sns.particulier-betaalverzoek.com Open in urlscan Pro
162.213.255.5 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sns.particulier-betaalverzoek.com/nl/app/login
Submission: On November 16 via manual (November 16th 2020, 9:55:51 am UTC) from NL

Summary HTTP 18 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 162.213.255.5, located in Los Angeles, United States and belongs to NAMECHEAP-NET, US. The main domain is sns.particulier-betaalverzoek.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 16th 2020. Valid for: a year.

This is the only time sns.particulier-betaalverzoek.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: SNS Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
4 15	162.213.255.5 162.213.255.5	22612 (NAMECHEAP...) (NAMECHEAP-NET)
4 8	194.53.208.72 194.53.208.72	57090 (NL-DEVOLK...) (NL-DEVOLKSBANK)
18	3

15 162.213.255.5 (Los Angeles, United States) 4 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: business24-3.web-hosting.com

sns.particulier-betaalverzoek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 194.53.208.72 (Utrecht, Netherlands) 4 redirects

ASN57090 (NL-DEVOLKSBANK, NL)
PTR: www.snsbank.nl

www.sns.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.snsbank.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	particulier-betaalverzoek.com 4 redirects sns.particulier-betaalverzoek.com	214 KB
4	snsbank.nl www.snsbank.nl
4	sns.nl 4 redirects www.sns.nl	981 B
18	3

	Domain	Requested by
15	sns.particulier-betaalverzoek.com	4 redirects sns.particulier-betaalverzoek.com
4	www.snsbank.nl	sns.particulier-betaalverzoek.com
4	www.sns.nl	4 redirects sns.particulier-betaalverzoek.com
18	3

This site contains links to these domains. Also see Links.

Domain
sns.platform-betaling.online

Subject Issuer	Validity	Valid
sns.particulier-betaalverzoek.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-16` - `2021-11-16`	a year	crt.sh
www.snsbank.nl DigiCert SHA2 Extended Validation Server CA	`2019-09-18` - `2021-10-25`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://sns.particulier-betaalverzoek.com/nl/app/login
Frame ID: 7501020D234DB3E8615603C045C515DA
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

18
Requests

83 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

212 kB
Transfer

462 kB
Size

1
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: http://sns.platform-betaling.online/mijnsns/redirect/url.html?url=%2Fzakelijk%2Fhome.html
Title: Zakelijk

Search URL Search Domain Scan URL

URL: http://sns.platform-betaling.online/mijnsns/redirect/url.html?url=%2Fparticulier%2Foversns.html
Title: Over Ons

Search URL Search Domain Scan URL

URL: http://sns.platform-betaling.online/mijnsns/redirect/url.html?url=%2F

Search URL Search Domain Scan URL

URL: http://sns.platform-betaling.online/mijnsns/redirect/url.html?url=%2Fparticulier%2Fhome.html
Title: Home

Search URL Search Domain Scan URL

URL: http://sns.platform-betaling.online/mijnsns/redirect/url.html?url=%2Fparticulier%2Fhypotheken.html
Title: Hypotheken

Search URL Search Domain Scan URL

URL: http://sns.platform-betaling.online/mijnsns/redirect/url.html?url=%2Fparticulier%2Fsparen.html
Title: Sparen

Search URL Search Domain Scan URL

URL: http://sns.platform-betaling.online/mijnsns/redirect/url.html?url=%2Fparticulier%2Fbeleggen.html
Title: Beleggen

Search URL Search Domain Scan URL

URL: http://sns.platform-betaling.online/mijnsns/redirect/url.html?url=%2Fparticulier%2Fbetalen.html
Title: Betalen

Search URL Search Domain Scan URL

URL: http://sns.platform-betaling.online/mijnsns/redirect/url.html?url=%2Fparticulier%2Fverzekeren.html
Title: Verzekeren

Search URL Search Domain Scan URL

URL: http://sns.platform-betaling.online/mijnsns/redirect/url.html?url=%2Fparticulier%2Flenen.html
Title: Lenen

Search URL Search Domain Scan URL

URL: http://sns.platform-betaling.online/mijnsns/redirect/url.html?url=%2Fparticulier%2Fpensioen.html
Title: Pensioen

Search URL Search Domain Scan URL

URL: http://sns.platform-betaling.online/mijnsns/redirect/url.html?url=%2Fparticulier%2Fservice.html
Title: Klantenservice

Search URL Search Domain Scan URL

URL: http://sns.platform-betaling.online/mijnsns/redirect/url.html?url=%2Fparticulier%2Fservice%2Fmijn-sns-aanvragen.html
Title: Mijn SNS aanvragen

Search URL Search Domain Scan URL

URL: http://sns.platform-betaling.online/mijnsns/secure/login.html
Title: Inloggen

Search URL Search Domain Scan URL

URL: http://sns.platform-betaling.online/mijnsns/redirect/url.html?url=%2Fparticulier%2Foversns%2Fjuridische-informatie%2Fdisclaimer.html
Title: Disclaimer

Search URL Search Domain Scan URL

URL: http://sns.platform-betaling.online/mijnsns/redirect/url.html?url=%2Fparticulier%2Fover-sns-bank%2Fjuridische-informatie%2Fprivacy-en-cookies.html
Title: Privacy en cookies

Search URL Search Domain Scan URL

URL: http://sns.platform-betaling.online/mijnsns/redirect/url.html?url=%2Fparticulier%2Fover-sns-bank.html
Title: Over ons

Search URL Search Domain Scan URL

URL: http://sns.platform-betaling.online/mijnsns/redirect/url.html?url=%2Fparticulier%2Fklantenservice.html
Title: Klantenservice

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://sns.particulier-betaalverzoek.com/nl/app/assets/css/indicator.html HTTP 302
https://www.sns.nl/404 HTTP 301
https://www.snsbank.nl/404

Request Chain 6

https://sns.particulier-betaalverzoek.com/nl/app/assets/css/logo.html HTTP 302
https://www.sns.nl/404 HTTP 301
https://www.snsbank.nl/404

Request Chain 8

https://sns.particulier-betaalverzoek.com/nl/app/Mijn%20SNS%20%E2%80%93%20SNS%20Bank_bestanden/questionmark.html HTTP 302
https://www.sns.nl/404 HTTP 301
https://www.snsbank.nl/404

Request Chain 9

https://sns.particulier-betaalverzoek.com/nl/app/assets/css/jquery-3.js HTTP 302
https://www.sns.nl/404

Request Chain 14

https://sns.particulier-betaalverzoek.com/public/sns/css/webfonts/fs_joey-regular-webfont.woff HTTP 302
https://www.sns.nl/404

Request Chain 15

https://sns.particulier-betaalverzoek.com/public/sns/img/hyperlinks/questionmark.png HTTP 302
https://www.sns.nl/404 HTTP 301
https://www.snsbank.nl/404

Request Chain 16

https://sns.particulier-betaalverzoek.com/public/sns/css/webfonts/fs_joey-regular-webfont.html HTTP 302
https://www.sns.nl/404

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request login Show response
sns.particulier-betaalverzoek.com/nl/app/ 12 KB
4 KB 685ms
350ms Document
text/html 162.213.255.5
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://sns.particulier-betaalverzoek.com/nl/app/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.255.5 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business24-3.web-hosting.com

Software

Apache / PHP/7.2.34

Resource Hash

71ee949765d5c7a36bc9c7c8e9537ebc55c1f39d03731e15c62b9c0964dd406e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: sns.particulier-betaalverzoek.com
:scheme: https
:path: /nl/app/login
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 16 Nov 2020 09:55:33 GMT
server: Apache
x-powered-by: PHP/7.2.34
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=6a9f9bec7d5632eb6d383ae1a8ec75fe; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 3244
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade

GET
H2 200 header.css
sns.particulier-betaalverzoek.com/public/sns/css/ 10 KB
2 KB 476ms
474ms Stylesheet
text/css 162.213.255.5
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://sns.particulier-betaalverzoek.com/public/sns/css/header.css

Requested by

Host: sns.particulier-betaalverzoek.com
URL: https://sns.particulier-betaalverzoek.com/nl/app/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.255.5 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business24-3.web-hosting.com

Software

Apache /

Resource Hash

4245130a6a4e96ee12f1f7dd18a569a4681daad1112f4ad82ef81007987340e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sns.particulier-betaalverzoek.com/nl/app/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 09:55:33 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Nov 2020 09:03:48 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css
status: 200
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload;
accept-ranges: bytes
vary: Accept-Encoding
content-length: 2217
x-content-type-options: nosniff

GET
H2 200 all.css
sns.particulier-betaalverzoek.com/public/sns/css/ 162 KB
28 KB 476ms
475ms Stylesheet
text/css 162.213.255.5
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://sns.particulier-betaalverzoek.com/public/sns/css/all.css

