urlscan.io logo urlscan.io
SecurityTrails logo

vrdigitalagency.kinsta.cloud Open in urlscan Pro
162.159.135.42  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://myurls.live/thcz6c58/
Effective URL: https://vrdigitalagency.kinsta.cloud/4_5823505925687743468/ics/NL/
Submission: On April 13 via manual from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 1 HTTP transactions. The main IP is 162.159.135.42, located in and belongs to CLOUDFLARENET, US. The main domain is vrdigitalagency.kinsta.cloud.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 12th 2023. Valid for: a year.
This is the only time vrdigitalagency.kinsta.cloud was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: International Card Services (Financial)

Domain & IP information

IP Address AS Autonomous System
1 1 64.62.243.92 6939 (HURRICANE)
1 2 162.159.135.42 13335 (CLOUDFLAR...)
1 2
Apex Domain
Subdomains		 Transfer
2 kinsta.cloud
vrdigitalagency.kinsta.cloud
204 KB
1 myurls.live
myurls.live
689 B
1 2
Domain Requested by
2 vrdigitalagency.kinsta.cloud 1 redirects
1 myurls.live 1 redirects
1 2

This site contains no links.

Subject Issuer Validity Valid
kinsta.cloud
Cloudflare Inc ECC CA-3		 2023-11-12 -
2024-11-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://vrdigitalagency.kinsta.cloud/4_5823505925687743468/ics/NL/
Frame ID: 65F8323D420D1E514FC114CD178DECFF
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Inloggen - Mijn ICS | International Card Services

Page URL History Show full URLs

  1. https://myurls.live/thcz6c58/ HTTP 301
    https://vrdigitalagency.kinsta.cloud/4_5823505925687743468/ics/NL HTTP 301
    https://vrdigitalagency.kinsta.cloud/4_5823505925687743468/ics/NL/ Page URL

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

409 kB
Transfer

914 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://myurls.live/thcz6c58/ HTTP 301
    https://vrdigitalagency.kinsta.cloud/4_5823505925687743468/ics/NL HTTP 301
    https://vrdigitalagency.kinsta.cloud/4_5823505925687743468/ics/NL/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
vrdigitalagency.kinsta.cloud/4_5823505925687743468/ics/NL/
Redirect Chain
  • https://myurls.live/thcz6c58/
  • https://vrdigitalagency.kinsta.cloud/4_5823505925687743468/ics/NL
  • https://vrdigitalagency.kinsta.cloud/4_5823505925687743468/ics/NL/
709 KB
204 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vrdigitalagency.kinsta.cloud/4_5823505925687743468/ics/NL/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
656aca1be174ebf5ac7bd95ad96240aac3114a116cb1cd01c3a89bb6dc6ea008
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
BYPASS
cf-ray
873b77e2ee4766c7-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 13 Apr 2024 12:30:36 GMT
etag
W/"6563b93d-b1520"
ki-cache-type
Edge
ki-cf-cache-status
BYPASS
ki-edge
v=20.2.7;mv=3.0.6
ki-origin
g1p
last-modified
Sun, 26 Nov 2023 21:31:41 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EewIj8ISnQdem4bjQjlz18CA3IrSIugWbjJNGd3kyJqRZkEYwFIGO7Rkrfvbu%2FXQJVhNidBtg471k5VV%2BbYUju0FlTdEP5KgerK0a6FSV9wlrRiTNleBxtvR0CgdHw%2F0IrjdCdJ3VWa3hlJVdUM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-edge-location-klb
1
x-robots-tag
noindex, nofollow, nosnippet, noarchive

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
BYPASS
cf-ray
873b77e23dc166c7-AMS
content-length
162
content-type
text/html
date
Sat, 13 Apr 2024 12:30:35 GMT
ki-cf-cache-status
BYPASS
ki-edge
v=20.2.7;mv=3.0.6
ki-origin
g1p
location
https://vrdigitalagency.kinsta.cloud/4_5823505925687743468/ics/NL/
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t8NZyMFWnlTE%2B3fw2GA1ZNyaowfWwnaYLiyLaqgSkjGi1etU1jfSCkrfAzzcCQLxcXZsK2eKrCBezxvx024AUxmbwnK4KgAr8DjCvFOrbXYqFwp6FfvjhlG7NLjaPXc%2FItoRN1se%2BDLzWtDcBcg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-edge-location-klb
1
x-robots-tag
noindex, nofollow, nosnippet, noarchive
truncated
/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75cbe50301bbf0c1ce3e3c59839aa70c8aea681ea1ce8946e776cdc635fe2ca0

Request headers

Referer
Origin
https://vrdigitalagency.kinsta.cloud
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aad1197d33ad36bd8a6a85689208863a674ddb3735eb4ff34701b53d656b2610

Request headers

Referer
Origin
https://vrdigitalagency.kinsta.cloud
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aee0070713b543535d52633e18e27589267fafe5d40479afc8aa301092ba04be

Request headers

Referer
Origin
https://vrdigitalagency.kinsta.cloud
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
308325f39504503bbcef66f7db84c6e8c9e839c74324f3a237442a298f00d3dc

Request headers

Referer
Origin
https://vrdigitalagency.kinsta.cloud
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba4e7f860be9c4ea21f27e6e4c969adcd59bf6c104152a33c3cadb40de4e8869

Request headers

Referer
Origin
https://vrdigitalagency.kinsta.cloud
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
font/ttf
truncated
/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
056aa00d7d10976fe237567766e3dba2c72ffe4942667f3fe6c9461f3e407024

Request headers

Referer
Origin
https://vrdigitalagency.kinsta.cloud
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: International Card Services (Financial)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://vrdigitalagency.kinsta.cloud/4_5823505925687743468/ics/NL/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff