web-prototype.xyz
Open in
urlscan Pro
202.254.236.247
Malicious Activity!
Public Scan
Submission: On January 27 via manual from DE
Summary
TLS certificate: Issued by R3 on January 12th 2021. Valid for: 3 months.
This is the only time web-prototype.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Raiffeisen Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 202.254.236.247 202.254.236.247 | 131965 (XSERVER X...) (XSERVER Xserver Inc.) | |
8 | 194.48.206.22 194.48.206.22 | 44396 (RBB-) (RBB-) | |
1 | 2a00:1450:400... 2a00:1450:4001:812::200e | 15169 (GOOGLE) (GOOGLE) | |
29 | 4 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
web-prototype.xyz
web-prototype.xyz |
27 KB |
8 |
rbb.bg
online.rbb.bg |
253 KB |
1 |
youtube.com
www.youtube.com |
|
29 | 3 |
Domain | Requested by | |
---|---|---|
12 | web-prototype.xyz |
web-prototype.xyz
|
8 | online.rbb.bg |
web-prototype.xyz
online.rbb.bg |
1 | www.youtube.com |
web-prototype.xyz
|
29 | 3 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.web-prototype.xyz R3 |
2021-01-12 - 2021-04-12 |
3 months | crt.sh |
online.rbb.bg Sectigo RSA Extended Validation Secure Server CA |
2020-04-15 - 2022-04-15 |
2 years | crt.sh |
*.google.com GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://web-prototype.xyz/1/login/
Frame ID: DB591EA21F96D4F7CBA441C8D4078F31
Requests: 28 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/1Wh2xI03Tgs
Frame ID: 7C735AB82F274CE1DD33D74FC2D9CA18
Requests: 1 HTTP requests in this frame
47 Outgoing links
These are links going to different origins than the main page.
Title: Научи повече
Search URL Search Domain Scan URL
Title: Google Play
Search URL Search Domain Scan URL
Title: App Store
Search URL Search Domain Scan URL
Title: AppGallery
Search URL Search Domain Scan URL
Title: ТУК
Search URL Search Domain Scan URL
Title: Грижа за клиента в извънредно положение
Search URL Search Domain Scan URL
Title: Промяна в тарифите за ЮЛ и ЕТ в сила от 14.01.2019 г.
Search URL Search Domain Scan URL
Title: 10 години Райфайзенбанк прави историите по-добри
Search URL Search Domain Scan URL
Title: Преводи
Search URL Search Domain Scan URL
Title: Битови сметки
Search URL Search Domain Scan URL
Title: Сметки
Search URL Search Domain Scan URL
Title: Карти
Search URL Search Domain Scan URL
Title: Кредити
Search URL Search Domain Scan URL
Title: Заявки
Search URL Search Domain Scan URL
Title: Настройки
Search URL Search Domain Scan URL
Title: Ръководство на потребителя
Search URL Search Domain Scan URL
Title: Общи условия
Search URL Search Domain Scan URL
Title: Инструкция за сигурност
Search URL Search Domain Scan URL
Title: Често задавани въпроси
Search URL Search Domain Scan URL
Title: Анкета за Райфайзен ОНЛАЙН
Search URL Search Domain Scan URL
Title: Индивидуални клиенти
Search URL Search Domain Scan URL
Title: Premium banking
Search URL Search Domain Scan URL
Title: Малки предприятия
Search URL Search Domain Scan URL
Title: Корпоративни клиенти
Search URL Search Domain Scan URL
Title: Картов обменен курс
Search URL Search Domain Scan URL
Title: Калкулатор за потребителски кредит
Search URL Search Domain Scan URL
Title: Калкулатор за ипотечен кредит
Search URL Search Domain Scan URL
Title: Райфайзенбанк България
Search URL Search Domain Scan URL
Title: Raiffeisen Bank International
Search URL Search Domain Scan URL
Title: Райфайзен Лизинг
Search URL Search Domain Scan URL
Title: Райфайзен Асет Мениджмънт
Search URL Search Domain Scan URL
Title: Райфайзен Застрахователен брокер
Search URL Search Domain Scan URL
Title: Избери, за да помогнеш
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: YouTube
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Viber
Search URL Search Domain Scan URL
Title: Блог
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: За нас
Search URL Search Domain Scan URL
Title: Тарифи
Search URL Search Domain Scan URL
Title: Уведомления
Search URL Search Domain Scan URL
Title: Контакти
Search URL Search Domain Scan URL
Title: Офиси и банкомати
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
web-prototype.xyz/1/login/ |
39 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
smartbanner.min.css
online.rbb.bg/Content/css/smartbanner/ |
12 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
online.rbb.bg/Content/css/ |
562 KB 67 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
require.js
web-prototype.xyz/Scripts/libs/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
