urlscan.io logo urlscan.io
SecurityTrails logo

www.navtaxrefund.cloud Open in urlscan Pro
31.11.32.35  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Submission: On September 26 via manual from HU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 7 countries across 15 domains to perform 29 HTTP transactions. The main IP is 31.11.32.35, located in Arezzo, Italy and belongs to ARUBA-ASN, IT. The main domain is www.navtaxrefund.cloud.
TLS certificate: Issued by Actalis Domain Validation Server CA G1 on September 25th 2018. Valid for: a year.
This is the only time www.navtaxrefund.cloud was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Interac (Banking) MKB Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
11 31.11.32.35 31034 (ARUBA-ASN)
3 84.206.52.72 31581 (KOPINT-AS)
1 213.253.215.149 12301 (INVITECH)
1 2620:0:862:ed... 14907 (WIKIMEDIA)
1 54.230.95.119 16509 (AMAZON-02)
1 91.220.172.1 41694 (RB-HU-AS)
1 193.245.73.173 15953 (AS_KBCGS_...)
1 195.228.30.20 5483 (HTC-AS Ma...)
1 195.56.141.99 30917 (BUDAPESTB...)
3 2a00:1450:400... 15169 (GOOGLE)
1 194.246.102.106 30942 (ISAFE-AS)
1 195.201.80.32 24940 (HETZNER-AS)
1 185.80.51.55 62214 (RACKFORES...)
1 2.16.181.18 20940 (AKAMAI-ASN1)
1 195.70.44.83 5588 (GTSCE GTS...)
29 16
11    31.11.32.35 (Arezzo, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: websn1s025.aruba.it
www.navtaxrefund.cloud
3    84.206.52.72 (Budapest, Hungary)

ASN31581 (KOPINT-AS, HU)
onlineszamla.nav.gov.hu
1    213.253.215.149 (Budapest, Hungary)

ASN12301 (INVITECH, HU)
PTR: www.mkbnetbankar.hu
www.mkbnetbankar.hu
1    2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA - Wikimedia Foundation Inc., US)
upload.wikimedia.org
1    54.230.95.119 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-95-119.fra2.r.cloudfront.net
trademarks.justia.com
1    91.220.172.1 (Budapest, Hungary)

ASN41694 (RB-HU-AS, HU)
PTR: www.raiffeisen.hu
cdn.raiffeisen.hu
1    193.245.73.173 (Belgium)

ASN15953 (AS_KBCGS_CEDC, HU)
PTR: www.kh.hu
www.kh.hu
1    195.228.30.20 (Mátészalka, Hungary)

ASN5483 (HTC-AS Magyar Telekom Nyrt., HU)
PTR: netbank.erstebank.hu
netbank.erstebank.hu
1    195.56.141.99 (Budapest, Hungary)

ASN30917 (BUDAPESTBANK-AS Budapest Bank Zrt., HU)
PTR: www.budapestbank.hu
www.budapestbank.hu
3    2a00:1450:4001:817::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
encrypted-tbn0.gstatic.com
1    194.246.102.106 (Hungary)

ASN30942 (ISAFE-AS, HU)
PTR: hill2.isafe.hu
www.polgaribank.hu
1    195.201.80.32 (Russian Federation)

ASN24940 (HETZNER-AS, DE)
PTR: server7-new.iworx-host.com
hatter.hu
1    185.80.51.55 (Hungary)

ASN62214 (RACKFOREST-AS, HU)
PTR: bbj.hu
bbj.hu
1    2.16.181.18 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-181-18.deploy.static.akamaitechnologies.com
www.ingwb.com
1    195.70.44.83 (Budapest, Hungary)

ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ)
PTR: mail.mazarsguerard.hu
www.nhbbank.hu
Domain Requested by
11 www.navtaxrefund.cloud www.navtaxrefund.cloud
3 encrypted-tbn0.gstatic.com www.navtaxrefund.cloud
3 onlineszamla.nav.gov.hu www.navtaxrefund.cloud
1 www.nhbbank.hu www.navtaxrefund.cloud
1 www.ingwb.com www.navtaxrefund.cloud
1 bbj.hu www.navtaxrefund.cloud
1 hatter.hu www.navtaxrefund.cloud
1 www.polgaribank.hu www.navtaxrefund.cloud
1 www.budapestbank.hu www.navtaxrefund.cloud
1 netbank.erstebank.hu www.navtaxrefund.cloud
1 www.kh.hu www.navtaxrefund.cloud
1 cdn.raiffeisen.hu www.navtaxrefund.cloud
1 trademarks.justia.com www.navtaxrefund.cloud
1 upload.wikimedia.org www.navtaxrefund.cloud
1 www.mkbnetbankar.hu www.navtaxrefund.cloud
29 15

This site contains links to these domains. Also see Links.

Domain
onlineszamla.nav.gov.hu
nav.gov.hu
Subject Issuer Validity Valid
*.navtaxrefund.cloud
Actalis Domain Validation Server CA G1		 2018-09-25 -
2019-09-25		 a year crt.sh
*.nav.gov.hu
e-Szigno SSL CA 2014		 2016-12-05 -
2018-12-05		 2 years crt.sh
www.mkbnetbankar.hu
COMODO RSA Extended Validation Secure Server CA		 2018-05-11 -
2020-06-26		 2 years crt.sh
*.wikipedia.org
DigiCert SHA2 High Assurance Server CA		 2017-12-21 -
2019-01-24		 a year crt.sh
*.justia.com
Go Daddy Secure Certificate Authority - G2		 2014-04-09 -
2018-12-27		 5 years crt.sh
*.raiffeisen.hu
NetLock Üzleti (Class B) Tanúsítványkiadó		 2017-07-13 -
2019-07-13		 2 years crt.sh
www.kh.hu
DigiCert SHA2 Extended Validation Server CA		 2017-10-16 -
2019-10-21		 2 years crt.sh
netbank.erstebank.hu
NetLock Üzleti (Class B) Tanúsítványkiadó		 2018-03-20 -
2020-03-19		 2 years crt.sh
www.budapestbank.hu
DigiCert SHA2 Extended Validation Server CA		 2018-06-11 -
2019-10-28		 a year crt.sh
*.google.com
Google Internet Authority G3		 2018-09-11 -
2018-12-04		 3 months crt.sh
polgaribank.hu
Let's Encrypt Authority X3		 2018-08-02 -
2018-10-31		 3 months crt.sh
bbj.hu
COMODO RSA Domain Validation Secure Server CA		 2018-06-02 -
2019-06-02		 a year crt.sh
ingwb.com
Entrust Certification Authority - L1M		 2017-03-22 -
2019-04-30		 2 years crt.sh
*.nhbbank.hu
e-Szigno SSL CA 2014		 2017-05-22 -
2019-05-22		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Frame ID: 73543D2FB610D6706501E6C6187D08BE
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i

Page Statistics

29
Requests

97 %
HTTPS

13 %
IPv6

15
Domains

15
Subdomains

16
IPs

7
Countries

533 kB
Transfer

780 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 1.htm
www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/ 		210 KB
110 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
31.11.32.35 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
websn1s025.aruba.it
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
93d3a81fb4a0705337f76c7309514921a4a4c5d683799f542f28cfe4de88c3fb

