com/George.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.74.140 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: edge.intelwebhost.net
Software: Apache /
Resource Hash: 5e69f28fccb728fdce3c2a06e427b7e53840f445142748f42a9a313061f206d7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: protivaeducation.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://protivaeducation.com/George.html
Cookie: dtCookie=-10$6RCD9PQBLQBFRSF7O2EK2K2HIU36382J; rxVisitor=1631866116148G37J4NPBEU5C009FQOO5VL7UQ1FV0HOR; dtSa=-; dtLatC=26; rxvt=1631867916157|1631866116149; dtPC=-10$466116144_227h1vFRHKKAPCROJSDOGJRPTRBPHOFWCKGPMP-0e1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://protivaeducation.com/George.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 08:08:36 GMT
Last-Modified: Wed, 28 Apr 2021 21:52:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 177

GET
H/1.1 200
OK flag-en.png
protivaeducation.com/George_files/ 685 B
926 B 13ms
11ms Image
image/png 144.91.74.140
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protivaeducation.com/George_files/flag-en.png
Requested by: Host: protivaeducation.com
URL: https://protivaeducation.com/George.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.74.140 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: edge.intelwebhost.net
Software: Apache /
Resource Hash: cb01050ed50446c64cbd3077f8f7825bcf070a5e1ebaf2a8441a63b020063d77

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: protivaeducation.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://protivaeducation.com/George.html
Cookie: dtCookie=-10$6RCD9PQBLQBFRSF7O2EK2K2HIU36382J; rxVisitor=1631866116148G37J4NPBEU5C009FQOO5VL7UQ1FV0HOR; dtSa=-; dtLatC=26; rxvt=1631867916157|1631866116149; dtPC=-10$466116144_227h1vFRHKKAPCROJSDOGJRPTRBPHOFWCKGPMP-0e1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://protivaeducation.com/George.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 08:08:36 GMT
Last-Modified: Wed, 28 Apr 2021 21:52:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 685

GET
H/1.1 200
OK e-logo.png
protivaeducation.com/George_files/ 11 KB
11 KB 12ms
11ms Image
image/png 144.91.74.140
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protivaeducation.com/George_files/e-logo.png
Requested by: Host: protivaeducation.com
URL: https://protivaeducation.com/George.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.74.140 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: edge.intelwebhost.net
Software: Apache /
Resource Hash: 4b8697eb07dd220b2ee9ee52c37267db8b5af22323ac601604a03cc0bb3b608d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: protivaeducation.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://protivaeducation.com/George.html
Cookie: dtCookie=-10$6RCD9PQBLQBFRSF7O2EK2K2HIU36382J; rxVisitor=1631866116148G37J4NPBEU5C009FQOO5VL7UQ1FV0HOR; dtSa=-; dtLatC=26; rxvt=1631867916157|1631866116149; dtPC=-10$466116144_227h1vFRHKKAPCROJSDOGJRPTRBPHOFWCKGPMP-0e1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://protivaeducation.com/George.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 08:08:36 GMT
Last-Modified: Wed, 28 Apr 2021 21:52:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 11298

GET
H/1.1 200
OK requirejs-2.js Show response
protivaeducation.com/George_files/ 15 KB
15 KB 12ms
11ms Script
application/javascript 144.91.74.140
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://protivaeducation.com/George_files/requirejs-2.js
Requested by: Host: protivaeducation.com
URL: https://protivaeducation.com/George.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.74.140 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: edge.intelwebhost.net
Software: Apache /
Resource Hash: 6a42861ce35463d2c190294968c193050b5b68e8674f44bf51c48f8d4669e602

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: protivaeducation.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://protivaeducation.com/George.html
Cookie: dtCookie=-10$6RCD9PQBLQBFRSF7O2EK2K2HIU36382J; rxVisitor=1631866116148G37J4NPBEU5C009FQOO5VL7UQ1FV0HOR; dtSa=-; dtLatC=26; rxvt=1631867916157|1631866116149; dtPC=-10$466116144_227h1vFRHKKAPCROJSDOGJRPTRBPHOFWCKGPMP-0e1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://protivaeducation.com/George.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 08:08:36 GMT
Last-Modified: Wed, 28 Apr 2021 21:52:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 15220

