csam.toegangsportaal.org Open in urlscan Pro
111.90.142.125  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response csam.toegangsportaal.org/	13 KB 2 KB	1771ms 266ms	Document text/html	111.90.142.125 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Full URL https://csam.toegangsportaal.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 111.90.142.125 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS Software LiteSpeed / PHP/7.3.17 Resource Hash 896fe0b2be124c4a51a3a1e2be4bbedef1d1f47ae9c040ece5f534a17e602ef8 Request headers :method GET :authority csam.toegangsportaal.org :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 x-powered-by PHP/7.3.17 set-cookie PHPSESSID=8c839108d37c27ac9c1f038f47dd0756; path=/ expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache content-type text/html; charset=UTF-8 content-length 2159 content-encoding br vary Accept-Encoding date Thu, 14 May 2020 14:20:14 GMT server LiteSpeed alt-svc quic=":443"; ma=2592000; v="39,43,46", h3-Q039=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-23=":443"; ma=2592000, h3-24=":443"; ma=2592000
GET H2	200	js Show response maps.googleapis.com/maps/api/	118 KB 39 KB	57ms 34ms	Script text/javascript	2a00:1450:4001:81f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps/api/js?libraries=places Requested by Host: csam.toegangsportaal.org URL: https://csam.toegangsportaal.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software mafe / Resource Hash 3f1c39df3f3ca323422d342bbfef5a96b77fc27bb1b8780ad931ee36a5fa445f Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://csam.toegangsportaal.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 14 May 2020 14:20:14 GMT content-encoding gzip vary Accept-Language server mafe x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 status 200 cache-control public, max-age=1800 server-timing gfet4t7; dur=20 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39418 x-xss-protection 0 expires Thu, 14 May 2020 14:50:14 GMT
GET H2	200	js Show response maps.googleapis.com/maps/api/	114 KB 38 KB	63ms 40ms	Script text/javascript	2a00:1450:4001:81f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps/api/js?key=AIzaSyDvpx3nlI4QjdRi3HubSZxcaoXH3g7FBMY Requested by Host: csam.toegangsportaal.org URL: https://csam.toegangsportaal.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software mafe / Resource Hash 830c15363c217d6121359874481d2093c84c3b481dd7b3d7ded41350487a202c Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://csam.toegangsportaal.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 14 May 2020 14:20:14 GMT content-encoding gzip vary Accept-Language server mafe x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 status 200 cache-control public, max-age=1800 server-timing gfet4t7; dur=21 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38299 x-xss-protection 0 expires Thu, 14 May 2020 14:50:14 GMT
GET H/1.1	200 OK	general.css idp.iamfas.belgium.be/fasui/resources/css/	233 KB 41 KB	186ms 44ms	Stylesheet text/css	193.191.245.173 BELNET
General Check archive.org Show headers Download Go to Full URL https://idp.iamfas.belgium.be/fasui/resources/css/general.css?v=20190916135530 Requested by Host: csam.toegangsportaal.org URL: https://csam.toegangsportaal.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.191.245.173 , Belgium, ASN2611 (BELNET, BE), Reverse DNS idp.iamfas.belgium.be Software / Resource Hash c854e87766c69eae1a650da0245ab2583fe49ce330433e50f87e2e4c00a4b886 Request headers Referer https://csam.toegangsportaal.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Thu, 14 May 2020 14:20:14 GMT Content-Encoding gzip Last-Modified Fri, 06 Mar 2020 15:30:34 GMT ETag W/"238879-1583508634000" Vary Accept-Encoding Content-Type text/css;charset=UTF-8 Cache-Control no-cache, no-store, must-revalidate Transfer-Encoding chunked Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=40, max=100 Expires 0
GET H/1.1	200 OK	general2.css idp.iamfas.belgium.be/fasui/resources/css/	11 KB 4 KB	174ms 29ms	Stylesheet text/css	193.191.245.173 BELNET
General Check archive.org Show headers Download Go to Full URL https://idp.iamfas.belgium.be/fasui/resources/css/general2.css?v=20190916135530 Requested by Host: csam.toegangsportaal.org URL: https://csam.toegangsportaal.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.191.245.173 , Belgium, ASN2611 (BELNET, BE), Reverse DNS idp.iamfas.belgium.be Software / Resource Hash f41ec24e6d389becfe0831a9b7087e4e8b35bda2dfec6f29729b06b890209e4d Request headers Referer https://csam.toegangsportaal.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Thu, 14 May 2020 14:20:14 GMT Content-Encoding gzip Last-Modified Fri, 06 Mar 2020 15:30:34 GMT ETag W/"10825-1583508634000" Vary Accept-Encoding Content-Type text/css;charset=UTF-8 Cache-Control no-cache, no-store, must-revalidate Transfer-Encoding chunked Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=40, max=100 Expires 0
