raiffeisen-ats.eu
Open in
urlscan Pro
195.110.35.27
Malicious Activity!
Public Scan
Effective URL: http://raiffeisen-ats.eu/ats/2f2e7e82c4f3a2d/login.php
Submission: On February 24 via api from US
Summary
This is the only time raiffeisen-ats.eu was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Raiffeisen Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
15 | 195.110.35.27 195.110.35.27 | 16347 (RMI-FITECH) (RMI-FITECH) | |
15 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
raiffeisen-ats.eu
raiffeisen-ats.eu |
479 KB |
15 | 1 |
Domain | Requested by | |
---|---|---|
15 | raiffeisen-ats.eu |
raiffeisen-ats.eu
|
15 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://raiffeisen-ats.eu/ats/2f2e7e82c4f3a2d/login.php
Frame ID: C9DD17BC53A65F65F6D8460C4172F026
Requests: 15 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
login.php
raiffeisen-ats.eu/ats/2f2e7e82c4f3a2d/ |
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
raiffeisen-ats.eu/ats/assets/css/ |
152 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
helpers.css
raiffeisen-ats.eu/ats/assets/css/ |
41 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts.css
raiffeisen-ats.eu/ats/assets/css/ |
1 KB 589 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
raiffeisen-ats.eu/ats/assets/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
raiffeisen-ats.eu/ats/assets/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
info.png
raiffeisen-ats.eu/ats/assets/images/ |
520 B 785 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ques.png
raiffeisen-ats.eu/ats/assets/images/ |
519 B 784 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
remember.png
raiffeisen-ats.eu/ats/assets/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-content.png
raiffeisen-ats.eu/ats/assets/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
raiffeisen-ats.eu/ats/assets/js/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
popper.min.js
raiffeisen-ats.eu/ats/assets/js/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
raiffeisen-ats.eu/ats/assets/js/ |
58 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome.min.js
raiffeisen-ats.eu/ats/assets/js/ |
1 MB 378 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
raiffeisen-ats.eu/ats/assets/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Raiffeisen Bank (Banking)16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery function| Popper object| bootstrap object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| x number| j object| selElmnt object| a object| b object| c function| closeAllSelect0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
raiffeisen-ats.eu
195.110.35.27
06f5bd9155ed0f918d061506ea7f66f6086d4280301dabc1e4b86ea17570a862
21bd54c766f0a1385f24f0b9a074e83881d82288d9d31bab0e3076721121f52e
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
306ab8dd287ef041231a510b7e4c027a11e28b20c3408a9185d895c091dc72a4
315ac5479007d2e864a4b51f505fd0785ebbbe931a6b511467fa49504a082c58
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
6c2ed8fc13478bb9f816a19ab2dc95ffd83846731d0aac687c907bcaf357a33b
812b1087830872695af86c3597751898849d1d6c4be66e9b072f5775602491fb
8236de8aa9b1be62e6d19476f72080cef41e1175d41fa6228dad8c0366e333fc
8a34c3f7ce888d0544b0b09ab35604b5c2964c9824bb64a4d641fc18c01cf0b2
cca1c6e197fb5cc881253624d2a507488329152826bfe01a6c7bad5e747f86b3
d0ee866086442b323caf56ed3da1d3350c72f03b28e5b8c49d222e3788a04b5d
de1c119c5fb0530372d61596472c199ed788c67d0ba5b3b82e3d82809ce448fd
f75660ef838dcc75f2ccc6f4743b27e0396efd71749e3ca3aafe75666581072a
f839760d1621714efedeb3eb08b25e619812dcc33d77aceb0daf405ac727a765