csam.toegangsportaal.org
Open in
urlscan Pro
111.90.142.125
Malicious Activity!
Public Scan
Submission: On May 14 via manual from BE
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on May 14th 2020. Valid for: 3 months.
This is the only time csam.toegangsportaal.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ING Group (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 111.90.142.125 111.90.142.125 | 45839 (SHINJIRU-...) (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd) | |
7 | 2a00:1450:400... 2a00:1450:4001:81f::200a | 15169 (GOOGLE) (GOOGLE) | |
9 | 193.191.245.173 193.191.245.173 | 2611 (BELNET) (BELNET) | |
33 | 4 |
ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
csam.toegangsportaal.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
toegangsportaal.org
csam.toegangsportaal.org |
132 KB |
9 |
belgium.be
idp.iamfas.belgium.be |
1 MB |
7 |
googleapis.com
maps.googleapis.com |
160 KB |
0 |
Failed
function sub() { [native code] }. Failed |
|
33 | 4 |
Domain | Requested by | |
---|---|---|
10 | csam.toegangsportaal.org |
csam.toegangsportaal.org
|
9 | idp.iamfas.belgium.be |
csam.toegangsportaal.org
|
7 | maps.googleapis.com |
csam.toegangsportaal.org
maps.googleapis.com |
0 | localhost Failed |
csam.toegangsportaal.org
|
33 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
webdisk.toegangsportaal.org Let's Encrypt Authority X3 |
2020-05-14 - 2020-08-12 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-04-15 - 2020-07-08 |
3 months | crt.sh |
idp.iamfas.belgium.be TERENA SSL CA 3 |
2018-11-22 - 2020-12-02 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://csam.toegangsportaal.org/
Frame ID: 5BC8F22D758E3528B435DC02902F1295
Requests: 33 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
csam.toegangsportaal.org/ |
13 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
maps.googleapis.com/maps/api/ |
118 KB 39 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
maps.googleapis.com/maps/api/ |
114 KB 38 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
general.css
idp.iamfas.belgium.be/fasui/resources/css/ |
233 KB 41 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
general2.css
idp.iamfas.belgium.be/fasui/resources/css/ |
11 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fedict-iam-front-vendor.css
idp.iamfas.belgium.be/fasui/resources/css/ |
62 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
style.css
localhost/content/ingbetaalverzoek/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor.min.js
idp.iamfas.belgium.be/fasui/resources/javascript/ |
453 KB 454 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bundle.min.js
idp.iamfas.belgium.be/fasui/resources/javascript/ |
489 KB 490 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.blockUI-2.70.min.js
idp.iamfas.belgium.be/fasui/resources/js/ |
11 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.validity.min.js
idp.iamfas.belgium.be/fasui/resources/javascript/ |
16 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
be-logo.png
idp.iamfas.belgium.be/fasui/resources/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-csam-white-background.png
idp.iamfas.belgium.be/fasui/resources/images/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kbc.png
csam.toegangsportaal.org/content/ingbetaalverzoek/img/icons/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
axa.png
csam.toegangsportaal.org/content/ingbetaalverzoek/img/icons/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnp.png
csam.toegangsportaal.org/content/ingbetaalverzoek/img/icons/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ing-be.png
csam.toegangsportaal.org/content/ingbetaalverzoek/img/icons/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
belfius.png
csam.toegangsportaal.org/content/ingbetaalverzoek/img/icons/ |
23 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
beobank.png