GET H/1.1	200 OK	fedict-iam-front-vendor.css idp.iamfas.belgium.be/fasui/resources/css/	62 KB 16 KB	173ms 27ms	Stylesheet text/css	193.191.245.173 BELNET
General Check archive.org Show headers Download Go to Full URL https://idp.iamfas.belgium.be/fasui/resources/css/fedict-iam-front-vendor.css?v=20190916135530 Requested by Host: csam.toegangsportaal.org URL: https://csam.toegangsportaal.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.191.245.173 , Belgium, ASN2611 (BELNET, BE), Reverse DNS idp.iamfas.belgium.be Software / Resource Hash 7f34863dc974f04cc022c8ca1ad5bf56693997f647da8872f9c6a615e9b1cb89 Request headers Referer https://csam.toegangsportaal.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Thu, 14 May 2020 14:20:14 GMT Content-Encoding gzip Last-Modified Tue, 06 Dec 2016 13:37:16 GMT ETag W/"63531-1481031436000" Vary Accept-Encoding Content-Type text/css;charset=UTF-8 Cache-Control no-cache, no-store, must-revalidate Transfer-Encoding chunked Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=40, max=100 Expires 0
GET		style.css localhost/content/ingbetaalverzoek/css/	0 0
GET H/1.1	200 OK	vendor.min.js Show response idp.iamfas.belgium.be/fasui/resources/javascript/	453 KB 454 KB	204ms 26ms	Script application/javascript	193.191.245.173 BELNET
General Check archive.org Show headers Download Go to Full URL https://idp.iamfas.belgium.be/fasui/resources/javascript/vendor.min.js?v=20190916135530 Requested by Host: csam.toegangsportaal.org URL: https://csam.toegangsportaal.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.191.245.173 , Belgium, ASN2611 (BELNET, BE), Reverse DNS idp.iamfas.belgium.be Software / Resource Hash b9dd0d4c482c406b3dfc4fc1279bf00d2d37a641e44069fb4d779d97443345eb Request headers Referer https://csam.toegangsportaal.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Thu, 14 May 2020 14:20:14 GMT Last-Modified Fri, 06 Mar 2020 15:30:34 GMT ETag W/"463931-1583508634000" Content-Type application/javascript;charset=UTF-8 Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=40, max=99 Content-Length 463931 Expires 0
GET H/1.1	200 OK	bundle.min.js Show response idp.iamfas.belgium.be/fasui/resources/javascript/	489 KB 490 KB	223ms 23ms	Script application/javascript	193.191.245.173 BELNET
General Check archive.org Show headers Download Go to Full URL https://idp.iamfas.belgium.be/fasui/resources/javascript/bundle.min.js?v=20190916135530 Requested by Host: csam.toegangsportaal.org URL: https://csam.toegangsportaal.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.191.245.173 , Belgium, ASN2611 (BELNET, BE), Reverse DNS idp.iamfas.belgium.be Software / Resource Hash 2e831f3165a203b90e82a3796f3352fc7066ca3d78ee2e523ac718e5c1defd69 Request headers Referer https://csam.toegangsportaal.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Thu, 14 May 2020 14:20:14 GMT Last-Modified Thu, 12 Mar 2020 15:15:28 GMT ETag W/"500700-1584026128000" Content-Type application/javascript;charset=UTF-8 Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=40, max=99 Content-Length 500700 Expires 0
GET H/1.1	200 OK	jquery.blockUI-2.70.min.js Show response idp.iamfas.belgium.be/fasui/resources/js/	11 KB 12 KB	266ms 35ms	Script application/javascript	193.191.245.173 BELNET
General Check archive.org Show headers Download Go to Full URL https://idp.iamfas.belgium.be/fasui/resources/js/jquery.blockUI-2.70.min.js Requested by Host: csam.toegangsportaal.org URL: https://csam.toegangsportaal.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.191.245.173 , Belgium, ASN2611 (BELNET, BE), Reverse DNS idp.iamfas.belgium.be Software / Resource Hash f7044cd37754c3a0010acf8053af566cadf7a24b6b9576a611732fc54685f8a5 Request headers Referer https://csam.toegangsportaal.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Thu, 14 May 2020 14:20:14 GMT Last-Modified Fri, 06 Mar 2020 15:30:34 GMT ETag W/"10935-1583508634000" Content-Type application/javascript;charset=UTF-8 Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=40, max=100 Content-Length 10935 Expires 0
GET H/1.1	200 OK	jquery.validity.min.js Show response idp.iamfas.belgium.be/fasui/resources/javascript/	16 KB 17 KB	275ms 21ms	Script application/javascript	193.191.245.173 BELNET
General Check archive.org Show headers Download Go to Full URL https://idp.iamfas.belgium.be/fasui/resources/javascript/jquery.validity.min.js Requested by Host: csam.toegangsportaal.org URL: https://csam.toegangsportaal.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.191.245.173 , Belgium, ASN2611 (BELNET, BE), Reverse DNS idp.iamfas.belgium.be Software / Resource Hash e98b493d6f77ea03718ee4cd358eb00f1a9436aa938e70394201be1f89346096 Request headers Referer https://csam.toegangsportaal.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Thu, 14 May 2020 14:20:14 GMT Last-Modified Fri, 20 Jul 2018 06:48:26 GMT ETag W/"16281-1532069306000" Content-Type application/javascript;charset=UTF-8 Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=40, max=99 Content-Length 16281 Expires 0
