web-prototype.xyz Open in urlscan Pro
202.254.236.247  Malicious Activity! Public Scan

47 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response web-prototype.xyz/1/login/	39 KB 8 KB	782ms 262ms	Document text/html	202.254.236.247 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Full URL https://web-prototype.xyz/1/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 202.254.236.247 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS Software nginx / Resource Hash d1529a1f54d9a4661d8640fa54b2ecfeb901ed0561586832094570f892f483ac Request headers :method GET :authority web-prototype.xyz :scheme https :path /1/login/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers server nginx date Wed, 27 Jan 2021 13:02:41 GMT content-type text/html vary Accept-Encoding last-modified Sun, 22 Nov 2020 12:30:28 GMT etag W/"9a43-5b4b13e1f4100" content-encoding gzip
GET H2	200	smartbanner.min.css online.rbb.bg/Content/css/smartbanner/	12 KB 4 KB	185ms 37ms	Stylesheet text/css	194.48.206.22 RBB-
General Check archive.org Show headers Download Go to Full URL https://online.rbb.bg/Content/css/smartbanner/smartbanner.min.css Requested by Host: web-prototype.xyz URL: https://web-prototype.xyz/1/login/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 194.48.206.22 , Bulgaria, ASN44396 (RBB-, BG), Reverse DNS online.rbb.bg Software / Resource Hash 1af1054fde4c9fa4ab8cd305fb5d88dda8124e214556b1338bfbb0a5b762cb75 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains X-Frame-Options SAMEORIGIN Request headers Referer https://web-prototype.xyz/1/login/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000;includeSubDomains content-encoding gzip vary Accept-Encoding last-modified Tue, 17 Nov 2020 15:51:24 GMT server etag "0e65580f9bcd61:0" x-frame-options SAMEORIGIN content-type text/css cache-control max-age=1200 date Wed, 27 Jan 2021 13:02:41 GMT accept-ranges bytes content-length 3900
GET H2	200	style.min.css online.rbb.bg/Content/css/	562 KB 67 KB	216ms 68ms	Stylesheet text/css	194.48.206.22 RBB-
General Check archive.org Show headers Download Go to Full URL https://online.rbb.bg/Content/css/style.min.css Requested by Host: web-prototype.xyz URL: https://web-prototype.xyz/1/login/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 194.48.206.22 , Bulgaria, ASN44396 (RBB-, BG), Reverse DNS online.rbb.bg Software / Resource Hash 12b4a84e5b4fc77c321d7ff75037fed758c893d9f8ed541969eaa3d5e3e3c248 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains X-Frame-Options SAMEORIGIN Request headers Referer https://web-prototype.xyz/1/login/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000;includeSubDomains content-encoding gzip vary Accept-Encoding last-modified Thu, 03 Dec 2020 12:55:24 GMT server etag "0c6b19073c9d61:0" x-frame-options SAMEORIGIN content-type text/css cache-control max-age=1200 date Wed, 27 Jan 2021 13:02:41 GMT accept-ranges bytes content-length 68026
GET H2	404	require.js web-prototype.xyz/Scripts/libs/	0 0	263ms 262ms	Script text/html	202.254.236.247 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Full URL https://web-prototype.xyz/Scripts/libs/require.js Requested by Host: web-prototype.xyz URL: https://web-prototype.xyz/1/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 202.254.236.247 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS Software nginx / Resource Hash Request headers Referer https://web-prototype.xyz/1/login/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 27 Jan 2021 13:02:41 GMT content-encoding gzip last-modified Mon, 02 Jul 2018 00:28:52 GMT server nginx etag W/"afe-56ff9483bcb80" vary Accept-Encoding content-type text/html
GET H2	404	promise.js web-prototype.xyz/Scripts/libs/	0 0	263ms 263ms	Script text/html	202.254.236.247 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Full URL https://web-prototype.xyz/Scripts/libs/promise.js Requested by Host: web-prototype.xyz URL: https://web-prototype.xyz/1/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 202.254.236.247 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS Software nginx / Resource Hash Request headers Referer https://web-prototype.xyz/1/login/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 27 Jan 2021 13:02:41 GMT content-encoding gzip last-modified Mon, 02 Jul 2018 00:28:52 GMT server nginx etag W/"afe-56ff9483bcb80" vary Accept-Encoding content-type text/html
GET H2	404	smartbanner.min.js web-prototype.xyz/Scripts/libs/	0 0	263ms 262ms	Script text/html	202.254.236.247 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Full URL https://web-prototype.xyz/Scripts/libs/smartbanner.min.js Requested by Host: web-prototype.xyz URL: https://web-prototype.xyz/1/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 202.254.236.247 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS Software nginx / Resource Hash Request headers Referer https://web-prototype.xyz/1/login/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 27 Jan 2021 13:02:41 GMT content-encoding gzip last-modified Mon, 02 Jul 2018 00:28:52 GMT server nginx etag W/"afe-56ff9483bcb80" vary Accept-Encoding content-type text/html
GET H2	404	fb.png web-prototype.xyz/Content/images/	3 KB 3 KB	262ms 261ms	Image text/html	202.254.236.247 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Show image Full URL https://web-prototype.xyz/Content/images/fb.png Requested by Host: web-prototype.xyz URL: https://web-prototype.xyz/1/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 202.254.236.247 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS Software nginx / Resource Hash d365165afdcb6f4108f403153aa460fd81c69824524df90d8a9ed4853f82e49f Request headers Referer https://web-prototype.xyz/1/login/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 27 Jan 2021 13:02:42 GMT content-encoding gzip last-modified Mon, 02 Jul 2018 00:28:52 GMT server nginx etag W/"afe-56ff9483bcb80" vary Accept-Encoding content-type text/html
GET H2	404	youtube.png web-prototype.xyz/Content/images/	3 KB 3 KB	262ms 262ms	Image text/html	202.254.236.247 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Show image Full URL https://web-prototype.xyz/Content/images/youtube.png Requested by Host: web-prototype.xyz URL: https://web-prototype.xyz/1/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 202.254.236.247 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS Software nginx / Resource Hash d365165afdcb6f4108f403153aa460fd81c69824524df90d8a9ed4853f82e49f Request headers Referer https://web-prototype.xyz/1/login/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 27 Jan 2021 13:02:42 GMT content-encoding gzip last-modified Mon, 02 Jul 2018 00:28:52 GMT server nginx etag W/"afe-56ff9483bcb80" vary Accept-Encoding content-type text/html
GET H2	404	linkedin.png web-prototype.xyz/Content/images/	3 KB 3 KB	267ms 266ms	Image text/html	202.254.236.247 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Show image Full URL https://web-prototype.xyz/Content/images/linkedin.png Requested by Host: web-prototype.xyz URL: https://web-prototype.xyz/1/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 202.254.236.247 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS Software nginx / Resource Hash d365165afdcb6f4108f403153aa460fd81c69824524df90d8a9ed4853f82e49f Request headers Referer https://web-prototype.xyz/1/login/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 27 Jan 2021 13:02:42 GMT content-encoding gzip last-modified Mon, 02 Jul 2018 00:28:52 GMT server nginx etag W/"afe-56ff9483bcb80" vary Accept-Encoding content-type text/html
GET H2	404	twitter.png web-prototype.xyz/Content/images/	3 KB 3 KB	267ms 266ms	Image text/html	202.254.236.247 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Show image Full URL https://web-prototype.xyz/Content/images/twitter.png Requested by Host: web-prototype.xyz URL: https://web-prototype.xyz/1/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 202.254.236.247 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS Software nginx / Resource Hash d365165afdcb6f4108f403153aa460fd81c69824524df90d8a9ed4853f82e49f Request headers Referer https://web-prototype.xyz/1/login/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 27 Jan 2021 13:02:42 GMT content-encoding gzip last-modified Mon, 02 Jul 2018 00:28:52 GMT server nginx etag W/"afe-56ff9483bcb80" vary Accept-Encoding content-type text/html
GET H2	404	instagram.png web-prototype.xyz/Content/images/	3 KB 3 KB	267ms 267ms	Image text/html	202.254.236.247 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Show image Full URL https://web-prototype.xyz/Content/images/instagram.png Requested by Host: web-prototype.xyz URL: https://web-prototype.xyz/1/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 202.254.236.247 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS Software nginx / Resource Hash d365165afdcb6f4108f403153aa460fd81c69824524df90d8a9ed4853f82e49f Request headers Referer https://web-prototype.xyz/1/login/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 27 Jan 2021 13:02:42 GMT content-encoding gzip last-modified Mon, 02 Jul 2018 00:28:52 GMT server nginx etag W/"afe-56ff9483bcb80" vary Accept-Encoding content-type text/html
GET H2	404	viber.png web-prototype.xyz/Content/images/	3 KB 3 KB	268ms 267ms	Image text/html	202.254.236.247 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Show image Full URL https://web-prototype.xyz/Content/images/viber.png Requested by Host: web-prototype.xyz URL: https://web-prototype.xyz/1/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 202.254.236.247 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS Software nginx / Resource Hash d365165afdcb6f4108f403153aa460fd81c69824524df90d8a9ed4853f82e49f Request headers Referer https://web-prototype.xyz/1/login/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 27 Jan 2021 13:02:42 GMT content-encoding gzip last-modified Mon, 02 Jul 2018 00:28:52 GMT server nginx etag W/"afe-56ff9483bcb80" vary Accept-Encoding content-type text/html
