vrdigitalagency.kinsta.cloud
Open in
urlscan Pro
162.159.135.42
Malicious Activity!
Public Scan
Effective URL: https://vrdigitalagency.kinsta.cloud/4_5823505925687743468/ics/NL/
Submission: On April 13 via manual from NL — Scanned from NL
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 12th 2023. Valid for: a year.
This is the only time vrdigitalagency.kinsta.cloud was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: International Card Services (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 64.62.243.92 64.62.243.92 | 6939 (HURRICANE) (HURRICANE) | |
1 2 | 162.159.135.42 162.159.135.42 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
kinsta.cloud
1 redirects
vrdigitalagency.kinsta.cloud |
204 KB |
1 |
myurls.live
1 redirects
myurls.live |
689 B |
1 | 2 |
Domain | Requested by | |
---|---|---|
2 | vrdigitalagency.kinsta.cloud | 1 redirects |
1 | myurls.live | 1 redirects |
1 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
kinsta.cloud Cloudflare Inc ECC CA-3 |
2023-11-12 - 2024-11-11 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://vrdigitalagency.kinsta.cloud/4_5823505925687743468/ics/NL/
Frame ID: 65F8323D420D1E514FC114CD178DECFF
Requests: 7 HTTP requests in this frame
Screenshot
Page Title
Inloggen - Mijn ICS | International Card ServicesPage URL History Show full URLs
-
https://myurls.live/thcz6c58/
HTTP 301
https://vrdigitalagency.kinsta.cloud/4_5823505925687743468/ics/NL HTTP 301
https://vrdigitalagency.kinsta.cloud/4_5823505925687743468/ics/NL/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://myurls.live/thcz6c58/
HTTP 301
https://vrdigitalagency.kinsta.cloud/4_5823505925687743468/ics/NL HTTP 301
https://vrdigitalagency.kinsta.cloud/4_5823505925687743468/ics/NL/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
1 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
vrdigitalagency.kinsta.cloud/4_5823505925687743468/ics/NL/ Redirect Chain
|
709 KB 204 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
45 KB 45 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
48 KB 48 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
49 KB 49 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
27 KB 27 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
27 KB 27 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: International Card Services (Financial)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
myurls.live
vrdigitalagency.kinsta.cloud
162.159.135.42
64.62.243.92
056aa00d7d10976fe237567766e3dba2c72ffe4942667f3fe6c9461f3e407024
308325f39504503bbcef66f7db84c6e8c9e839c74324f3a237442a298f00d3dc
656aca1be174ebf5ac7bd95ad96240aac3114a116cb1cd01c3a89bb6dc6ea008
75cbe50301bbf0c1ce3e3c59839aa70c8aea681ea1ce8946e776cdc635fe2ca0
aad1197d33ad36bd8a6a85689208863a674ddb3735eb4ff34701b53d656b2610
aee0070713b543535d52633e18e27589267fafe5d40479afc8aa301092ba04be
ba4e7f860be9c4ea21f27e6e4c969adcd59bf6c104152a33c3cadb40de4e8869