GET H/1.1	200 OK	be-logo.png idp.iamfas.belgium.be/fasui/resources/images/	3 KB 4 KB	22ms 21ms	Image image/png	193.191.245.173 BELNET
General Check archive.org Show headers Download Go to Show image Full URL https://idp.iamfas.belgium.be/fasui/resources/images/be-logo.png?v=20190916135530 Requested by Host: csam.toegangsportaal.org URL: https://csam.toegangsportaal.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.191.245.173 , Belgium, ASN2611 (BELNET, BE), Reverse DNS idp.iamfas.belgium.be Software / Resource Hash 5c922be9379c017ddc1e449d102a04991c546bb922b0d08163e9049cad57166c Request headers Referer https://csam.toegangsportaal.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Thu, 14 May 2020 14:20:14 GMT Last-Modified Fri, 06 Mar 2020 15:30:34 GMT ETag W/"3142-1583508634000" Content-Type image/png;charset=UTF-8 Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=40, max=98 Content-Length 3142 Expires 0
GET H/1.1	200 OK	logo-csam-white-background.png idp.iamfas.belgium.be/fasui/resources/images/	8 KB 8 KB	23ms 23ms	Image image/png	193.191.245.173 BELNET
General Check archive.org Show headers Download Go to Show image Full URL https://idp.iamfas.belgium.be/fasui/resources/images/logo-csam-white-background.png?v=20190916135530 Requested by Host: csam.toegangsportaal.org URL: https://csam.toegangsportaal.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.191.245.173 , Belgium, ASN2611 (BELNET, BE), Reverse DNS idp.iamfas.belgium.be Software / Resource Hash 0e2b3b3bbb0313fc69ae42dff78b053c0dfe207a2e20851972f87029e43e8bdc Request headers Referer https://csam.toegangsportaal.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Thu, 14 May 2020 14:20:14 GMT Last-Modified Fri, 06 Mar 2020 15:30:34 GMT ETag W/"8116-1583508634000" Content-Type image/png;charset=UTF-8 Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=40, max=98 Content-Length 8116 Expires 0
GET H2	200	kbc.png csam.toegangsportaal.org/content/ingbetaalverzoek/img/icons/	8 KB 8 KB	520ms 518ms	Image image/png	111.90.142.125 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Show image Full URL https://csam.toegangsportaal.org/content/ingbetaalverzoek/img/icons/kbc.png Requested by Host: csam.toegangsportaal.org URL: https://csam.toegangsportaal.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 111.90.142.125 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS Software LiteSpeed / Resource Hash 282a91f39aa41aafd3e90e64cf3a600f806e1a019f9075acc75f42dd475d1d0c Request headers Referer https://csam.toegangsportaal.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 14 May 2020 14:20:14 GMT last-modified Thu, 14 May 2020 01:42:29 GMT server LiteSpeed content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 8030 expires Thu, 21 May 2020 14:20:14 GMT
GET H2	200	axa.png csam.toegangsportaal.org/content/ingbetaalverzoek/img/icons/	8 KB 9 KB	520ms 518ms	Image image/png	111.90.142.125 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Show image Full URL https://csam.toegangsportaal.org/content/ingbetaalverzoek/img/icons/axa.png Requested by Host: csam.toegangsportaal.org URL: https://csam.toegangsportaal.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 111.90.142.125 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS Software LiteSpeed / Resource Hash f6feee1ba452536b2959447d5996ddc72329ce138594081c81bc422873341689 Request headers Referer https://csam.toegangsportaal.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 14 May 2020 14:20:14 GMT last-modified Thu, 14 May 2020 01:42:25 GMT server LiteSpeed content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 8676 expires Thu, 21 May 2020 14:20:14 GMT
GET H2	200	bnp.png csam.toegangsportaal.org/content/ingbetaalverzoek/img/icons/	17 KB 17 KB	524ms 522ms	Image image/png	111.90.142.125 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Show image Full URL https://csam.toegangsportaal.org/content/ingbetaalverzoek/img/icons/bnp.png Requested by Host: csam.toegangsportaal.org URL: https://csam.toegangsportaal.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 111.90.142.125 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS Software LiteSpeed / Resource Hash a11523d8d9b247faab200bd3d51688352418c17341cf2da98db5beb8c1742cc7 Request headers Referer https://csam.toegangsportaal.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 14 May 2020 14:20:14 GMT last-modified Thu, 14 May 2020 01:42:28 GMT server LiteSpeed content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 16948 expires Thu, 21 May 2020 14:20:14 GMT