GET H2	404	rbb-blog.png web-prototype.xyz/Content/images/	3 KB 3 KB	267ms 267ms	Image text/html	202.254.236.247 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Show image Full URL https://web-prototype.xyz/Content/images/rbb-blog.png Requested by Host: web-prototype.xyz URL: https://web-prototype.xyz/1/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 202.254.236.247 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS Software nginx / Resource Hash d365165afdcb6f4108f403153aa460fd81c69824524df90d8a9ed4853f82e49f Request headers Referer https://web-prototype.xyz/1/login/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 27 Jan 2021 13:02:42 GMT content-encoding gzip last-modified Mon, 02 Jul 2018 00:28:52 GMT server nginx etag W/"afe-56ff9483bcb80" vary Accept-Encoding content-type text/html
GET H2	404	smartbanner.min.js web-prototype.xyz/Scripts/libs/	0 0	261ms 261ms	Script text/html	202.254.236.247 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Full URL https://web-prototype.xyz/Scripts/libs/smartbanner.min.js Requested by Host: web-prototype.xyz URL: https://web-prototype.xyz/1/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 202.254.236.247 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS Software nginx / Resource Hash Request headers Referer https://web-prototype.xyz/1/login/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 27 Jan 2021 13:02:42 GMT content-encoding gzip last-modified Mon, 02 Jul 2018 00:28:52 GMT server nginx etag W/"afe-56ff9483bcb80" vary Accept-Encoding content-type text/html
GET H2	200	1Wh2xI03Tgs www.youtube.com/embed/ Frame 7C73	0 0	105ms 105ms	Document text/html	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/1Wh2xI03Tgs Requested by Host: web-prototype.xyz URL: https://web-prototype.xyz/1/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software YouTube Frontend Proxy / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority www.youtube.com :scheme https :path /embed/1Wh2xI03Tgs pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://web-prototype.xyz/1/login/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://web-prototype.xyz/1/login/ Response headers content-type text/html; charset=utf-8 content-length 22025 content-encoding br expires Tue, 27 Apr 1971 19:44:06 GMT x-content-type-options nosniff cache-control no-cache p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info." strict-transport-security max-age=31536000 date Wed, 27 Jan 2021 13:02:42 GMT server YouTube Frontend Proxy x-xss-protection 0 set-cookie VISITOR_INFO1_LIVE=pPqeuBiVCxg; path=/; domain=.youtube.com; secure; expires=Mon, 26-Jul-2021 13:02:42 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=pPqeuBiVCxg; path=/; domain=.youtube.com; secure; expires=Mon, 26-Jul-2021 13:02:42 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Wed, 27-Jan-2021 13:32:42 GMT YSC=B2PwQga4oWc; path=/; domain=.youtube.com; secure; httponly; samesite=None CONSENT=PENDING+417; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	bg-body.png online.rbb.bg/Content/images/	3 KB 4 KB	38ms 38ms	Image image/png	194.48.206.22 RBB-
General Check archive.org Show headers Download Go to Show image Full URL https://online.rbb.bg/Content/images/bg-body.png Requested by Host: online.rbb.bg URL: https://online.rbb.bg/Content/css/style.min.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 194.48.206.22 , Bulgaria, ASN44396 (RBB-, BG), Reverse DNS online.rbb.bg Software / Resource Hash ba74790b1e9670ae6429a7cf9f8949d51e042dfa3d2a43f34e779ee3954330eb Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains X-Frame-Options SAMEORIGIN Request headers Referer https://online.rbb.bg/Content/css/style.min.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000;includeSubDomains last-modified Tue, 17 Nov 2020 15:51:24 GMT server etag "0e65580f9bcd61:0" x-frame-options SAMEORIGIN content-type image/png cache-control max-age=1200 date Wed, 27 Jan 2021 13:02:42 GMT accept-ranges bytes content-length 3536
GET H2	200	logo-rbb-white-bg.svg online.rbb.bg/Content/svg/	10 KB 4 KB	39ms 38ms	Image image/svg+xml	194.48.206.22 RBB-
General Check archive.org Show headers Download Go to Show image Full URL https://online.rbb.bg/Content/svg/logo-rbb-white-bg.svg Requested by Host: online.rbb.bg URL: https://online.rbb.bg/Content/css/style.min.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 194.48.206.22 , Bulgaria, ASN44396 (RBB-, BG), Reverse DNS online.rbb.bg Software / Resource Hash 89dff036ab45ec3efd6e551ab3679501670c50882bcb04e3aefbc787983773b0 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains X-Frame-Options SAMEORIGIN Request headers Referer https://online.rbb.bg/Content/css/style.min.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000;includeSubDomains content-encoding gzip vary Accept-Encoding last-modified Tue, 17 Nov 2020 15:51:24 GMT server etag "0e65580f9bcd61:0" x-frame-options SAMEORIGIN content-type image/svg+xml cache-control max-age=1200 date Wed, 27 Jan 2021 13:02:42 GMT accept-ranges bytes content-length 4191