Requested by

Host: sns.particulier-betaalverzoek.com
URL: https://sns.particulier-betaalverzoek.com/nl/app/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.255.5 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business24-3.web-hosting.com

Software

Apache /

Resource Hash

e2f44cc0fbb32466c82c39aee7150b4f548c3bcc847cd99f15e9e392f56fe2f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sns.particulier-betaalverzoek.com/nl/app/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 09:55:33 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Nov 2020 09:03:47 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css
status: 200
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload;
accept-ranges: bytes
vary: Accept-Encoding
content-length: 28813
x-content-type-options: nosniff

GET
H2 200 label.css
sns.particulier-betaalverzoek.com/public/sns/css/ 120 KB
21 KB 328ms
326ms Stylesheet
text/css 162.213.255.5
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://sns.particulier-betaalverzoek.com/public/sns/css/label.css

Requested by

Host: sns.particulier-betaalverzoek.com
URL: https://sns.particulier-betaalverzoek.com/nl/app/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.255.5 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business24-3.web-hosting.com

Software

Apache /

Resource Hash

7489c8add51d61b471521e76a71ece16066d3e9ef320777e868052ceebef571f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sns.particulier-betaalverzoek.com/nl/app/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 09:55:33 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Nov 2020 09:03:52 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css
status: 200
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload;
accept-ranges: bytes
vary: Accept-Encoding
content-length: 21485
x-content-type-options: nosniff

GET
H2 200 fe-cookie-consent.css
sns.particulier-betaalverzoek.com/public/sns/css/ 3 KB
1 KB 475ms
473ms Stylesheet
text/css 162.213.255.5
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://sns.particulier-betaalverzoek.com/public/sns/css/fe-cookie-consent.css

Requested by

Host: sns.particulier-betaalverzoek.com
URL: https://sns.particulier-betaalverzoek.com/nl/app/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.255.5 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business24-3.web-hosting.com

Software

Apache /

Resource Hash

7239c191825005e5baaf8e8cf9dc707e53770b35c94b9d3ab95e1edc89380601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sns.particulier-betaalverzoek.com/nl/app/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 09:55:33 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Nov 2020 09:03:47 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css
status: 200
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload;
accept-ranges: bytes
vary: Accept-Encoding
content-length: 760
x-content-type-options: nosniff

GET
H2

404

404
www.snsbank.nl/
Redirect Chain

https://sns.particulier-betaalverzoek.com/nl/app/assets/css/indicator.html
https://www.sns.nl/404
https://www.snsbank.nl/404

0
0

38ms
38ms

Image
text/html

194.53.208.72
NL-DEVOLKSBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.snsbank.nl/404
Requested by: Host: sns.particulier-betaalverzoek.com
URL: https://sns.particulier-betaalverzoek.com/nl/app/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.53.208.72 Utrecht, Netherlands, ASN57090 (NL-DEVOLKSBANK, NL),
Reverse DNS: www.snsbank.nl
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sns.particulier-betaalverzoek.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Mon, 16 Nov 2020 09:55:33 GMT
referrer-policy: strict-origin-when-cross-origin
status: 301
x-frame-options: DENY
content-type: text/html
location: https://www.snsbank.nl/404
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31536000
content-length: 166
x-content-type-options: nosniff

GET
H2 200 logo-new.html
sns.particulier-betaalverzoek.com/public/sns/css/ 21 KB
21 KB 473ms
472ms Image
text/html 162.213.255.5
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sns.particulier-betaalverzoek.com/public/sns/css/logo-new.html

Requested by

Host: sns.particulier-betaalverzoek.com
URL: https://sns.particulier-betaalverzoek.com/nl/app/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.255.5 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business24-3.web-hosting.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sns.particulier-betaalverzoek.com/nl/app/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 09:55:33 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Nov 2020 09:03:53 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/html
status: 200
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload;
accept-ranges: bytes
vary: Accept-Encoding
content-length: 5786
x-content-type-options: nosniff

GET
H2

404

404
www.snsbank.nl/
Redirect Chain

https://sns.particulier-betaalverzoek.com/nl/app/assets/css/logo.html
https://www.sns.nl/404
https://www.snsbank.nl/404

0
0

28ms
27ms

Image
text/html

194.53.208.72
NL-DEVOLKSBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.snsbank.nl/404
Requested by: Host: sns.particulier-betaalverzoek.com
URL: https://sns.particulier-betaalverzoek.com/nl/app/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.53.208.72 Utrecht, Netherlands, ASN57090 (NL-DEVOLKSBANK, NL),
Reverse DNS: www.snsbank.nl
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sns.particulier-betaalverzoek.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Mon, 16 Nov 2020 09:55:33 GMT
referrer-policy: strict-origin-when-cross-origin
status: 301
x-frame-options: DENY
content-type: text/html
location: https://www.snsbank.nl/404
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31536000
content-length: 166
x-content-type-options: nosniff