GET H2	200	ing-be.png csam.toegangsportaal.org/content/ingbetaalverzoek/img/icons/	21 KB 21 KB	770ms 769ms	Image image/png	111.90.142.125 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Show image Full URL https://csam.toegangsportaal.org/content/ingbetaalverzoek/img/icons/ing-be.png Requested by Host: csam.toegangsportaal.org URL: https://csam.toegangsportaal.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 111.90.142.125 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS Software LiteSpeed / Resource Hash 46398f6374e7f7afd4384087d40fc17b640714a90fb7267aeb8b4ebb60cc7df1 Request headers Referer https://csam.toegangsportaal.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 14 May 2020 14:20:14 GMT last-modified Thu, 14 May 2020 01:42:29 GMT server LiteSpeed content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 21593 expires Thu, 21 May 2020 14:20:14 GMT
GET H2	200	belfius.png csam.toegangsportaal.org/content/ingbetaalverzoek/img/icons/	23 KB 24 KB	773ms 772ms	Image image/png	111.90.142.125 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Show image Full URL https://csam.toegangsportaal.org/content/ingbetaalverzoek/img/icons/belfius.png Requested by Host: csam.toegangsportaal.org URL: https://csam.toegangsportaal.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 111.90.142.125 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS Software LiteSpeed / Resource Hash 1457925150992ddbb523a5bb1bf16a7ab9743bd16286fb4f7d4c033fc958e5ae Request headers Referer https://csam.toegangsportaal.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 14 May 2020 14:20:14 GMT last-modified Thu, 14 May 2020 01:42:26 GMT server LiteSpeed content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 24044 expires Thu, 21 May 2020 14:20:14 GMT
GET H2	200	beobank.png csam.toegangsportaal.org/content/ingbetaalverzoek/img/icons/	19 KB 19 KB	778ms 777ms	Image image/png	111.90.142.125 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Show image Full URL https://csam.toegangsportaal.org/content/ingbetaalverzoek/img/icons/beobank.png Requested by Host: csam.toegangsportaal.org URL: https://csam.toegangsportaal.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 111.90.142.125 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS Software LiteSpeed / Resource Hash Request headers Referer https://csam.toegangsportaal.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 14 May 2020 14:20:14 GMT last-modified Thu, 14 May 2020 01:42:27 GMT server LiteSpeed content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 19161 expires Thu, 21 May 2020 14:20:14 GMT
GET H2	200	regiobank.png csam.toegangsportaal.org/content/ingbetaalverzoek/img/icons/	24 KB 24 KB	1019ms 1018ms	Image image/png	111.90.142.125 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Show image Full URL https://csam.toegangsportaal.org/content/ingbetaalverzoek/img/icons/regiobank.png Requested by Host: csam.toegangsportaal.org URL: https://csam.toegangsportaal.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 111.90.142.125 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS Software LiteSpeed / Resource Hash Request headers Referer https://csam.toegangsportaal.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 14 May 2020 14:20:14 GMT last-modified Thu, 14 May 2020 01:42:30 GMT server LiteSpeed content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 24178 expires Thu, 21 May 2020 14:20:14 GMT
GET H2	200	crelan.png csam.toegangsportaal.org/content/ingbetaalverzoek/img/icons/	8 KB 8 KB	1020ms 1019ms	Image image/png	111.90.142.125 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Show image Full URL https://csam.toegangsportaal.org/content/ingbetaalverzoek/img/icons/crelan.png Requested by Host: csam.toegangsportaal.org URL: https://csam.toegangsportaal.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 111.90.142.125 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS Software LiteSpeed / Resource Hash Request headers Referer https://csam.toegangsportaal.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 14 May 2020 14:20:14 GMT last-modified Thu, 14 May 2020 01:42:28 GMT server LiteSpeed content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 8415 expires Thu, 21 May 2020 14:20:14 GMT