GET H2	200	RBB_1920x500_2.jpg online.rbb.bg/Content/images/	159 KB 159 KB	39ms 38ms	Image image/jpeg	194.48.206.22 RBB-
General Check archive.org Show headers Download Go to Show image Full URL https://online.rbb.bg/Content/images/RBB_1920x500_2.jpg Requested by Host: online.rbb.bg URL: https://online.rbb.bg/Content/css/style.min.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 194.48.206.22 , Bulgaria, ASN44396 (RBB-, BG), Reverse DNS online.rbb.bg Software / Resource Hash fb6d9913fdfd75348edf598b959631ab33d4cdfc3bd531939170811e722f71f9 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains X-Frame-Options SAMEORIGIN Request headers Referer https://online.rbb.bg/Content/css/style.min.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000;includeSubDomains last-modified Tue, 17 Nov 2020 15:51:24 GMT server etag "0e65580f9bcd61:0" x-frame-options SAMEORIGIN content-type image/jpeg cache-control max-age=1200 date Wed, 27 Jan 2021 13:02:42 GMT accept-ranges bytes content-length 162763
GET		326381_1_0.woff online.rbb.bg/Content/fonts/webfonts/	0 0
GET		FuturaPT-Medium.woff online.rbb.bg/Content/fonts/webfonts/	0 0
GET		326381_0_0.woff online.rbb.bg/Content/fonts/webfonts/	0 0
GET		iconset-rbb.ttf online.rbb.bg/Content/fonts/iconset-rbb//	0 0
GET H2	200	mobileApp.png online.rbb.bg/Content/images/	9 KB 9 KB	44ms 43ms	Image image/png	194.48.206.22 RBB-
General Check archive.org Show headers Download Go to Show image Full URL https://online.rbb.bg/Content/images/mobileApp.png Requested by Host: online.rbb.bg URL: https://online.rbb.bg/Content/css/style.min.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 194.48.206.22 , Bulgaria, ASN44396 (RBB-, BG), Reverse DNS online.rbb.bg Software / Resource Hash b2b769bc93904f1ed851dd0c266c5a14ae9fca670ec9cc39fa00065286fb1ae4 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains X-Frame-Options SAMEORIGIN Request headers Referer https://online.rbb.bg/Content/css/style.min.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000;includeSubDomains last-modified Tue, 17 Nov 2020 15:51:24 GMT server etag "0e65580f9bcd61:0" x-frame-options SAMEORIGIN content-type image/png cache-control max-age=1200 date Wed, 27 Jan 2021 13:02:42 GMT accept-ranges bytes content-length 9051
GET H2	200	app-store-bg.png online.rbb.bg/Content/images/	3 KB 3 KB	45ms 44ms	Image image/png	194.48.206.22 RBB-
General Check archive.org Show headers Download Go to Show image Full URL https://online.rbb.bg/Content/images/app-store-bg.png Requested by Host: online.rbb.bg URL: https://online.rbb.bg/Content/css/style.min.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 194.48.206.22 , Bulgaria, ASN44396 (RBB-, BG), Reverse DNS online.rbb.bg Software / Resource Hash 5c95c6c1193ef4afdf14770fe02d2f008be731d477b38ad44e3a497241984696 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains X-Frame-Options SAMEORIGIN Request headers Referer https://online.rbb.bg/Content/css/style.min.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000;includeSubDomains last-modified Tue, 17 Nov 2020 15:51:24 GMT server etag "0e65580f9bcd61:0" x-frame-options SAMEORIGIN content-type image/png cache-control max-age=1200 date Wed, 27 Jan 2021 13:02:42 GMT accept-ranges bytes content-length 3127
GET H2	200	google-play-bg.png online.rbb.bg/Content/images/	4 KB 4 KB	45ms 44ms	Image image/png	194.48.206.22 RBB-
General Check archive.org Show headers Download Go to Show image Full URL https://online.rbb.bg/Content/images/google-play-bg.png Requested by Host: online.rbb.bg URL: https://online.rbb.bg/Content/css/style.min.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 194.48.206.22 , Bulgaria, ASN44396 (RBB-, BG), Reverse DNS online.rbb.bg Software / Resource Hash c84158c02aa08b902be924e5b9b81fd349cd09510aa72710c70a6d55ac931fcd Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains X-Frame-Options SAMEORIGIN Request headers Referer https://online.rbb.bg/Content/css/style.min.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000;includeSubDomains last-modified Tue, 17 Nov 2020 15:51:24 GMT server etag "0e65580f9bcd61:0" x-frame-options SAMEORIGIN content-type image/png cache-control max-age=1200 date Wed, 27 Jan 2021 13:02:42 GMT accept-ranges bytes content-length 3783
GET		326381_1_0.ttf online.rbb.bg/Content/fonts/webfonts/	0 0
GET		FuturaPT-Medium.ttf online.rbb.bg/Content/fonts/webfonts/	0 0
GET		326381_0_0.ttf online.rbb.bg/Content/fonts/webfonts/	0 0
GET		iconset-rbb.woff online.rbb.bg/Content/fonts/iconset-rbb//	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

