![](/screenshots/b1c6095f-e9c3-40c8-8eba-64feca70ce8e.png)
actualizaciondefacturacion.fl-tuzep.hu
Open in
urlscan Pro
92.43.203.14
Malicious Activity!
Public Scan
Effective URL: https://actualizaciondefacturacion.fl-tuzep.hu/es/auth/signin.php
Submission Tags: falconsandbox
Submission: On May 04 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on May 1st 2023. Valid for: 3 months.
This is the only time actualizaciondefacturacion.fl-tuzep.hu was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Netflix (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 93.184.144.52 93.184.144.52 | 47288 (FIXNET) (FIXNET) | |
2 7 | 92.43.203.14 92.43.203.14 | 44460 (MEDIACENT...) (MEDIACENTER-AS) | |
5 | 1 |
ASN44460 (MEDIACENTER-AS, HU)
PTR: s2.mediacenter.hu
actualizaciondefacturacion.fl-tuzep.hu |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
fl-tuzep.hu
2 redirects
actualizaciondefacturacion.fl-tuzep.hu |
403 KB |
1 |
alfaahsap.com.tr
1 redirects
alfaahsap.com.tr |
278 B |
5 | 2 |
Domain | Requested by | |
---|---|---|
7 | actualizaciondefacturacion.fl-tuzep.hu |
2 redirects
actualizaciondefacturacion.fl-tuzep.hu
|
1 | alfaahsap.com.tr | 1 redirects |
5 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
actualizaciondefacturacion.fl-tuzep.hu R3 |
2023-05-01 - 2023-07-30 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://actualizaciondefacturacion.fl-tuzep.hu/es/auth/signin.php
Frame ID: 798A44B683CCB6C7CF1BE1E6EF724CDD
Requests: 5 HTTP requests in this frame
Screenshot
![](/screenshots/b1c6095f-e9c3-40c8-8eba-64feca70ce8e.png)
Page URL History Show full URLs
-
http://alfaahsap.com.tr/jsi/
HTTP 302
https://actualizaciondefacturacion.fl-tuzep.hu/es/ HTTP 302
https://actualizaciondefacturacion.fl-tuzep.hu/es/auth/index.php HTTP 302
https://actualizaciondefacturacion.fl-tuzep.hu/es/auth/signin.php Page URL
Detected technologies
Detected patterns
- \.php(?:$|\?)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://alfaahsap.com.tr/jsi/
HTTP 302
https://actualizaciondefacturacion.fl-tuzep.hu/es/ HTTP 302
https://actualizaciondefacturacion.fl-tuzep.hu/es/auth/index.php HTTP 302
https://actualizaciondefacturacion.fl-tuzep.hu/es/auth/signin.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
signin.php
actualizaciondefacturacion.fl-tuzep.hu/es/auth/ Redirect Chain
|
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
actualizaciondefacturacion.fl-tuzep.hu/es/auth/res/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
actualizaciondefacturacion.fl-tuzep.hu/es/auth/res/ |
32 KB 32 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jq.js
actualizaciondefacturacion.fl-tuzep.hu/es/auth/res/ |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
back.jpg
actualizaciondefacturacion.fl-tuzep.hu/es/auth/res/ |
276 KB 278 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Netflix (Online)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| $ function| jQuery boolean| allowvalidate object| errors boolean| abort function| setLang function| sbmt function| validate1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
actualizaciondefacturacion.fl-tuzep.hu/ | Name: PHPSESSID Value: d319e6b0f431765ebb45075e039dbc7a |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
actualizaciondefacturacion.fl-tuzep.hu
alfaahsap.com.tr
92.43.203.14
93.184.144.52
1160b3593249d84264d9263a672b4751a5a756ada25bb175439d814de97b3558
94e277b7fd0aa31c86e646c079a8e27507efd39375d08eea8bd9d8ae6543ffca
ec639da1e04408d4ccbe91dc227ddc21cc615b6d443928a2b49bb7280a0508bb
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
fab8bee9ff18e59b5eafe643a82e845296afce1dfa75eeafa5bf41811bd56836