actualizaciondefacturacion.fl-tuzep.hu

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 5 HTTP transactions. The main IP is 92.43.203.14, located in Hungary and belongs to MEDIACENTER-AS, HU. The main domain is actualizaciondefacturacion.fl-tuzep.hu.
TLS certificate: Issued by R3 on May 1st 2023. Valid for: 3 months.

This is the only time actualizaciondefacturacion.fl-tuzep.hu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	93.184.144.52 93.184.144.52	47288 (FIXNET) (FIXNET)
2 7	92.43.203.14 92.43.203.14	44460 (MEDIACENT...) (MEDIACENTER-AS)
5	1

1 93.184.144.52 (Edirne, Turkey) 1 redirects

ASN47288 (FIXNET, TR)
PTR: linux10.sistemhost.com

alfaahsap.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 92.43.203.14 (Hungary) 2 redirects

ASN44460 (MEDIACENTER-AS, HU)
PTR: s2.mediacenter.hu

actualizaciondefacturacion.fl-tuzep.hu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	fl-tuzep.hu 2 redirects actualizaciondefacturacion.fl-tuzep.hu	403 KB
1	alfaahsap.com.tr 1 redirects alfaahsap.com.tr	278 B
5	2

	Domain	Requested by
7	actualizaciondefacturacion.fl-tuzep.hu	2 redirects actualizaciondefacturacion.fl-tuzep.hu
1	alfaahsap.com.tr	1 redirects
5	2

This site contains no links.

Subject Issuer	Validity	Valid
actualizaciondefacturacion.fl-tuzep.hu R3	`2023-05-01` - `2023-07-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://actualizaciondefacturacion.fl-tuzep.hu/es/auth/signin.php
Frame ID: 798A44B683CCB6C7CF1BE1E6EF724CDD
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://alfaahsap.com.tr/jsi/ HTTP 302
https://actualizaciondefacturacion.fl-tuzep.hu/es/ HTTP 302
https://actualizaciondefacturacion.fl-tuzep.hu/es/auth/index.php HTTP 302
https://actualizaciondefacturacion.fl-tuzep.hu/es/auth/signin.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

