aanvraag.fod-informatie.email
Open in
urlscan Pro
2606:4700:3032::6812:2818
Malicious Activity!
Public Scan
Effective URL: https://aanvraag.fod-informatie.email/
Submission: On July 30 via manual from FR
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 29th 2020. Valid for: a year.
This is the only time aanvraag.fod-informatie.email was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Belgian Government (Government)Domain & IP information
ASN13335 (CLOUDFLARENET, US)
aanvraag.fod-informatie.email |
ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: webhosting-cluster.transip.nl
www.internetkassa.nu |
ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com |
ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com
s3-eu-west-1.amazonaws.com |
ASN34762 (COMBELL-AS, BE)
PTR: linweb067.webhosting.be
www.uni-learning.com |
ASN15169 (GOOGLE, US)
lh3.googleusercontent.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
csam.be
csam.be |
118 KB |
10 |
fod-informatie.email
aanvraag.fod-informatie.email |
6 KB |
3 |
gstatic.com
encrypted-tbn0.gstatic.com fonts.gstatic.com |
25 KB |
2 |
tny.sh
2 redirects
tny.sh |
890 B |
1 |
googleusercontent.com
lh3.googleusercontent.com |
15 KB |
1 |
uni-learning.com
www.uni-learning.com |
25 KB |
1 |
amazonaws.com
s3-eu-west-1.amazonaws.com |
34 KB |
1 |
hiclipart.com
p7.hiclipart.com |
|
1 |
wikimedia.org
upload.wikimedia.org |
9 KB |
1 |
internetkassa.nu
www.internetkassa.nu |
3 KB |
1 |
belgium.be
financien.belgium.be |
29 KB |
1 |
googleapis.com
fonts.googleapis.com |
755 B |
1 |
t.co
t.co |
557 B |
33 | 13 |
Domain | Requested by | |
---|---|---|
11 | csam.be |
aanvraag.fod-informatie.email
|
10 | aanvraag.fod-informatie.email |
t.co
aanvraag.fod-informatie.email |
2 | fonts.gstatic.com |
aanvraag.fod-informatie.email
|
2 | tny.sh | 2 redirects |
1 | lh3.googleusercontent.com |
aanvraag.fod-informatie.email
|
1 | www.uni-learning.com |
aanvraag.fod-informatie.email
|
1 | s3-eu-west-1.amazonaws.com |
aanvraag.fod-informatie.email
|
1 | encrypted-tbn0.gstatic.com |
aanvraag.fod-informatie.email
|
1 | p7.hiclipart.com |
aanvraag.fod-informatie.email
|
1 | upload.wikimedia.org |
aanvraag.fod-informatie.email
|
1 | www.internetkassa.nu |
aanvraag.fod-informatie.email
|
1 | financien.belgium.be |
aanvraag.fod-informatie.email
|
1 | fonts.googleapis.com |
aanvraag.fod-informatie.email
|
1 | t.co | |
33 | 14 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.belgium.be |
crelan.be |
Subject Issuer | Validity | Valid | |
---|---|---|---|
t.co DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2021-03-02 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-07-29 - 2021-07-29 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
www.csam.be QuoVadis Europe SSL CA G1 |
2019-11-08 - 2021-11-08 |
2 years | crt.sh |
*.belgium.be GEANT OV RSA CA 4 |
2020-05-04 - 2021-05-04 |
a year | crt.sh |
*.internetkassa.nu Let's Encrypt Authority X3 |
2020-05-21 - 2020-08-19 |
3 months | crt.sh |
*.wikipedia.org DigiCert SHA2 High Assurance Server CA |
2019-11-12 - 2020-10-06 |
a year | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
*.s3-eu-west-1.amazonaws.com DigiCert Baltimore CA-2 G2 |
2019-11-09 - 2020-12-10 |
a year | crt.sh |
www.uni-learning.com Sectigo RSA Organization Validation Secure Server CA |
2019-12-13 - 2020-12-20 |
a year | crt.sh |
*.googleusercontent.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://aanvraag.fod-informatie.email/
Frame ID: D8F93C3D8855E45AA9A458EA3A61FED4
Requests: 34 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://t.co/62VseZN84r Page URL
-
http://tny.sh/T5rXQ9x
HTTP 301
https://tny.sh/T5rXQ9x HTTP 302
https://aanvraag.fod-informatie.email/ Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: INLOGGEN ONLINE BANKING-APP
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://t.co/62VseZN84r Page URL
-
http://tny.sh/T5rXQ9x
HTTP 301
https://tny.sh/T5rXQ9x HTTP 302
https://aanvraag.fod-informatie.email/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
62VseZN84r
t.co/ |
257 B 557 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
aanvraag.fod-informatie.email/ Redirect Chain
|
14 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
5 KB 755 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mmenu.css
csam.be/css/ |
47 KB 48 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
csam.be/css/ |
23 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
master.css
csam.be/css/ |
18 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-be.png
csam.be/images/logos/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_nl.png
financien.belgium.be/sites/all/themes/custom/finance/ |
28 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Belfius-Pay-Button.png