GET
H/1.1

200
OK

index.html Show response
www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/ Frame 6F76
Redirect Chain

https://www.erstebank.hu/hu/george-login-en
https://www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/index.html

4 KB
2 KB

41ms
41ms

Document
text/html

213.150.2.151
IT-AUSTRIA Vienna

General

Check archive.org

Show headers Download Go to

Full URL

https://www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/index.html

Requested by

Host: protivaeducation.com
URL: https://protivaeducation.com/George.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

213.150.2.151 Vienna, Austria, ASN12895 (IT-AUSTRIA Vienna, Austria, AT),

Reverse DNS

Software

Apache / 9

Resource Hash

679ed8aa3bb2e125bd678634ab166bf671093bab8acd8eb65f4428ec0d6bb2f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.erstebank.hu
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://protivaeducation.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://protivaeducation.com/

Response headers

Date: Fri, 17 Sep 2021 08:08:36 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept, Accept-Language, Authorization, Client-Accept-Language, Content-Type, X-REQUEST-ID, X-GEORGE-API-VERSION, X-GEORGE-USER, X-ebsapi-Authentication, X-ebsapi-Accept, Range
Access-Control-Max-Age: 3600
Access-Control-Expose-Headers: content-disposition
X-Powered-By: 9
X-Robots-Tag: noindex
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: br
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Service-Worker-Allowed: /
Content-Length: 936
Keep-Alive: timeout=60, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

Redirect headers

Date: Fri, 17 Sep 2021 08:08:36 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept, Accept-Language, Authorization, Client-Accept-Language, Content-Type, X-REQUEST-ID, X-GEORGE-API-VERSION, X-GEORGE-USER, X-ebsapi-Authentication, X-ebsapi-Accept, Range
Access-Control-Max-Age: 3600
Access-Control-Expose-Headers: content-disposition
X-Powered-By: 9
Location: https://www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/index.html
Content-Length: 366
Keep-Alive: timeout=60, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e5d7aa86d39af73f6e081f366ad9ed221435b7c1703b29d8e0731f5ba4090f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H/1.1 404
Not Found Inter-roman.var.woff2
protivaeducation.com/font/interfont/ 0
0 12ms
12ms Font
text/html 144.91.74.140
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://protivaeducation.com/font/interfont/Inter-roman.var.woff2
Requested by: Host: protivaeducation.com
URL: https://protivaeducation.com/George_files/inter.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.74.140 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: edge.intelwebhost.net
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://protivaeducation.com
Accept-Encoding: gzip, deflate, br
Host: protivaeducation.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://protivaeducation.com/George_files/inter.css
Cookie: dtCookie=-10$6RCD9PQBLQBFRSF7O2EK2K2HIU36382J; rxVisitor=1631866116148G37J4NPBEU5C009FQOO5VL7UQ1FV0HOR; dtSa=-; dtLatC=26; dtPC=-10$466116144_227h1vFRHKKAPCROJSDOGJRPTRBPHOFWCKGPMP-0e1; rxvt=1631867916223|1631866116149
Connection: keep-alive
Referer: https://protivaeducation.com/George_files/inter.css
Origin: https://protivaeducation.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 08:08:36 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK user.png
www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/ Frame 6F76 806 KB
807 KB 31ms
31ms Image
image/png 213.150.2.151
IT-AUSTRIA Vienna

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/user.png

Requested by

Host: www.erstebank.hu
URL: https://www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

213.150.2.151 Vienna, Austria, ASN12895 (IT-AUSTRIA Vienna, Austria, AT),

Reverse DNS

Software

Apache / 9

Resource Hash

0f0a0402df708e292ff25789604e5037d448e0d4b2e4abdb2e5217e2fdbd503b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 08:08:36 GMT
X-Content-Type-Options: nosniff
X-Powered-By: 9
Access-Control-Max-Age: 3600
Connection: Keep-Alive
Content-Length: 824980
X-XSS-Protection: 1; mode=block
Service-Worker-Allowed: /
Access-Control-Allow-Headers: Accept, Accept-Language, Authorization, Client-Accept-Language, Content-Type, X-REQUEST-ID, X-GEORGE-API-VERSION, X-GEORGE-USER, X-ebsapi-Authentication, X-ebsapi-Accept, Range
Last-Modified: Thu, 04 Mar 2021 13:33:14 GMT
Server: Apache
ETag: "c9694-5bcb602681a80"
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: image/png
Access-Control-Expose-Headers: content-disposition
Cache-Control: max-age=2592000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=98
Expires: Sun, 17 Oct 2021 08:08:36 GMT