csam.toegangsportaal.org/content/ingbetaalverzoek/img/icons/ |
19 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
regiobank.png
csam.toegangsportaal.org/content/ingbetaalverzoek/img/icons/ |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
crelan.png
csam.toegangsportaal.org/content/ingbetaalverzoek/img/icons/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
argenta.png
csam.toegangsportaal.org/content/ingbetaalverzoek/img/icons/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
roboto-v15-latin-700.woff2
idp.iamfas.belgium.be/fasui/resources/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
roboto-v15-latin-regular.woff2
idp.iamfas.belgium.be/fasui/resources/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
roboto-v15-latin-700.woff
idp.iamfas.belgium.be/fasui/resources/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
roboto-v15-latin-regular.woff
idp.iamfas.belgium.be/fasui/resources/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
roboto-v15-latin-700.ttf
idp.iamfas.belgium.be/fasui/resources/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
roboto-v15-latin-regular.ttf
idp.iamfas.belgium.be/fasui/resources/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
maps.googleapis.com/maps-api-v3/api/js/40/12/ |
77 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
util.js
maps.googleapis.com/maps-api-v3/api/js/40/12/ |
144 KB 53 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ |
62 B 153 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stats.js
maps.googleapis.com/maps-api-v3/api/js/40/12/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gen_204
maps.googleapis.com/maps/ |
0 123 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- localhost
- URL
- http://localhost/content/ingbetaalverzoek/css/style.css
- Domain
- idp.iamfas.belgium.be
- URL
- https://idp.iamfas.belgium.be/fasui/resources/fonts/roboto-v15-latin-700.woff2
- Domain
- idp.iamfas.belgium.be
- URL
- https://idp.iamfas.belgium.be/fasui/resources/fonts/roboto-v15-latin-regular.woff2
- Domain
- idp.iamfas.belgium.be
- URL
- https://idp.iamfas.belgium.be/fasui/resources/fonts/roboto-v15-latin-700.woff
- Domain
- idp.iamfas.belgium.be
- URL
- https://idp.iamfas.belgium.be/fasui/resources/fonts/roboto-v15-latin-regular.woff
- Domain
- idp.iamfas.belgium.be
- URL
- https://idp.iamfas.belgium.be/fasui/resources/fonts/roboto-v15-latin-700.ttf
- Domain
- idp.iamfas.belgium.be
- URL
- https://idp.iamfas.belgium.be/fasui/resources/fonts/roboto-v15-latin-regular.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ING Group (Banking)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
csam.toegangsportaal.org
idp.iamfas.belgium.be
localhost
maps.googleapis.com
idp.iamfas.belgium.be
localhost
111.90.142.125
193.191.245.173
2a00:1450:4001:81f::200a
0e2b3b3bbb0313fc69ae42dff78b053c0dfe207a2e20851972f87029e43e8bdc
1457925150992ddbb523a5bb1bf16a7ab9743bd16286fb4f7d4c033fc958e5ae
282a91f39aa41aafd3e90e64cf3a600f806e1a019f9075acc75f42dd475d1d0c
2e831f3165a203b90e82a3796f3352fc7066ca3d78ee2e523ac718e5c1defd69
3f1c39df3f3ca323422d342bbfef5a96b77fc27bb1b8780ad931ee36a5fa445f
46398f6374e7f7afd4384087d40fc17b640714a90fb7267aeb8b4ebb60cc7df1
5c922be9379c017ddc1e449d102a04991c546bb922b0d08163e9049cad57166c
7f34863dc974f04cc022c8ca1ad5bf56693997f647da8872f9c6a615e9b1cb89
830c15363c217d6121359874481d2093c84c3b481dd7b3d7ded41350487a202c
896fe0b2be124c4a51a3a1e2be4bbedef1d1f47ae9c040ece5f534a17e602ef8
a11523d8d9b247faab200bd3d51688352418c17341cf2da98db5beb8c1742cc7
b9dd0d4c482c406b3dfc4fc1279bf00d2d37a641e44069fb4d779d97443345eb
c854e87766c69eae1a650da0245ab2583fe49ce330433e50f87e2e4c00a4b886
e98b493d6f77ea03718ee4cd358eb00f1a9436aa938e70394201be1f89346096
f41ec24e6d389becfe0831a9b7087e4e8b35bda2dfec6f29729b06b890209e4d
f6feee1ba452536b2959447d5996ddc72329ce138594081c81bc422873341689
f7044cd37754c3a0010acf8053af566cadf7a24b6b9576a611732fc54685f8a5