online.rbb.bg

URL

https://online.rbb.bg/Content/fonts/webfonts/326381_1_0.woff

Domain

online.rbb.bg

URL

https://online.rbb.bg/Content/fonts/webfonts/FuturaPT-Medium.woff

Domain

online.rbb.bg

URL

https://online.rbb.bg/Content/fonts/webfonts/326381_0_0.woff

Domain

online.rbb.bg

URL

https://online.rbb.bg/Content/fonts/iconset-rbb//iconset-rbb.ttf?wxo579

Domain

online.rbb.bg

URL

https://online.rbb.bg/Content/fonts/webfonts/326381_1_0.ttf

Domain

online.rbb.bg

URL

https://online.rbb.bg/Content/fonts/webfonts/FuturaPT-Medium.ttf

Domain

online.rbb.bg

URL

https://online.rbb.bg/Content/fonts/webfonts/326381_0_0.ttf

Domain

online.rbb.bg

URL

https://online.rbb.bg/Content/fonts/iconset-rbb//iconset-rbb.woff?wxo579

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Raiffeisen Bank (Banking)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: B2PwQga4oWc
			.youtube.com/	1970-01-19 20:01:44	Name: VISITOR_INFO1_LIVE Value: pPqeuBiVCxg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

online.rbb.bg
web-prototype.xyz
www.youtube.com
online.rbb.bg
194.48.206.22
202.254.236.247
2a00:1450:4001:812::200e
12b4a84e5b4fc77c321d7ff75037fed758c893d9f8ed541969eaa3d5e3e3c248
1af1054fde4c9fa4ab8cd305fb5d88dda8124e214556b1338bfbb0a5b762cb75
5c95c6c1193ef4afdf14770fe02d2f008be731d477b38ad44e3a497241984696
89dff036ab45ec3efd6e551ab3679501670c50882bcb04e3aefbc787983773b0
b2b769bc93904f1ed851dd0c266c5a14ae9fca670ec9cc39fa00065286fb1ae4
ba74790b1e9670ae6429a7cf9f8949d51e042dfa3d2a43f34e779ee3954330eb
c84158c02aa08b902be924e5b9b81fd349cd09510aa72710c70a6d55ac931fcd
d1529a1f54d9a4661d8640fa54b2ecfeb901ed0561586832094570f892f483ac
d365165afdcb6f4108f403153aa460fd81c69824524df90d8a9ed4853f82e49f
fb6d9913fdfd75348edf598b959631ab33d4cdfc3bd531939170811e722f71f9