Request headers

Host
www.navtaxrefund.cloud
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 25 Sep 2018 16:21:16 GMT
Accept-Ranges
bytes
ETag
"06697c8eb54d41:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Date
Wed, 26 Sep 2018 11:18:33 GMT
Content-Length
112456
styles.aef53fda2ad94fb2423e.bundle.css
onlineszamla.nav.gov.hu/ 		0
888 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onlineszamla.nav.gov.hu/styles.aef53fda2ad94fb2423e.bundle.css
Requested by
Host: www.navtaxrefund.cloud
URL: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.206.52.72 Budapest, Hungary, ASN31581 (KOPINT-AS, HU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Last-Modified
Thu, 09 Aug 2018 15:52:52 GMT
Content-Type
text/html
generalCSS.css
www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/files/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/files/generalCSS.css
Requested by
Host: www.navtaxrefund.cloud
URL: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
31.11.32.35 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
websn1s025.aruba.it
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
169ab263f661ef50eab404e6be618a16523d35822615ebb6d9d29228945ea7d5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.navtaxrefund.cloud
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 26 Sep 2018 11:18:33 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Sep 2018 16:21:19 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"802961caeb54d41:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
3879
GTIe8CSS.css
www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/files/ 		31 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/files/GTIe8CSS.css
Requested by
Host: www.navtaxrefund.cloud
URL: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
31.11.32.35 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
websn1s025.aruba.it
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
bb528ff75e2b44eb6e9ca654ddd45f32f41f66ad389295939b3e0650f9cc60e0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.navtaxrefund.cloud
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 26 Sep 2018 11:18:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Sep 2018 16:21:19 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"802961caeb54d41:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
6020
searchCSS.css
www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/files/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/files/searchCSS.css
Requested by
Host: www.navtaxrefund.cloud
URL: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
31.11.32.35 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
websn1s025.aruba.it
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1910ce190905cd2d7bc3d086866c3428f9582378ccd200cc6d205bce83a56f56

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.navtaxrefund.cloud
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 26 Sep 2018 11:18:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Sep 2018 16:21:39 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"80eb4cd6eb54d41:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1861
e-szamla-logo.png
onlineszamla.nav.gov.hu/assets/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onlineszamla.nav.gov.hu/assets/images/e-szamla-logo.png
Requested by
Host: www.navtaxrefund.cloud
URL: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.206.52.72 Budapest, Hungary, ASN31581 (KOPINT-AS, HU),
Reverse DNS
Software
/
Resource Hash
c9c6a3f7926d7923f8ac894bf9a691f7b6921278bad31deeec4fe2baaf3551fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 26 Sep 2018 11:18:35 GMT
Last-Modified
Thu, 09 Aug 2018 15:52:52 GMT
X-Frame-Options
SAMEORIGIN
ETag
"5b6c6354-3c3c"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
X-Server
ppsbicfe3.eszamla.local
Connection
close
Accept-Ranges
bytes
Content-Length
15420
nav_logo.png
onlineszamla.nav.gov.hu/assets/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onlineszamla.nav.gov.hu/assets/images/nav_logo.png
Requested by
Host: www.navtaxrefund.cloud
URL: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.206.52.72 Budapest, Hungary, ASN31581 (KOPINT-AS, HU),
Reverse DNS
Software
/
Resource Hash
967e8e2266fcbacfdd90cc4bfac9f83fc3a714f59b38f57f258fc38474e72ac6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 26 Sep 2018 11:18:35 GMT
Last-Modified
Thu, 09 Aug 2018 15:52:52 GMT
X-Frame-Options
SAMEORIGIN
ETag
"5b6c6354-18f6"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
X-Server
ppsbicfe3.eszamla.local
Connection
close
Accept-Ranges
bytes
Content-Length
6390
mkb_logo.png
www.mkbnetbankar.hu/resources/images/mkb/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mkbnetbankar.hu/resources/images/mkb/mkb_logo.png
Requested by
Host: www.navtaxrefund.cloud
URL: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.253.215.149 Budapest, Hungary, ASN12301 (INVITECH, HU),
Reverse DNS
www.mkbnetbankar.hu
Software
MKB /
Resource Hash
4c09df8ccb8a573887d74240289ef9431301d56394661bc2674c76b6d963e737
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload

Request headers

Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000;includeSubDomains;preload
Last-Modified
Wed, 12 Sep 2018 12:54:44 GMT
Server
MKB
ETag
W/"14217-1536756884000"
Content-Type
image/png
Date
Wed, 26 Sep 2018 11:18:34 GMT
Accept-Ranges
bytes
Content-Length
14217
1200px-Otp_bank_Logo.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/b/b1/Otp_bank_Logo.svg/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/b/b1/Otp_bank_Logo.svg/1200px-Otp_bank_Logo.svg.png
Requested by
Host: www.navtaxrefund.cloud
URL: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA - Wikimedia Foundation Inc., US),
Reverse DNS
Software
/
Resource Hash
d78f51029d319e25a728046f5525c912060cb82f71601a43d2bc2e6a9f85ed24
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-analytics
https=1;nocookies=1
date
Wed, 26 Sep 2018 11:18:34 GMT
via
1.1 varnish (Varnish/5.1), 1.1 varnish (Varnish/5.1), 1.1 varnish (Varnish/5.1)
age
75750
x-cache-status
hit-front
x-cache
cp2008 hit/1, cp3046 hit/4, cp3037 hit/7
status
200
content-length
74245
x-trans-id
tx331df2b4d2f143798689e-005baa4323
x-client-ip
2a01:4f8:202:a9::2
x-object-meta-sha1base36
12bxmy7t1mw5hgv3eq157h74gct070e
timing-allow-origin
*
last-modified
Wed, 16 Mar 2016 20:48:32 GMT
etag
b92e00706a0d050f8c46f75a45b8d281
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-varnish
187913810 192328368, 180625204 162111045, 853225581 696536647
access-control-allow-origin
*
x-timestamp
1458161311.85433
accept-ranges
bytes
content-type
image/png
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache, X-Varnish
image.php
trademarks.justia.com/media/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trademarks.justia.com/media/image.php?serial=85694827
Requested by
Host: www.navtaxrefund.cloud
URL: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.119 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-119.fra2.r.cloudfront.net
Software
Apache/2.2.22 (Ubuntu) / PHP/5.3.10-1ubuntu3.26
Resource Hash
2c1aae84162a32386f60a62c66dafe22174eb1b6f0d1976a4d92de1f15f66853

Request headers

Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 10 Jul 2018 04:20:07 GMT
via
1.1 7c2d73d3cd46e357090188fa2946f746.cloudfront.net (CloudFront)
age
6764308
x-powered-by
PHP/5.3.10-1ubuntu3.26
content-description
File Transfer
x-cache
Hit from cloudfront
status
200
content-length
13568
pragma
public
referrer-policy
origin, unsafe-url
last-modified
Wed, 08 Aug 2012 10:42:01 -0700
server
Apache/2.2.22 (Ubuntu)
content-type
image/jpeg
cache-control
public
x-amz-cf-id
6HQP2dCHd63DInTZFuBDbvua12rCu8wgUG_RkvzModwXvWczepXQRg==
expires
Wed, 10 Jul 2019 04:20:07 GMT
company_logo
cdn.raiffeisen.hu/image/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.raiffeisen.hu/image/company_logo?img_id=1044837&t=1533068660608
Requested by
Host: www.navtaxrefund.cloud
URL: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
91.220.172.1 Budapest, Hungary, ASN41694 (RB-HU-AS, HU),
Reverse DNS
www.raiffeisen.hu
Software
Apache /
Resource Hash
d958d82848864e53f5c8031f25beb254aeab4b9785ed60f51c17ee324305ef4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 26 Sep 2018 11:18:35 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Sat, 26 Mar 2016 10:06:25 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Keep-Alive
timeout=15, max=100
Content-Length
2795
X-XSS-Protection
1; mode=block
logo.png
www.kh.hu/kh-theme/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kh.hu/kh-theme/images/logo.png
Requested by
Host: www.navtaxrefund.cloud
URL: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.245.73.173 , Belgium, ASN15953 (AS_KBCGS_CEDC, HU),
Reverse DNS
www.kh.hu
Software
/
Resource Hash
ef81bf2a6e94704c6573835b401281570a47d5f82ed5f15d1db4590c9ebc00c8
Security Headers
Name Value
Strict-Transport-Security
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 26 Sep 2018 11:18:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
Transfer-Encoding
chunked
p3p
CP="NON CUR OTPi OUR NOR UNI"
x-oracle-dms-rid
0:1
filter-class
com.liferay.portal.servlet.filters.header.HeaderFilter
vary
Accept-Encoding
x-xss-protection
1
last-modified
Wed, 27 Jun 2018 08:39:10 GMT
x-frame-options
SAMEORIGIN
etag
"a40d251f"
strict-transport-security
x-oracle-dms-ecid
005TgHY6EmBFw0Z5Hn5Eif0006OV00000J
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
header-logo.png
netbank.erstebank.hu/erste-netbank-eloszto/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://netbank.erstebank.hu/erste-netbank-eloszto/header-logo.png
Requested by
Host: www.navtaxrefund.cloud
URL: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.228.30.20 Mátészalka, Hungary, ASN5483 (HTC-AS Magyar Telekom Nyrt., HU),
Reverse DNS
netbank.erstebank.hu
Software
Apache /
Resource Hash
07560f3b1b1714451416387ba9fbbb9c10ff251945960a176967e8d8372c2b5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 26 Sep 2018 11:18:35 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Aug 2017 13:27:02 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
image/png
Cache-Control
max-age=2592000
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
17468
Expires
Fri, 26 Oct 2018 11:18:35 GMT
bb.png
www.budapestbank.hu/csoport/auto/calc/teszt/calc/common/calculators/perms/baf/img/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.budapestbank.hu/csoport/auto/calc/teszt/calc/common/calculators/perms/baf/img/bb.png
Requested by
Host: www.navtaxrefund.cloud
URL: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
195.56.141.99 Budapest, Hungary, ASN30917 (BUDAPESTBANK-AS Budapest Bank Zrt., HU),
Reverse DNS
www.budapestbank.hu
Software
/ ASP.NET
Resource Hash
1b4c9a6436d8e871973404c071c8e66edfaf5ec6a6e01c2f072f3d62200c523c

Request headers

Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 26 Sep 2018 11:18:31 GMT
ETag
"8d462c2128dd21:0"
Last-Modified
Wed, 22 Feb 2017 13:46:03 GMT
Accept-Ranges
bytes
X-Powered-By
ASP.NET
Content-Length
22746
Content-Type
image/png
images
encrypted-tbn0.gstatic.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcSSeNqjLeuSrqD-YaUH4u2ZKih4X_vS5_NWo0FbDkvcPXfN67htww
Requested by
Host: www.navtaxrefund.cloud
URL: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
12592c43427854dca707d91b6074befd32672db2980ebf4b82caff873a7a7ad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 26 Sep 2018 11:18:34 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Apr 2018 00:17:59 GMT
server
sffe
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
4248
x-xss-protection
1; mode=block
expires
Thu, 26 Sep 2019 11:18:34 GMT
images
encrypted-tbn0.gstatic.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRcXdIh14nDDXGt_gBvfdrsaYt09XJtZKAqdTnTlE3dM1Fkbf_0
Requested by
Host: www.navtaxrefund.cloud
URL: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
2b6c29554889b1988d86adf770901ace97cd9fdf110d45fc130046a9abd60d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 26 Sep 2018 11:18:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 31 Aug 2017 05:28:58 GMT
server
sffe
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
5996
x-xss-protection
1; mode=block
expires
Thu, 26 Sep 2019 11:18:34 GMT
polgari_bank_logo.png
www.polgaribank.hu/assets/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.polgaribank.hu/assets/img/polgari_bank_logo.png
Requested by
Host: www.navtaxrefund.cloud
URL: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.246.102.106 , Hungary, ASN30942 (ISAFE-AS, HU),
Reverse DNS
hill2.isafe.hu
Software
Apache /
Resource Hash
34d2cc7862d34a74a904ecf47aa0a11687491f897032049807be317fd57aa118
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 26 Sep 2018 11:18:35 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 05 Mar 2014 10:14:08 GMT
Server
Apache
ETag
"10dd-4f3d947fc1c00"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4317
X-XSS-Protection
1; mode=block
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48c9d8924e9646bde0fe8243a4f9003fdc7c50313d34358711b212f714d6b53c

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b9f8431d7919ebe3c1b0f62d2e628b8cbd68ca9706534b1ba582c6a56aab8b1

