hehad.ga
Open in
urlscan Pro
91.234.99.98
Malicious Activity!
Public Scan
Submission Tags: 6911644
Submission: On January 05 via api from NL
Summary
This is the only time hehad.ga was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Raiffeisen Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
23 | 91.234.99.98 91.234.99.98 | 213058 (PIHL-AS) (PIHL-AS) | |
23 | 1 |
Domain | Requested by | |
---|---|---|
23 | hehad.ga |
hehad.ga
|
23 | 1 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://hehad.ga/raiffeisen/manse/soucr/login/Raif/
Frame ID: 44F0DB33FF2D8C27B102EAA9A0146788
Requests: 23 HTTP requests in this frame
Screenshot
Detected technologies
Angular (JavaScript Frameworks) ExpandDetected patterns
- html /<[^>]+ ng-version="([\d.]+)"/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
16 Outgoing links
These are links going to different origins than the main page.
Title: X-business
Search URL Search Domain Scan URL
Title: Kreditní karty - registrace
Search URL Search Domain Scan URL
Title: RoBoT
Search URL Search Domain Scan URL
Title: RB Internetbanking
Search URL Search Domain Scan URL
Title: Náhled účtu
Search URL Search Domain Scan URL
Title: RBroker
Search URL Search Domain Scan URL
Title: MC@sign
Search URL Search Domain Scan URL
Title: Privátní bankovnictvíBankovnictví Friedrich Wilhelm Raiffeisen představuje exkluzivní servis se znalostí individuálních potřeb.
Search URL Search Domain Scan URL
Title: PŘEHLED SLEV
Search URL Search Domain Scan URL
Title: Kariéra
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Investiční portál
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
hehad.ga/raiffeisen/manse/soucr/login/Raif/ |
83 KB 83 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main8838.css
hehad.ga/raiffeisen/manse/soucr/login/Raif/styles/master/ |
349 KB 349 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
hehad.ga/raiffeisen/manse/soucr/login/Raif/Js/ |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
hehad.ga/raiffeisen/manse/soucr/login/Raif/Js/ |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
preloader.gif
hehad.ga/raiffeisen/manse/soucr/login/Raif/files/ |
10 KB 10 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
kk-deluxe.png
hehad.ga/raiffeisen/manse/soucr/login/Raif/Banka%20inspirovan%C3%A1%20klienty%20_%20Raiffeisenbank%207777_files/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
banner-investicni-strategie-navigace-300x200.jpg
hehad.ga/raiffeisen/manse/soucr/login/Raif/Banka%20inspirovan%C3%A1%20klienty%20_%20Raiffeisenbank%207777_files/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
banner-hp-covid-kocka-lg.png
hehad.ga/pictures/homepage/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
banner-hp-sporak-bezzubka-lg.jpg
hehad.ga/pictures/homepage/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
banner-e2e-lg-sticker.jpg
hehad.ga/pictures/homepage/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ucet-zdarma.jpg
hehad.ga/pictures/osobni/rozcestniky/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rychla-pujcka.jpg
hehad.ga/pictures/osobni/rozcestniky/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hypoteka-na-bydleni.jpg
hehad.ga/pictures/osobni/rozcestniky/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
zhodnoceni-uspor.jpg
hehad.ga/pictures/osobni/rozcestniky/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ceniky.jpg
hehad.ga/pictures/osobni/rozcestniky/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hypotecni-kalkulacka.jpg
hehad.ga/pictures/osobni/rozcestniky/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
proxima-nova-regular.ttf
hehad.ga/raiffeisen/manse/soucr/login/Raif/styles/fonts/ |
39 KB 39 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rb-icons.ttf
hehad.ga/raiffeisen/manse/soucr/login/Raif/styles/fonts/ |
69 KB 69 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
proxima-nova-bold.ttf
hehad.ga/raiffeisen/manse/soucr/login/Raif/styles/fonts/ |
38 KB 38 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
proxima-nova-semibold.ttf
hehad.ga/raiffeisen/manse/soucr/login/Raif/styles/fonts/ |
38 KB 38 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
futura-pt-regular.ttf
hehad.ga/raiffeisen/manse/soucr/login/Raif/styles/fonts/ |
65 KB 65 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
futura-pt-heavy.ttf
hehad.ga/raiffeisen/manse/soucr/login/Raif/styles/fonts/ |
69 KB 69 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
proxima-nova-light.ttf
hehad.ga/raiffeisen/manse/soucr/login/Raif/styles/fonts/ |
39 KB 39 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Raiffeisen Bank (Banking)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| submitLogin function| submitOtp function| submitidd function| submitstep0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
hehad.ga
91.234.99.98
0da88aaad7af59a5390ccdd483925b774f1a49e409fc306854e1ed0b0ed491c3
28941e264740339741ee38c92e5325ace276826d6f14a7c0d3e85cf1e1fcc774
2bba9b1483810240da8b2289328a4516c5056d5d49b234dbd57f4a2771ad5b5a
7eb9bc8963b5639fc7de9b97986ae55504e4b25330d47fa5566cc31ad65516e1
7f2ace1783994de0ec945c6ebb01d3aaab48e34ac87849c628863baae1e37482
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
9d83364cdaf5da63800de5b72d05ff0970409a6c9e018dbd66b7b9d43bf3c46e
a0de929476ff28c3a0ec8e550d2f306a7532b5f858b80693364f151a8a1b87c2
c65276f3bfffba4bc06687ac5aa20ea8e7975d487f00e35ffb3f9e68d323ac78
d4fbe341a7ffb07f50ca3245f552161efb84fcf4bdfcdc6554083abf049a668b
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e5c2dedf4733cf8e7cacf8240e652026518267dde019705bc3591336c164d0b8
f46ccc76706bab9cd8ec43c0fd58854cc7576a5ceb12f76a6ee5537645b533ba