GET
H/1.1 200
OK logo.png
www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/ Frame 6F76 31 KB
32 KB 81ms
26ms Image
image/png 213.150.2.151
IT-AUSTRIA Vienna

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/logo.png

Requested by

Host: www.erstebank.hu
URL: https://www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

213.150.2.151 Vienna, Austria, ASN12895 (IT-AUSTRIA Vienna, Austria, AT),

Reverse DNS

Software

Apache / 9

Resource Hash

86438e8bd1a3d2543c5b45639a4f5432532c7eebc75ab0c3bb2d6f1a9a5132a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 08:08:36 GMT
X-Content-Type-Options: nosniff
X-Powered-By: 9
Access-Control-Max-Age: 3600
Connection: Upgrade, Keep-Alive
Content-Length: 31525
X-XSS-Protection: 1; mode=block
Service-Worker-Allowed: /
Access-Control-Allow-Headers: Accept, Accept-Language, Authorization, Client-Accept-Language, Content-Type, X-REQUEST-ID, X-GEORGE-API-VERSION, X-GEORGE-USER, X-ebsapi-Authentication, X-ebsapi-Accept, Range
Last-Modified: Wed, 17 Feb 2021 08:50:39 GMT
Server: Apache
ETag: "7b25-5bb845030b5c0"
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Upgrade: h2
Access-Control-Expose-Headers: content-disposition
Cache-Control: max-age=2592000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=60, max=100
Expires: Sun, 17 Oct 2021 08:08:36 GMT

GET
H/1.1 200
OK phone_screen_1.png
www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/ Frame 6F76 11 KB
12 KB 97ms
42ms Image
image/png 213.150.2.151
IT-AUSTRIA Vienna

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/phone_screen_1.png

Requested by

Host: www.erstebank.hu
URL: https://www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

213.150.2.151 Vienna, Austria, ASN12895 (IT-AUSTRIA Vienna, Austria, AT),

Reverse DNS

Software

Apache / 9

Resource Hash

75915cf3664e1bd67bddd4578866e46f20d5abc6cb8d0b7dc46859f8d87bf7fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 08:08:36 GMT
X-Content-Type-Options: nosniff
X-Powered-By: 9
Access-Control-Max-Age: 3600
Connection: Upgrade, Keep-Alive
Content-Length: 11407
X-XSS-Protection: 1; mode=block
Service-Worker-Allowed: /
Access-Control-Allow-Headers: Accept, Accept-Language, Authorization, Client-Accept-Language, Content-Type, X-REQUEST-ID, X-GEORGE-API-VERSION, X-GEORGE-USER, X-ebsapi-Authentication, X-ebsapi-Accept, Range
Last-Modified: Thu, 04 Mar 2021 13:34:39 GMT
Server: Apache
ETag: "2c8f-5bcb6077919c0"
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Upgrade: h2
Access-Control-Expose-Headers: content-disposition
Cache-Control: max-age=2592000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=60, max=100
Expires: Sun, 17 Oct 2021 08:08:36 GMT

GET
H/1.1 200
OK phone_screen_2.png
www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/ Frame 6F76 16 KB
17 KB 99ms
44ms Image
image/png 213.150.2.151
IT-AUSTRIA Vienna

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/phone_screen_2.png

Requested by

Host: www.erstebank.hu
URL: https://www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