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
magnet-bank-6cm.jpg
hatter.hu/sites/default/files/kep/egyesuleti_hir/ 		143 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hatter.hu/sites/default/files/kep/egyesuleti_hir/magnet-bank-6cm.jpg
Requested by
Host: www.navtaxrefund.cloud
URL: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Protocol
HTTP/1.1
Server
195.201.80.32 , Russian Federation, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server7-new.iworx-host.com
Software
Apache /
Resource Hash
f9fbcb43ca27799ddfe5145b4472bec4d2901a87f0420d3888f49787f2243c63
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 26 Sep 2018 11:18:35 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 15 Feb 2017 22:44:04 GMT
Server
Apache
ETag
"23c33-548996ae2d500"
Upgrade
h2,h2c
Cache-Control
max-age=1209600
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=15
Content-Length
146483
Expires
Wed, 10 Oct 2018 11:18:35 GMT
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af9c8114b515c9df3eb173307760d01c8fdb793c89fa7db7a500984c1c4fb7f0

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6064dd3a11e39ec04ac3c61aa8c701cf74665015505a9fb5eef62a04c5bb964a

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
truncated
/ 		15 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e757e5b5f3829a321271226ddc8f18d916a897fc4498adf53a683951959d9876

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e0084f43cf541cf3b838c266de88ab0e91639cf4f95ef0df6aaa58bcda2e011

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe0528bbc79fc7546010a0009eb0e24b4b0efcaafc562ae7a28735eda4efdd1f

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d5484f6e6f0c7b5db8b383207479cfb59e9e7c1ebd75435ba194d0878ccfd10

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99ee95dd806c03c2901c86078dd735f91a3d5f09a3f71cafbe106437a5a0ee4a

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
15042674230114xCO3g0U562M_L.jpg
bbj.hu/images2/201709/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bbj.hu/images2/201709/15042674230114xCO3g0U562M_L.jpg
Requested by
Host: www.navtaxrefund.cloud
URL: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.80.51.55 , Hungary, ASN62214 (RACKFOREST-AS, HU),
Reverse DNS
bbj.hu
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
25ea73e8db06d75a76e2eb2cb1429e6365866a2d9bebc057586a77a9e8f794de

Request headers

Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 26 Sep 2018 11:18:35 GMT
Last-Modified
Fri, 01 Sep 2017 12:03:44 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"e0af-5581f8d7c6af7"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
57519
logo.svg
www.ingwb.com/Static/Images/ 		17 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ingwb.com/Static/Images/logo.svg
Requested by
Host: www.navtaxrefund.cloud
URL: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.181.18 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-181-18.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e1eb294db85ca963d8a613dd63729eb5e642505b5daeb23f5ee04b1c91e90ffa
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 26 Sep 2018 11:18:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 16 Aug 2018 09:54:22 GMT
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
image/svg+xml
Cache-Control
max-age=2810
Strict-Transport-Security
max-age=31622400
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
7275
x-xss-protection
1; mode=block
logo.png
www.nhbbank.hu/static/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nhbbank.hu/static/img/logo.png
Requested by
Host: www.navtaxrefund.cloud
URL: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.70.44.83 Budapest, Hungary, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),
Reverse DNS
mail.mazarsguerard.hu
Software
nginx/1.12.0 /
Resource Hash
12e39bb081811df2a8eacd33a68e761be262d416aef1c5ab03a2f01bccc91b10

