tbcbankonlingirou.top
Open in
urlscan Pro
185.246.221.151
Malicious Activity!
Public Scan
Submission Tags: https://phish.report @phish_report Search All
Submission: On March 18 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by R3 on March 18th 2023. Valid for: 3 months.
This is the only time tbcbankonlingirou.top was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: TBC Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 185.246.221.151 185.246.221.151 | 211252 (AS_DELIS) (AS_DELIS) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:1a | 20446 (STACKPATH...) (STACKPATH-CDN) | |
11 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
tbcbankonlingirou.top
tbcbankonlingirou.top |
573 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 686 |
30 KB |
11 | 2 |
Domain | Requested by | |
---|---|---|
10 | tbcbankonlingirou.top |
tbcbankonlingirou.top
|
1 | code.jquery.com |
tbcbankonlingirou.top
|
11 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.google.com |
windows.microsoft.com |
www.mozilla.org |
www.opera.com |
www.apple.com |
www.tbcbank.ge |
tbconline.ge |
Subject Issuer | Validity | Valid | |
---|---|---|---|
tbcbankonlingirou.top R3 |
2023-03-18 - 2023-06-16 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://tbcbankonlingirou.top/
Frame ID: 158B0AC55CE96BCE2B231B9DBABEC9A7
Requests: 11 HTTP requests in this frame
9 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: tbcbank.ge
Search URL Search Domain Scan URL
Title: უსაფრთხოება და კონფიდენციალურობა
Search URL Search Domain Scan URL
Title: დაგვიკავშირდი
Search URL Search Domain Scan URL
Title: ბიზნესი
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
tbcbankonlingirou.top/ |
196 KB 36 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
tbcbankonlingirou.top/css/ |
28 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
language_index.js
tbcbankonlingirou.top/language/ |
2 KB 853 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flag-geo.svg
tbcbankonlingirou.top/img/ |
958 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flag-switch2.svg
tbcbankonlingirou.top/img/ |
338 B 494 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flag-gb.svg
tbcbankonlingirou.top/img/ |
522 B 678 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-background.jpeg
tbcbankonlingirou.top/img/ |
296 KB 296 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
down.png
tbcbankonlingirou.top/img/ |
417 B 622 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TBCDinNusxuri-Medium.woff2
tbcbankonlingirou.top/fonts/ |
49 KB 49 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TBCDinMtavruli-Regular.ttf
tbcbankonlingirou.top/fonts/ |
181 KB 181 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: TBC Bank (Banking)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| $ function| jQuery object| txt function| call function| validateInputUser function| validateInputPass0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
tbcbankonlingirou.top
185.246.221.151
2001:4de0:ac18::1:a:1a
028dbe842bbe9829d449b66701b5e1d198d171271eeb6a8662fd9df8322c1411
3c2361ac5b19de46d6d3a4be931b2b414f4a44443bd2ce04d22c554791c15edb
52eea8e7561f0493a0ef69eb98bab023df2570a3fba4b111d9c3d8b2cf25888c
53b0819dd629d617ac07b4821b2fc299e611aa8c2e27334753100e24e7171640
6eb677fe0b15e23bab16696610d7b41c7889f7d272093e2887aef96f7ced388a
72a1e2d04f641d7fe9eae9d1aafc10e25abe110dc0d6ef71f344c1236e260b7f
b3addfbde22b9a0039e49982a29880962a15668ec7564acdf2dc17b28121d4e6
d8e1d8f48cd8f050f88a0967744ecc2f2be8944989b7ece2cddcb99525c3f4fc
d9b86c8de4422e66eeb0d0ab9074f51434eca690fd0caf96e7eade4ea726e32f
e7bff00c0a529f8ea9606e6a47a40c0d15da64387cb4ad41d1285096a39f5ebf
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e