213.150.2.151 Vienna, Austria, ASN12895 (IT-AUSTRIA Vienna, Austria, AT),

Reverse DNS

Software

Apache / 9

Resource Hash

6ea11275575fcbd6248a5c46320a2647bced4dae3fe27c1b63028b738b0477b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 08:08:36 GMT
X-Content-Type-Options: nosniff
X-Powered-By: 9
Access-Control-Max-Age: 3600
Connection: Upgrade, Keep-Alive
Content-Length: 16784
X-XSS-Protection: 1; mode=block
Service-Worker-Allowed: /
Access-Control-Allow-Headers: Accept, Accept-Language, Authorization, Client-Accept-Language, Content-Type, X-REQUEST-ID, X-GEORGE-API-VERSION, X-GEORGE-USER, X-ebsapi-Authentication, X-ebsapi-Accept, Range
Last-Modified: Thu, 04 Mar 2021 13:25:07 GMT
Server: Apache
ETag: "4190-5bcb5e56112c0"
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Upgrade: h2
Access-Control-Expose-Headers: content-disposition
Cache-Control: max-age=2592000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=60, max=100
Expires: Sun, 17 Oct 2021 08:08:36 GMT

GET
H/1.1 200
OK phone_screen_3.png
www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/ Frame 6F76 12 KB
13 KB 91ms
34ms Image
image/png 213.150.2.151
IT-AUSTRIA Vienna

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/phone_screen_3.png

Requested by

Host: www.erstebank.hu
URL: https://www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

213.150.2.151 Vienna, Austria, ASN12895 (IT-AUSTRIA Vienna, Austria, AT),

Reverse DNS

Software

Apache / 9

Resource Hash

577b716d58c6db02bfaa754c34bade3f5c818a2f1b1364232ae4b15fce22e41c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 08:08:36 GMT
X-Content-Type-Options: nosniff
X-Powered-By: 9
Access-Control-Max-Age: 3600
Connection: Upgrade, Keep-Alive
Content-Length: 11947
X-XSS-Protection: 1; mode=block
Service-Worker-Allowed: /
Access-Control-Allow-Headers: Accept, Accept-Language, Authorization, Client-Accept-Language, Content-Type, X-REQUEST-ID, X-GEORGE-API-VERSION, X-GEORGE-USER, X-ebsapi-Authentication, X-ebsapi-Accept, Range
Last-Modified: Thu, 04 Mar 2021 13:25:09 GMT
Server: Apache
ETag: "2eab-5bcb5e57f9740"
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Upgrade: h2
Access-Control-Expose-Headers: content-disposition
Cache-Control: max-age=2592000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=60, max=100
Expires: Sun, 17 Oct 2021 08:08:36 GMT

GET
H/1.1 200
OK phone_screen_4.png
www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/ Frame 6F76 21 KB
21 KB 98ms
40ms Image
image/png 213.150.2.151
IT-AUSTRIA Vienna

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/phone_screen_4.png

Requested by

Host: www.erstebank.hu
URL: https://www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

213.150.2.151 Vienna, Austria, ASN12895 (IT-AUSTRIA Vienna, Austria, AT),

Reverse DNS

Software

Apache / 9

Resource Hash

31b87570aa00f22dd2be60dc0d0a88f70b01586b13a76fa36c390f736c15d0b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 08:08:36 GMT
X-Content-Type-Options: nosniff
X-Powered-By: 9
Access-Control-Max-Age: 3600
Connection: Upgrade, Keep-Alive
Content-Length: 21086
X-XSS-Protection: 1; mode=block
Service-Worker-Allowed: /
Access-Control-Allow-Headers: Accept, Accept-Language, Authorization, Client-Accept-Language, Content-Type, X-REQUEST-ID, X-GEORGE-API-VERSION, X-GEORGE-USER, X-ebsapi-Authentication, X-ebsapi-Accept, Range
Last-Modified: Thu, 04 Mar 2021 13:30:52 GMT
Server: Apache
ETag: "525e-5bcb5f9f15b00"
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Upgrade: h2
Access-Control-Expose-Headers: content-disposition
Cache-Control: max-age=2592000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=60, max=100
Expires: Sun, 17 Oct 2021 08:08:36 GMT