www.internetkassa.nu/wp-content/uploads/2018/02/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
303px-KBC_Logo.svg.png
upload.wikimedia.org/wikipedia/de/thumb/1/18/KBC_Logo.svg/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5bfad0c24e8e5.jpg
p7.hiclipart.com/preview/209/419/819/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
images
encrypted-tbn0.gstatic.com/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ing_logo_sq.jpg
s3-eu-west-1.amazonaws.com/brussels-images/content/gallery/ |
34 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LOGO-CRELAN-1200x630bb.jpg
www.uni-learning.com/wp-content/uploads/2018/10/ |
25 KB 25 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cVdRkgxWPIUcTHcTwGDVAHobXR3TvJCJE-IhQ51WifkuFdgwFiiHhcc0QHFjB8zlpYw=w300
lh3.googleusercontent.com/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
onss-nl.png
csam.be/images/logos/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spff-nl.png
csam.be/images/logos/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bosa-nl.png
csam.be/images/logos/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bcss-nl.png
csam.be/images/logos/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spfe-nl.png
csam.be/images/logos/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fod.png
csam.be/images/logos/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.11.3.min.js
aanvraag.fod-informatie.email/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mmenu.polyfills.js
aanvraag.fod-informatie.email/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mmenu.js
aanvraag.fod-informatie.email/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
match-height.js
aanvraag.fod-informatie.email/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
master.js
aanvraag.fod-informatie.email/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
print.css
csam.be/css/ |
786 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mmenu.polyfills.js
aanvraag.fod-informatie.email/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mmenu.js
aanvraag.fod-informatie.email/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
match-height.js
aanvraag.fod-informatie.email/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
master.js
aanvraag.fod-informatie.email/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Belgian Government (Government)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.fod-informatie.email/ | Name: __cfduid Value: dee4d76ac272f60b33c19f8765e54f9831596094015 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | referrer always; |
Strict-Transport-Security | max-age=0 |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aanvraag.fod-informatie.email
csam.be
encrypted-tbn0.gstatic.com
financien.belgium.be
fonts.googleapis.com
fonts.gstatic.com
lh3.googleusercontent.com
p7.hiclipart.com
s3-eu-west-1.amazonaws.com
t.co
tny.sh
upload.wikimedia.org
www.internetkassa.nu
www.uni-learning.com
104.244.42.5
149.210.209.34
176.62.169.239
2606:4700:3031::ac43:826a
2606:4700:3032::6812:2818
2606:4700:3035::6818:663e
2620:0:862:ed1a::2:b
2a00:1450:4001:814::200e
2a00:1450:4001:81b::2001
2a00:1450:4001:81f::200a
2a00:1450:4001:824::2003
2a01:690:35:100::f5:f4
52.218.96.178
85.91.178.145
0799c36d1b03608b74039316f495e8364db7e947ae067d7b26d20f74fecd6bae
09d7f3b331b3de2846eeda054348a0e7110e0c242d1b0828f54562296b33f747
228d57e0f824aa812d5e7314a1408907c74a7043eb64f7b63395bacc00c06233
27a90fd9b77579e5a20798deeb381cd978a8b08641e4437086d0f7643793b8c5
35df40da27135e34bf026179c85a00c214108ebf65047ed863cb0f674f793bfc
3a61ab2cd929a0e1676b5a0fecc2473f4031948feaf81bfeba39668806cf5aad
451cadcfc88ac4645079e3cb33e388589c164df7c7e25974c599b3956f0a54f6
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
657231dd849913d013b47217800b7f2100976e02a379daab3d1d9b522dd8a449
65d8f44a8cb66acc1e58127c7360f3507f0363c93917575f57fe3aca88a1777f
8677adab1c8d996e2f20d736dc2ece5409b86850d357abd1a3ccb8c347c19d15
880d23df9db475b52a5ae44e93a68f46525ae0db2baae1a83e068d97a2a83406
90c806e565e2cf9a17710a96c2b7a1eef02f66579df6cddc5be2c17b4c4eba63
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
9aeb1003b849c17d28ea0cad9a10d428f944985624e1c8dff098b1acb503ce8b
a48a4c31560dea3d09058a21d20e5a2c43bcff663309378d74662bf35261f093
a606db6e740bc39e538759c37b1d1e745187c87cc7a5089da2c0bd4b6d847c69
a7cf28438ecfd1568c606263c64f13413f8ceacbefcd9ae897b8242aa0bb6c71
cb91f4bd7ea91c6ef5d9f48f0bd22325a2728685571c934ad4bfa4a901852de4
d9f2a18b615bec8a2cbe2602556d31e8f2bdf642af6588737c654aff5dc5804f
ddab9fd392359f365ba7f568043b70923cd67f2cbc73561ce0df833801dbafd3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb5e0a29fc719806621d540fa7948f6abfe01f393089d316adedc8b13d4cf09c
f0e44d3d60c12b0b1ecaa625a389aa51ef04a1669cad832350a10017a8ae995d