Request headers

Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 26 Sep 2018 11:16:59 GMT
Last-Modified
Fri, 26 May 2017 10:50:38 GMT
Server
nginx/1.12.0
ETag
"5928087e-8fb"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2299
images
encrypted-tbn0.gstatic.com/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQ0MHW97XFXnSh4pbMTvn-qQKmaY6Xwt0m9Z-tHZpkWjxD4gdViWg
Requested by
Host: www.navtaxrefund.cloud
URL: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
393cc6582e9552075cf86700d17a6ebafd84468fc6b88b2c6e7ea884bc892662
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 26 Sep 2018 11:18:34 GMT
x-content-type-options
nosniff
last-modified
Mon, 03 Jul 2017 19:49:36 GMT
server
sffe
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
8415
x-xss-protection
1; mode=block
expires
Thu, 26 Sep 2019 11:18:34 GMT
inline.js
www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/Online%20sz%C3%A1mla_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/Online%20sz%C3%A1mla_files/inline.js
Requested by
Host: www.navtaxrefund.cloud
URL: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
31.11.32.35 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
websn1s025.aruba.it
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.navtaxrefund.cloud
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 26 Sep 2018 11:18:34 GMT
Cache-Control
private
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Length
5070
Content-Type
text/html; charset=utf-8
polyfills.js
www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/Online%20sz%C3%A1mla_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/Online%20sz%C3%A1mla_files/polyfills.js
Requested by
Host: www.navtaxrefund.cloud
URL: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
31.11.32.35 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
websn1s025.aruba.it
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.navtaxrefund.cloud
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 26 Sep 2018 11:18:34 GMT
Cache-Control
private
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Length
5076
Content-Type
text/html; charset=utf-8
scripts.js
www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/Online%20sz%C3%A1mla_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/Online%20sz%C3%A1mla_files/scripts.js
Requested by
Host: www.navtaxrefund.cloud
URL: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
31.11.32.35 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
websn1s025.aruba.it
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.navtaxrefund.cloud
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 26 Sep 2018 11:18:34 GMT
Cache-Control
private
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Length
5072
Content-Type
text/html; charset=utf-8
main.js
www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/Online%20sz%C3%A1mla_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/Online%20sz%C3%A1mla_files/main.js
Requested by
Host: www.navtaxrefund.cloud
URL: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
31.11.32.35 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
websn1s025.aruba.it
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.navtaxrefund.cloud
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 26 Sep 2018 11:18:34 GMT
Cache-Control
private
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Length
5066
Content-Type
text/html; charset=utf-8
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b38caee5bd973f4c5e1ae243d1b9d62e1b039f2e3bd50fb6a5d667125ab85350

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5eef7c662645e3067da293ffa7e5a6dc5736c9a57c22c4c71b25101e07da1388

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26d6f6b47449c1b75d0fb0b612ef53ecb1de7cea3d028f65c003612b9360ffa9

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
603d0fe7e95cb317ac0c82522e95dff1f41a45958b1f6057c66ab635dbea9ac1

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/ 		12 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
707391c7bc3952979384d8d348c11301462a07a04bff3bbd628602e3fcaa1b83