403 kB
Transfer

400 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://alfaahsap.com.tr/jsi/ HTTP 302
https://actualizaciondefacturacion.fl-tuzep.hu/es/ HTTP 302
https://actualizaciondefacturacion.fl-tuzep.hu/es/auth/index.php HTTP 302
https://actualizaciondefacturacion.fl-tuzep.hu/es/auth/signin.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request signin.php Show response actualizaciondefacturacion.fl-tuzep.hu/es/auth/ Redirect Chain http://alfaahsap.com.tr/jsi/ https://actualizaciondefacturacion.fl-tuzep.hu/es/ https://actualizaciondefacturacion.fl-tuzep.hu/es/auth/index.php https://actualizaciondefacturacion.fl-tuzep.hu/es/auth/signin.php	3 KB 3 KB	190ms 190ms	Document text/html	92.43.203.14 MEDIACENTER-AS
General Check archive.org Show headers Download Go to Full URL https://actualizaciondefacturacion.fl-tuzep.hu/es/auth/signin.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 92.43.203.14 , Hungary, ASN44460 (MEDIACENTER-AS, HU), Reverse DNS s2.mediacenter.hu Software Apache / PHP/8.1.14 Resource Hash `1160b3593249d84264d9263a672b4751a5a756ada25bb175439d814de97b3558` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-type text/html; charset=UTF-8 date Thu, 04 May 2023 19:12:47 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server Apache x-powered-by PHP/8.1.14 Redirect headers content-type text/html; charset=UTF-8 date Thu, 04 May 2023 19:12:47 GMT location signin.php server Apache x-powered-by PHP/8.1.14
GET H2	200	style.css actualizaciondefacturacion.fl-tuzep.hu/es/auth/res/	2 KB 2 KB	56ms 55ms	Stylesheet text/css	92.43.203.14 MEDIACENTER-AS
General Check archive.org Show headers Download Go to Full URL https://actualizaciondefacturacion.fl-tuzep.hu/es/auth/res/style.css Requested by Host: actualizaciondefacturacion.fl-tuzep.hu URL: https://actualizaciondefacturacion.fl-tuzep.hu/es/auth/signin.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 92.43.203.14 , Hungary, ASN44460 (MEDIACENTER-AS, HU), Reverse DNS s2.mediacenter.hu Software Apache / Resource Hash `ec639da1e04408d4ccbe91dc227ddc21cc615b6d443928a2b49bb7280a0508bb` Request headers accept-language de-DE,de;q=0.9 Referer https://actualizaciondefacturacion.fl-tuzep.hu/es/auth/signin.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Thu, 04 May 2023 19:12:47 GMT last-modified Mon, 01 May 2023 16:16:18 GMT server Apache accept-ranges bytes etag "642-5faa4248c221e" content-length 1602 content-type text/css
GET H2	200	logo.png actualizaciondefacturacion.fl-tuzep.hu/es/auth/res/	32 KB 32 KB	26ms 26ms	Image image/png	92.43.203.14 MEDIACENTER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://actualizaciondefacturacion.fl-tuzep.hu/es/auth/res/logo.png Requested by Host: actualizaciondefacturacion.fl-tuzep.hu URL: https://actualizaciondefacturacion.fl-tuzep.hu/es/auth/signin.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 92.43.203.14 , Hungary, ASN44460 (MEDIACENTER-AS, HU), Reverse DNS s2.mediacenter.hu Software Apache / Resource Hash `94e277b7fd0aa31c86e646c079a8e27507efd39375d08eea8bd9d8ae6543ffca` Request headers accept-language de-DE,de;q=0.9 Referer https://actualizaciondefacturacion.fl-tuzep.hu/es/auth/signin.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Thu, 04 May 2023 19:12:47 GMT last-modified Mon, 01 May 2023 16:16:18 GMT server Apache accept-ranges bytes etag "7e09-5faa4248c127e" content-length 32265 content-type image/png
GET H2	200	jq.js Show response actualizaciondefacturacion.fl-tuzep.hu/es/auth/res/	87 KB 88 KB	69ms 69ms	Script application/javascript	92.43.203.14 MEDIACENTER-AS
General Check archive.org Show headers Download Go to Full URL https://actualizaciondefacturacion.fl-tuzep.hu/es/auth/res/jq.js Requested by Host: actualizaciondefacturacion.fl-tuzep.hu URL: https://actualizaciondefacturacion.fl-tuzep.hu/es/auth/signin.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 92.43.203.14 , Hungary, ASN44460 (MEDIACENTER-AS, HU), Reverse DNS s2.mediacenter.hu Software Apache / Resource Hash `ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127` Request headers accept-language de-DE,de;q=0.9 Referer https://actualizaciondefacturacion.fl-tuzep.hu/es/auth/signin.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Thu, 04 May 2023 19:12:47 GMT last-modified Mon, 01 May 2023 16:16:19 GMT server Apache accept-ranges bytes etag "15d9d-5faa424a12116" content-length 89501 content-type application/javascript
GET H2	200	back.jpg actualizaciondefacturacion.fl-tuzep.hu/es/auth/res/	276 KB 278 KB	35ms 34ms	Image image/jpeg	92.43.203.14 MEDIACENTER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://actualizaciondefacturacion.fl-tuzep.hu/es/auth/res/back.jpg Requested by Host: actualizaciondefacturacion.fl-tuzep.hu URL: https://actualizaciondefacturacion.fl-tuzep.hu/es/auth/res/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 92.43.203.14 , Hungary, ASN44460 (MEDIACENTER-AS, HU), Reverse DNS s2.mediacenter.hu Software Apache / Resource Hash `fab8bee9ff18e59b5eafe643a82e845296afce1dfa75eeafa5bf41811bd56836` Request headers accept-language de-DE,de;q=0.9 Referer https://actualizaciondefacturacion.fl-tuzep.hu/es/auth/res/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Thu, 04 May 2023 19:12:47 GMT last-modified Mon, 01 May 2023 16:16:20 GMT server Apache accept-ranges bytes etag "44f85-5faa424b360ef" content-length 282501 content-type image/jpeg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			actualizaciondefacturacion.fl-tuzep.hu/	1969-12-31 23:59:59	Name: PHPSESSID Value: d319e6b0f431765ebb45075e039dbc7a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

actualizaciondefacturacion.fl-tuzep.hu
alfaahsap.com.tr
92.43.203.14
93.184.144.52
1160b3593249d84264d9263a672b4751a5a756ada25bb175439d814de97b3558
94e277b7fd0aa31c86e646c079a8e27507efd39375d08eea8bd9d8ae6543ffca
ec639da1e04408d4ccbe91dc227ddc21cc615b6d443928a2b49bb7280a0508bb
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
fab8bee9ff18e59b5eafe643a82e845296afce1dfa75eeafa5bf41811bd56836

actualizaciondefacturacion.fl-tuzep.hu Open in urlscan Pro 92.43.203.14 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

5 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

403 kBTransfer

400 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

9 JavaScript Global Variables

1 Cookies

Indicators

actualizaciondefacturacion.fl-tuzep.hu Open in urlscan Pro
92.43.203.14 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

403 kB
Transfer

400 kB
Size

1
Cookies

5 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!