POST
H/1.1 404
Not Found rb_467b85b0-151f-47e2-bb39-78eab47d0a5e Show response
protivaeducation.com/sso/ 315 B
515 B 11ms
10ms XHR
text/html 144.91.74.140
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://protivaeducation.com/sso/rb_467b85b0-151f-47e2-bb39-78eab47d0a5e?type=js3&sn=-10%246RCD9PQBLQBFRSF7O2EK2K2HIU36382J&svrid=-10&flavor=post&vi=FRHKKAPCROJSDOGJRPTRBPHOFWCKGPMP-0&modifiedSince=1619642775256&rf=https%3A%2F%2Fprotivaeducation.com%2FGeorge.html&bp=3&app=c62d3dedce259a52&crc=2654763092&end=1
Requested by: Host: protivaeducation.com
URL: https://protivaeducation.com/George_files/ruxitagentjs_ICA2SVfjqru_10207210127152629.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.74.140 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: edge.intelwebhost.net
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Sec-Fetch-Mode: cors
Origin: https://protivaeducation.com
Accept-Encoding: gzip, deflate, br
Accept-Language: de-DE,de;q=0.9
Sec-Fetch-Dest: empty
Cookie: dtCookie=-10$6RCD9PQBLQBFRSF7O2EK2K2HIU36382J; rxVisitor=1631866116148G37J4NPBEU5C009FQOO5VL7UQ1FV0HOR; dtSa=-; dtLatC=26; rxvt=1631867916908|1631866116149; dtPC=-10$466116144_227h-vFRHKKAPCROJSDOGJRPTRBPHOFWCKGPMP-0e1
Connection: keep-alive
Content-Length: 6569
Pragma: no-cache
Host: protivaeducation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Cache-Control: no-cache
Referer: https://protivaeducation.com/George.html
Sec-Fetch-Site: same-origin
Referer: https://protivaeducation.com/George.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 17 Sep 2021 08:08:38 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

POST
H/1.1 404
Not Found rb_467b85b0-151f-47e2-bb39-78eab47d0a5e Show response
protivaeducation.com/sso/ 315 B
515 B 11ms
11ms XHR
text/html 144.91.74.140
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://protivaeducation.com/sso/rb_467b85b0-151f-47e2-bb39-78eab47d0a5e?type=js3&sn=-10%246RCD9PQBLQBFRSF7O2EK2K2HIU36382J&svrid=-10&flavor=post&vi=FRHKKAPCROJSDOGJRPTRBPHOFWCKGPMP-0&modifiedSince=1619642775256&rf=https%3A%2F%2Fprotivaeducation.com%2FGeorge.html&bp=3&app=c62d3dedce259a52&crc=1619671921&end=1
Requested by: Host: protivaeducation.com
URL: https://protivaeducation.com/George_files/ruxitagentjs_ICA2SVfjqru_10207210127152629.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.74.140 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: edge.intelwebhost.net
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Sec-Fetch-Mode: cors
Origin: https://protivaeducation.com
Accept-Encoding: gzip, deflate, br
Accept-Language: de-DE,de;q=0.9
Sec-Fetch-Dest: empty
Cookie: dtCookie=-10$6RCD9PQBLQBFRSF7O2EK2K2HIU36382J; rxVisitor=1631866116148G37J4NPBEU5C009FQOO5VL7UQ1FV0HOR; dtSa=-; dtLatC=26; rxvt=1631867916908|1631866116149; dtPC=-10$466116144_227h-vFRHKKAPCROJSDOGJRPTRBPHOFWCKGPMP-0e1
Connection: keep-alive
Content-Length: 2408
Pragma: no-cache
Host: protivaeducation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Cache-Control: no-cache
Referer: https://protivaeducation.com/George.html
Sec-Fetch-Site: same-origin
Referer: https://protivaeducation.com/George.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 17 Sep 2021 08:08:40 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Erste Bank (Banking)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.protivaeducation.com/	1969-12-31 23:59:59	Name: dtCookie Value: -10$6RCD9PQBLQBFRSF7O2EK2K2HIU36382J
.protivaeducation.com/	1969-12-31 23:59:59	Name: rxVisitor Value: 1631866116148G37J4NPBEU5C009FQOO5VL7UQ1FV0HOR
.protivaeducation.com/	1969-12-31 23:59:59	Name: dtSa Value: -
.protivaeducation.com/	1969-12-31 23:59:59	Name: dtLatC Value: 26
.protivaeducation.com/	1969-12-31 23:59:59	Name: rxvt Value: 1631867916908\|1631866116149
.protivaeducation.com/	1969-12-31 23:59:59	Name: dtPC Value: -10$466116144_227h-vFRHKKAPCROJSDOGJRPTRBPHOFWCKGPMP-0e1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://protivaeducation.com/font/interfont/Inter-roman.var.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://protivaeducation.com/sso/rb_467b85b0-151f-47e2-bb39-78eab47d0a5e?type=js3&sn=-10%246RCD9PQBLQBFRSF7O2EK2K2HIU36382J&svrid=-10&flavor=post&vi=FRHKKAPCROJSDOGJRPTRBPHOFWCKGPMP-0&modifiedSince=1619642775256&rf=https%3A%2F%2Fprotivaeducation.com%2FGeorge.html&bp=3&app=c62d3dedce259a52&crc=2654763092&end=1 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://protivaeducation.com/sso/rb_467b85b0-151f-47e2-bb39-78eab47d0a5e?type=js3&sn=-10%246RCD9PQBLQBFRSF7O2EK2K2HIU36382J&svrid=-10&flavor=post&vi=FRHKKAPCROJSDOGJRPTRBPHOFWCKGPMP-0&modifiedSince=1619642775256&rf=https%3A%2F%2Fprotivaeducation.com%2FGeorge.html&bp=3&app=c62d3dedce259a52&crc=1619671921&end=1 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