GET H2	200	argenta.png csam.toegangsportaal.org/content/ingbetaalverzoek/img/icons/	1 KB 1 KB	1020ms 1019ms	Image image/png	111.90.142.125 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Show image Full URL https://csam.toegangsportaal.org/content/ingbetaalverzoek/img/icons/argenta.png Requested by Host: csam.toegangsportaal.org URL: https://csam.toegangsportaal.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 111.90.142.125 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS Software LiteSpeed / Resource Hash Request headers Referer https://csam.toegangsportaal.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 14 May 2020 14:20:14 GMT last-modified Thu, 14 May 2020 01:42:24 GMT server LiteSpeed content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 1438 expires Thu, 21 May 2020 14:20:14 GMT
GET		roboto-v15-latin-700.woff2 idp.iamfas.belgium.be/fasui/resources/fonts/	0 0
GET		roboto-v15-latin-regular.woff2 idp.iamfas.belgium.be/fasui/resources/fonts/	0 0
GET		roboto-v15-latin-700.woff idp.iamfas.belgium.be/fasui/resources/fonts/	0 0
GET		roboto-v15-latin-regular.woff idp.iamfas.belgium.be/fasui/resources/fonts/	0 0
GET		roboto-v15-latin-700.ttf idp.iamfas.belgium.be/fasui/resources/fonts/	0 0
GET		roboto-v15-latin-regular.ttf idp.iamfas.belgium.be/fasui/resources/fonts/	0 0
GET H2	200	common.js maps.googleapis.com/maps-api-v3/api/js/40/12/	77 KB 29 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:81f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps-api-v3/api/js/40/12/common.js Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?libraries=places Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://csam.toegangsportaal.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 14 May 2020 01:18:05 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 05 May 2020 00:16:31 GMT server sffe age 46934 vary Accept-Encoding, Origin content-type text/javascript status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29052 x-xss-protection 0 expires Fri, 14 May 2021 01:18:05 GMT
GET H2	200	util.js maps.googleapis.com/maps-api-v3/api/js/40/12/	144 KB 53 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:81f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps-api-v3/api/js/40/12/util.js Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?libraries=places Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://csam.toegangsportaal.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 13 May 2020 09:42:17 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 05 May 2020 00:16:31 GMT server sffe age 103082 vary Accept-Encoding, Origin content-type text/javascript status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 54116 x-xss-protection 0 expires Thu, 13 May 2021 09:42:17 GMT
GET H2	200	AuthenticationService.Authenticate maps.googleapis.com/maps/api/js/	62 B 153 B	81ms 81ms	Script text/javascript	2a00:1450:4001:81f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fcsam.toegangsportaal.org%2F&4sAIzaSyDvpx3nlI4QjdRi3HubSZxcaoXH3g7FBMY&callback=_xdc_._ix28dh&key=AIzaSyDvpx3nlI4QjdRi3HubSZxcaoXH3g7FBMY&token=55291 Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps-api-v3/api/js/40/12/common.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software mafe / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://csam.toegangsportaal.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 14 May 2020 14:20:20 GMT content-encoding gzip server mafe x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 status 200 cache-control no-cache, must-revalidate content-disposition attachment server-timing gfet4t7; dur=66 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 63 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	stats.js maps.googleapis.com/maps-api-v3/api/js/40/12/	4 KB 2 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:81f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps-api-v3/api/js/40/12/stats.js Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDvpx3nlI4QjdRi3HubSZxcaoXH3g7FBMY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://csam.toegangsportaal.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 13 May 2020 09:58:21 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 05 May 2020 00:16:31 GMT server sffe age 102118 vary Accept-Encoding, Origin content-type text/javascript status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1741 x-xss-protection 0 expires Thu, 13 May 2021 09:58:21 GMT
GET H2	204	gen_204 maps.googleapis.com/maps/	0 123 B	16ms 15ms	Image image/gif	2a00:1450:4001:81f::200a GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://maps.googleapis.com/maps/gen_204?target=api&ev=api_alreadyloaded&client=&key=AIzaSyDvpx3nlI4QjdRi3HubSZxcaoXH3g7FBMY&cad=src:apiv3,token:dkj09v0gu,ts:6v127t Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software mafe / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://csam.toegangsportaal.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 14 May 2020 14:20:19 GMT server mafe x-frame-options SAMEORIGIN content-type image/gif status 204 cache-control no-cache, must-revalidate server-timing gfet4t7; dur=2 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

