![](/screenshots/338e374f-d0d3-4e2b-9535-7d87cdf1a232.png)
protivaeducation.com
Open in
urlscan Pro
144.91.74.140
Malicious Activity!
Public Scan
Submission: On September 17 via manual from HU — Scanned from DE
Summary
TLS certificate: Issued by R3 on September 5th 2021. Valid for: 3 months.
This is the only time protivaeducation.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Erste Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 144.91.74.140 144.91.74.140 | 51167 (CONTABO) (CONTABO) | |
1 8 | 213.150.2.151 213.150.2.151 | 12895 (IT-AUSTRI...) (IT-AUSTRIA Vienna) | |
25 | 3 |
ASN51167 (CONTABO, DE)
PTR: edge.intelwebhost.net
protivaeducation.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
protivaeducation.com
protivaeducation.com |
1 MB |
8 |
erstebank.hu
1 redirects
www.erstebank.hu |
904 KB |
25 | 2 |
Domain | Requested by | |
---|---|---|
18 | protivaeducation.com |
protivaeducation.com
|
8 | www.erstebank.hu |
1 redirects
protivaeducation.com
www.erstebank.hu |
25 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.erstebank.hu |
Subject Issuer | Validity | Valid | |
---|---|---|---|
protivaeducation.com R3 |
2021-09-05 - 2021-12-04 |
3 months | crt.sh |
www.erstebank.hu NetLock Üzleti (Class B) Tanúsítványkiadó |
2021-08-16 - 2022-08-16 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://protivaeducation.com/George.html
Frame ID: B0B9BC3F81678D6E523055D6313C035A
Requests: 19 HTTP requests in this frame
Frame:
https://www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/index.html
Frame ID: 6F762D83E1B336089654F9832503FBB4
Requests: 7 HTTP requests in this frame
Screenshot
![](/screenshots/338e374f-d0d3-4e2b-9535-7d87cdf1a232.png)
Page Title
GeorgeDetected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
![](/vendor/wappa/icons/RequireJS.png)
Detected patterns
- require.*\.js
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: TeleBank
Search URL Search Domain Scan URL
Title: Security advice
Search URL Search Domain Scan URL
Title: www.erstebank.hu
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 14- https://www.erstebank.hu/hu/george-login-en HTTP 301
- https://www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/index.html
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
George.html
protivaeducation.com/ |
8 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ruxitagentjs_ICA2SVfjqru_10207210127152629.js
protivaeducation.com/George_files/ |
184 KB 184 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
protivaeducation.com/George_files/ |
452 KB 452 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AppConfiguration.js
protivaeducation.com/George_files/ |
13 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ThemeConfiguration.js
protivaeducation.com/George_files/ |
8 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
protivaeducation.com/George_files/ |
158 KB 158 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
inter.css
protivaeducation.com/George_files/ |
6 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gds-main.css
protivaeducation.com/George_files/ |
175 KB 175 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
erste.css
protivaeducation.com/George_files/ |
10 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Footer.js
protivaeducation.com/George_files/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LoginHeader.js
protivaeducation.com/George_files/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flag-hu.png
protivaeducation.com/George_files/ |
177 B 418 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flag-en.png
protivaeducation.com/George_files/ |
685 B 926 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
e-logo.png
protivaeducation.com/George_files/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
requirejs-2.js
protivaeducation.com/George_files/ |
15 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.html
www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/ Frame 6F76 Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
206 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Inter-roman.var.woff2
protivaeducation.com/font/interfont/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
user.png
www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/ Frame 6F76 |
806 KB 807 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/ Frame 6F76 |
31 KB 32 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
phone_screen_1.png
www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/ Frame 6F76 |
11 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
phone_screen_2.png
www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/ Frame 6F76 |
16 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
phone_screen_3.png
www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/ Frame 6F76 |
12 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
phone_screen_4.png
www.erstebank.hu/content/dam/hu/ebh/www_erstebank_hu/george-images/login/ Frame 6F76 |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
rb_467b85b0-151f-47e2-bb39-78eab47d0a5e
protivaeducation.com/sso/ |
315 B 515 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
rb_467b85b0-151f-47e2-bb39-78eab47d0a5e
protivaeducation.com/sso/ |
315 B 515 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Erste Bank (Banking)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect boolean| originAgentCluster object| dT_ object| dtrum undefined| _typeof function| require function| requirejs function| define6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.protivaeducation.com/ | Name: dtCookie Value: -10$6RCD9PQBLQBFRSF7O2EK2K2HIU36382J |
|
.protivaeducation.com/ | Name: rxVisitor Value: 1631866116148G37J4NPBEU5C009FQOO5VL7UQ1FV0HOR |
|
.protivaeducation.com/ | Name: dtSa Value: - |
|
.protivaeducation.com/ | Name: dtLatC Value: 26 |
|
.protivaeducation.com/ | Name: rxvt Value: 1631867916908|1631866116149 |
|
.protivaeducation.com/ | Name: dtPC Value: -10$466116144_227h-vFRHKKAPCROJSDOGJRPTRBPHOFWCKGPMP-0e1 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
protivaeducation.com
www.erstebank.hu
144.91.74.140
213.150.2.151
0f0a0402df708e292ff25789604e5037d448e0d4b2e4abdb2e5217e2fdbd503b
2dc7fe4a784ab88299a6ea0c88a3406cb1a71db3937ad1fc31d4c00be47586dd
2e5d7aa86d39af73f6e081f366ad9ed221435b7c1703b29d8e0731f5ba4090f9
31b87570aa00f22dd2be60dc0d0a88f70b01586b13a76fa36c390f736c15d0b7
4b8697eb07dd220b2ee9ee52c37267db8b5af22323ac601604a03cc0bb3b608d
577b716d58c6db02bfaa754c34bade3f5c818a2f1b1364232ae4b15fce22e41c
5ccd1db80b06a54230b9110761aa4a58f57f5c742cbc82e94dac16258235f3eb
5e69f28fccb728fdce3c2a06e427b7e53840f445142748f42a9a313061f206d7
679ed8aa3bb2e125bd678634ab166bf671093bab8acd8eb65f4428ec0d6bb2f1
6a42861ce35463d2c190294968c193050b5b68e8674f44bf51c48f8d4669e602
6ea11275575fcbd6248a5c46320a2647bced4dae3fe27c1b63028b738b0477b9
75915cf3664e1bd67bddd4578866e46f20d5abc6cb8d0b7dc46859f8d87bf7fd
86438e8bd1a3d2543c5b45639a4f5432532c7eebc75ab0c3bb2d6f1a9a5132a9
a12b918de03244a0d1a86980907336d97a72a443f5a9d0dab91a2e77691ad317
a22066e226be4c303c158b0e6e0c1b4a17eab81aacc7c99109961eddc63b11b5
a735b1c43fd61434d79b1dba7e830a0457f7160175a8b3aa6ed5592f17832730
c34279ccec1a6dcd60207ad677232d168b33b2f85f5b325bf75dec1a6bf0e0b2
cb01050ed50446c64cbd3077f8f7825bcf070a5e1ebaf2a8441a63b020063d77
d049226515b666d81d2c65cbf028c1db5e299501f4fb5e96d12397fe3c671bab
d5949838923cc110a1ecbae7aad65d703bb7ccc61003e11cf47f76d1e4a637ac
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
db5bd855f43dccd056953e442ad88e2e99a9dfd1dca243f89ba492da96bc67f6
df493cf3045105b4a5348f2dde953b55dca337df46c11288c3bf3534487a7676
f2184b65d973bceb7298c079fe46cb9cad62c9067a5f3b13e016c3b1eb35304b