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
polyfills.js
www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/Online%20sz%C3%A1mla_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/Online%20sz%C3%A1mla_files/polyfills.js
Requested by
Host: www.navtaxrefund.cloud
URL: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
31.11.32.35 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
websn1s025.aruba.it
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.navtaxrefund.cloud
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 26 Sep 2018 11:18:34 GMT
Cache-Control
private
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Length
5076
Content-Type
text/html; charset=utf-8
scripts.js
www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/Online%20sz%C3%A1mla_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/Online%20sz%C3%A1mla_files/scripts.js
Requested by
Host: www.navtaxrefund.cloud
URL: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
31.11.32.35 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
websn1s025.aruba.it
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.navtaxrefund.cloud
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 26 Sep 2018 11:18:34 GMT
Cache-Control
private
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Length
5072
Content-Type
text/html; charset=utf-8
main.js
www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/Online%20sz%C3%A1mla_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/Online%20sz%C3%A1mla_files/main.js
Requested by
Host: www.navtaxrefund.cloud
URL: https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
31.11.32.35 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
websn1s025.aruba.it
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.navtaxrefund.cloud
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.navtaxrefund.cloud/do/do/do/dsgvdsw3r5324324/1.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 26 Sep 2018 11:18:34 GMT
Cache-Control
private
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Length
5066
Content-Type
text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Interac (Banking) MKB Bank (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bbj.hu
cdn.raiffeisen.hu
encrypted-tbn0.gstatic.com
hatter.hu
netbank.erstebank.hu
onlineszamla.nav.gov.hu
trademarks.justia.com
upload.wikimedia.org
www.budapestbank.hu
www.ingwb.com
www.kh.hu
www.mkbnetbankar.hu
www.navtaxrefund.cloud
www.nhbbank.hu
www.polgaribank.hu
185.80.51.55
193.245.73.173
194.246.102.106
195.201.80.32
195.228.30.20
195.56.141.99
195.70.44.83
2.16.181.18
213.253.215.149
2620:0:862:ed1a::2:b
2a00:1450:4001:817::200e
31.11.32.35
54.230.95.119
84.206.52.72
91.220.172.1
07560f3b1b1714451416387ba9fbbb9c10ff251945960a176967e8d8372c2b5e
12592c43427854dca707d91b6074befd32672db2980ebf4b82caff873a7a7ad6
12e39bb081811df2a8eacd33a68e761be262d416aef1c5ab03a2f01bccc91b10
169ab263f661ef50eab404e6be618a16523d35822615ebb6d9d29228945ea7d5
1910ce190905cd2d7bc3d086866c3428f9582378ccd200cc6d205bce83a56f56
1b4c9a6436d8e871973404c071c8e66edfaf5ec6a6e01c2f072f3d62200c523c
25ea73e8db06d75a76e2eb2cb1429e6365866a2d9bebc057586a77a9e8f794de
26d6f6b47449c1b75d0fb0b612ef53ecb1de7cea3d028f65c003612b9360ffa9
2b6c29554889b1988d86adf770901ace97cd9fdf110d45fc130046a9abd60d36
2c1aae84162a32386f60a62c66dafe22174eb1b6f0d1976a4d92de1f15f66853
34d2cc7862d34a74a904ecf47aa0a11687491f897032049807be317fd57aa118
393cc6582e9552075cf86700d17a6ebafd84468fc6b88b2c6e7ea884bc892662
3b9f8431d7919ebe3c1b0f62d2e628b8cbd68ca9706534b1ba582c6a56aab8b1
48c9d8924e9646bde0fe8243a4f9003fdc7c50313d34358711b212f714d6b53c
4c09df8ccb8a573887d74240289ef9431301d56394661bc2674c76b6d963e737
4d5484f6e6f0c7b5db8b383207479cfb59e9e7c1ebd75435ba194d0878ccfd10
5eef7c662645e3067da293ffa7e5a6dc5736c9a57c22c4c71b25101e07da1388
603d0fe7e95cb317ac0c82522e95dff1f41a45958b1f6057c66ab635dbea9ac1
6064dd3a11e39ec04ac3c61aa8c701cf74665015505a9fb5eef62a04c5bb964a
6e0084f43cf541cf3b838c266de88ab0e91639cf4f95ef0df6aaa58bcda2e011
707391c7bc3952979384d8d348c11301462a07a04bff3bbd628602e3fcaa1b83
93d3a81fb4a0705337f76c7309514921a4a4c5d683799f542f28cfe4de88c3fb
967e8e2266fcbacfdd90cc4bfac9f83fc3a714f59b38f57f258fc38474e72ac6
99ee95dd806c03c2901c86078dd735f91a3d5f09a3f71cafbe106437a5a0ee4a
af9c8114b515c9df3eb173307760d01c8fdb793c89fa7db7a500984c1c4fb7f0
b38caee5bd973f4c5e1ae243d1b9d62e1b039f2e3bd50fb6a5d667125ab85350
bb528ff75e2b44eb6e9ca654ddd45f32f41f66ad389295939b3e0650f9cc60e0
c9c6a3f7926d7923f8ac894bf9a691f7b6921278bad31deeec4fe2baaf3551fa
d78f51029d319e25a728046f5525c912060cb82f71601a43d2bc2e6a9f85ed24
d958d82848864e53f5c8031f25beb254aeab4b9785ed60f51c17ee324305ef4b
e1eb294db85ca963d8a613dd63729eb5e642505b5daeb23f5ee04b1c91e90ffa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e757e5b5f3829a321271226ddc8f18d916a897fc4498adf53a683951959d9876
ef81bf2a6e94704c6573835b401281570a47d5f82ed5f15d1db4590c9ebc00c8
f9fbcb43ca27799ddfe5145b4472bec4d2901a87f0420d3888f49787f2243c63
fe0528bbc79fc7546010a0009eb0e24b4b0efcaafc562ae7a28735eda4efdd1f