localhost

URL

http://localhost/content/ingbetaalverzoek/css/style.css

Domain

idp.iamfas.belgium.be

URL

https://idp.iamfas.belgium.be/fasui/resources/fonts/roboto-v15-latin-700.woff2

Domain

idp.iamfas.belgium.be

URL

https://idp.iamfas.belgium.be/fasui/resources/fonts/roboto-v15-latin-regular.woff2

Domain

idp.iamfas.belgium.be

URL

https://idp.iamfas.belgium.be/fasui/resources/fonts/roboto-v15-latin-700.woff

Domain

idp.iamfas.belgium.be

URL

https://idp.iamfas.belgium.be/fasui/resources/fonts/roboto-v15-latin-regular.woff

Domain

idp.iamfas.belgium.be

URL

https://idp.iamfas.belgium.be/fasui/resources/fonts/roboto-v15-latin-700.ttf

Domain

idp.iamfas.belgium.be

URL

https://idp.iamfas.belgium.be/fasui/resources/fonts/roboto-v15-latin-regular.ttf

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ING Group (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDvpx3nlI4QjdRi3HubSZxcaoXH3g7FBMY(Line 141) Message: You have included the Google Maps JavaScript API multiple times on this page. This may cause unexpected errors.
console-api	warning	URL: https://maps.googleapis.com/maps-api-v3/api/js/40/12/util.js(Line 233) Message: Google Maps JavaScript API warning: NoApiKeys https://developers.google.com/maps/documentation/javascript/error-messages#no-api-keys

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

csam.toegangsportaal.org
idp.iamfas.belgium.be
localhost
maps.googleapis.com
idp.iamfas.belgium.be
localhost
111.90.142.125
193.191.245.173
2a00:1450:4001:81f::200a
0e2b3b3bbb0313fc69ae42dff78b053c0dfe207a2e20851972f87029e43e8bdc
1457925150992ddbb523a5bb1bf16a7ab9743bd16286fb4f7d4c033fc958e5ae
282a91f39aa41aafd3e90e64cf3a600f806e1a019f9075acc75f42dd475d1d0c
2e831f3165a203b90e82a3796f3352fc7066ca3d78ee2e523ac718e5c1defd69
3f1c39df3f3ca323422d342bbfef5a96b77fc27bb1b8780ad931ee36a5fa445f
46398f6374e7f7afd4384087d40fc17b640714a90fb7267aeb8b4ebb60cc7df1
5c922be9379c017ddc1e449d102a04991c546bb922b0d08163e9049cad57166c
7f34863dc974f04cc022c8ca1ad5bf56693997f647da8872f9c6a615e9b1cb89
830c15363c217d6121359874481d2093c84c3b481dd7b3d7ded41350487a202c
896fe0b2be124c4a51a3a1e2be4bbedef1d1f47ae9c040ece5f534a17e602ef8
a11523d8d9b247faab200bd3d51688352418c17341cf2da98db5beb8c1742cc7
b9dd0d4c482c406b3dfc4fc1279bf00d2d37a641e44069fb4d779d97443345eb
c854e87766c69eae1a650da0245ab2583fe49ce330433e50f87e2e4c00a4b886
e98b493d6f77ea03718ee4cd358eb00f1a9436aa938e70394201be1f89346096
f41ec24e6d389becfe0831a9b7087e4e8b35bda2dfec6f29729b06b890209e4d
f6feee1ba452536b2959447d5996ddc72329ce138594081c81bc422873341689
f7044cd37754c3a0010acf8053af566cadf7a24b6b9576a611732fc54685f8a5