protivaeducation.com
www.erstebank.hu
144.91.74.140
213.150.2.151
0f0a0402df708e292ff25789604e5037d448e0d4b2e4abdb2e5217e2fdbd503b
2dc7fe4a784ab88299a6ea0c88a3406cb1a71db3937ad1fc31d4c00be47586dd
2e5d7aa86d39af73f6e081f366ad9ed221435b7c1703b29d8e0731f5ba4090f9
31b87570aa00f22dd2be60dc0d0a88f70b01586b13a76fa36c390f736c15d0b7
4b8697eb07dd220b2ee9ee52c37267db8b5af22323ac601604a03cc0bb3b608d
577b716d58c6db02bfaa754c34bade3f5c818a2f1b1364232ae4b15fce22e41c
5ccd1db80b06a54230b9110761aa4a58f57f5c742cbc82e94dac16258235f3eb
5e69f28fccb728fdce3c2a06e427b7e53840f445142748f42a9a313061f206d7
679ed8aa3bb2e125bd678634ab166bf671093bab8acd8eb65f4428ec0d6bb2f1
6a42861ce35463d2c190294968c193050b5b68e8674f44bf51c48f8d4669e602
6ea11275575fcbd6248a5c46320a2647bced4dae3fe27c1b63028b738b0477b9
75915cf3664e1bd67bddd4578866e46f20d5abc6cb8d0b7dc46859f8d87bf7fd
86438e8bd1a3d2543c5b45639a4f5432532c7eebc75ab0c3bb2d6f1a9a5132a9
a12b918de03244a0d1a86980907336d97a72a443f5a9d0dab91a2e77691ad317
a22066e226be4c303c158b0e6e0c1b4a17eab81aacc7c99109961eddc63b11b5
a735b1c43fd61434d79b1dba7e830a0457f7160175a8b3aa6ed5592f17832730
c34279ccec1a6dcd60207ad677232d168b33b2f85f5b325bf75dec1a6bf0e0b2
cb01050ed50446c64cbd3077f8f7825bcf070a5e1ebaf2a8441a63b020063d77
d049226515b666d81d2c65cbf028c1db5e299501f4fb5e96d12397fe3c671bab
d5949838923cc110a1ecbae7aad65d703bb7ccc61003e11cf47f76d1e4a637ac
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
db5bd855f43dccd056953e442ad88e2e99a9dfd1dca243f89ba492da96bc67f6
df493cf3045105b4a5348f2dde953b55dca337df46c11288c3bf3534487a7676
f2184b65d973bceb7298c079fe46cb9cad62c9067a5f3b13e016c3b1eb35304b

protivaeducation.com Open in urlscan Pro 144.91.74.140 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

1951 kBTransfer

1944 kBSize

6 Cookies

3 Outgoing links

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

9 JavaScript Global Variables

6 Cookies

3 Console Messages

protivaeducation.com Open in urlscan Pro
144.91.74.140 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1951 kB
Transfer

1944 kB
Size

6
Cookies

25 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!