promise.js
web-prototype.xyz/Scripts/libs/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
smartbanner.min.js
web-prototype.xyz/Scripts/libs/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fb.png
web-prototype.xyz/Content/images/ |
3 KB 3 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
youtube.png
web-prototype.xyz/Content/images/ |
3 KB 3 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkedin.png
web-prototype.xyz/Content/images/ |
3 KB 3 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twitter.png
web-prototype.xyz/Content/images/ |
3 KB 3 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
instagram.png
web-prototype.xyz/Content/images/ |
3 KB 3 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
viber.png
web-prototype.xyz/Content/images/ |
3 KB 3 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rbb-blog.png
web-prototype.xyz/Content/images/ |
3 KB 3 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
smartbanner.min.js
web-prototype.xyz/Scripts/libs/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1Wh2xI03Tgs
www.youtube.com/embed/ Frame 7C73 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-body.png
online.rbb.bg/Content/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-rbb-white-bg.svg
online.rbb.bg/Content/svg/ |
10 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RBB_1920x500_2.jpg
online.rbb.bg/Content/images/ |
159 KB 159 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
326381_1_0.woff
online.rbb.bg/Content/fonts/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FuturaPT-Medium.woff
online.rbb.bg/Content/fonts/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
326381_0_0.woff
online.rbb.bg/Content/fonts/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
iconset-rbb.ttf
online.rbb.bg/Content/fonts/iconset-rbb// |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mobileApp.png
online.rbb.bg/Content/images/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-store-bg.png
online.rbb.bg/Content/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
google-play-bg.png
online.rbb.bg/Content/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
326381_1_0.ttf
online.rbb.bg/Content/fonts/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FuturaPT-Medium.ttf
online.rbb.bg/Content/fonts/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
326381_0_0.ttf
online.rbb.bg/Content/fonts/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
iconset-rbb.woff
online.rbb.bg/Content/fonts/iconset-rbb// |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- online.rbb.bg
- URL
- https://online.rbb.bg/Content/fonts/webfonts/326381_1_0.woff
- Domain
- online.rbb.bg
- URL
- https://online.rbb.bg/Content/fonts/webfonts/FuturaPT-Medium.woff
- Domain
- online.rbb.bg
- URL
- https://online.rbb.bg/Content/fonts/webfonts/326381_0_0.woff
- Domain
- online.rbb.bg
- URL
- https://online.rbb.bg/Content/fonts/iconset-rbb//iconset-rbb.ttf?wxo579
- Domain
- online.rbb.bg
- URL
- https://online.rbb.bg/Content/fonts/webfonts/326381_1_0.ttf
- Domain
- online.rbb.bg
- URL
- https://online.rbb.bg/Content/fonts/webfonts/FuturaPT-Medium.ttf
- Domain
- online.rbb.bg
- URL
- https://online.rbb.bg/Content/fonts/webfonts/326381_0_0.ttf
- Domain
- online.rbb.bg
- URL
- https://online.rbb.bg/Content/fonts/iconset-rbb//iconset-rbb.woff?wxo579
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Raiffeisen Bank (Banking)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.youtube.com/ | Name: YSC Value: B2PwQga4oWc |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: pPqeuBiVCxg |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
online.rbb.bg
web-prototype.xyz
www.youtube.com
online.rbb.bg
194.48.206.22
202.254.236.247
2a00:1450:4001:812::200e
12b4a84e5b4fc77c321d7ff75037fed758c893d9f8ed541969eaa3d5e3e3c248
1af1054fde4c9fa4ab8cd305fb5d88dda8124e214556b1338bfbb0a5b762cb75
5c95c6c1193ef4afdf14770fe02d2f008be731d477b38ad44e3a497241984696
89dff036ab45ec3efd6e551ab3679501670c50882bcb04e3aefbc787983773b0
b2b769bc93904f1ed851dd0c266c5a14ae9fca670ec9cc39fa00065286fb1ae4
ba74790b1e9670ae6429a7cf9f8949d51e042dfa3d2a43f34e779ee3954330eb
c84158c02aa08b902be924e5b9b81fd349cd09510aa72710c70a6d55ac931fcd
d1529a1f54d9a4661d8640fa54b2ecfeb901ed0561586832094570f892f483ac
d365165afdcb6f4108f403153aa460fd81c69824524df90d8a9ed4853f82e49f
fb6d9913fdfd75348edf598b959631ab33d4cdfc3bd531939170811e722f71f9