GET
H2 200 i_digipas2.png
sns.particulier-betaalverzoek.com/public/sns/css/ 3 KB
3 KB 474ms
473ms Image
image/png 162.213.255.5
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sns.particulier-betaalverzoek.com/public/sns/css/i_digipas2.png

Requested by

Host: sns.particulier-betaalverzoek.com
URL: https://sns.particulier-betaalverzoek.com/nl/app/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.255.5 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business24-3.web-hosting.com

Software

Apache /

Resource Hash

5c73999b14b11ab003720c2f187a97d750154f402e4c43676166c129c823f281

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sns.particulier-betaalverzoek.com/nl/app/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 09:55:33 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Nov 2020 09:03:50 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 2588
x-content-type-options: nosniff

GET
H2

404

404
www.snsbank.nl/
Redirect Chain

https://sns.particulier-betaalverzoek.com/nl/app/Mijn%20SNS%20%E2%80%93%20SNS%20Bank_bestanden/questionmark.html
https://www.sns.nl/404
https://www.snsbank.nl/404

0
0

32ms
31ms

Image
text/html

194.53.208.72
NL-DEVOLKSBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.snsbank.nl/404
Requested by: Host: sns.particulier-betaalverzoek.com
URL: https://sns.particulier-betaalverzoek.com/nl/app/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.53.208.72 Utrecht, Netherlands, ASN57090 (NL-DEVOLKSBANK, NL),
Reverse DNS: www.snsbank.nl
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sns.particulier-betaalverzoek.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Mon, 16 Nov 2020 09:55:33 GMT
referrer-policy: strict-origin-when-cross-origin
status: 301
x-frame-options: DENY
content-type: text/html
location: https://www.snsbank.nl/404
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31536000
content-length: 166
x-content-type-options: nosniff

GET

404
www.sns.nl/
Redirect Chain

https://sns.particulier-betaalverzoek.com/nl/app/assets/css/jquery-3.js
https://www.sns.nl/404

0
0

GET
H2 200 bg-header.gif
sns.particulier-betaalverzoek.com/public/sns/css/ 121 KB
121 KB 186ms
186ms Image
image/gif 162.213.255.5
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sns.particulier-betaalverzoek.com/public/sns/css/bg-header.gif

Requested by

Host: sns.particulier-betaalverzoek.com
URL: https://sns.particulier-betaalverzoek.com/public/sns/css/label.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.255.5 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business24-3.web-hosting.com

Software

Apache /

Resource Hash

57f0521e1e882ea1fb14c3513c841515dc18c600298612ae63178423d8295a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sns.particulier-betaalverzoek.com/public/sns/css/label.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 09:55:34 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Nov 2020 09:03:46 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/gif
status: 200
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 123698
x-content-type-options: nosniff

GET
H2 200 logo-new.png
sns.particulier-betaalverzoek.com/public/sns/css/ 9 KB
9 KB 181ms
180ms Image
image/png 162.213.255.5
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sns.particulier-betaalverzoek.com/public/sns/css/logo-new.png

Requested by

Host: sns.particulier-betaalverzoek.com
URL: https://sns.particulier-betaalverzoek.com/public/sns/css/label.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.255.5 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business24-3.web-hosting.com

Software

Apache /

Resource Hash

d5d27f10326f3d3d4e4a81cdc6a252ee4d08f852a51077ce39f001184e1c3799

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sns.particulier-betaalverzoek.com/public/sns/css/label.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 09:55:34 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Nov 2020 09:03:54 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 9183
x-content-type-options: nosniff

GET
H2 200 icn-search.png
sns.particulier-betaalverzoek.com/public/sns/css/ 235 B
539 B 618ms
618ms Image
image/png 162.213.255.5
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sns.particulier-betaalverzoek.com/public/sns/css/icn-search.png

Requested by

Host: sns.particulier-betaalverzoek.com
URL: https://sns.particulier-betaalverzoek.com/public/sns/css/label.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.255.5 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business24-3.web-hosting.com

Software

Apache /

Resource Hash

32181166830c11014203c3c125a46c63d344b87e76c6a7a1dfea9bc39c8d72e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sns.particulier-betaalverzoek.com/public/sns/css/label.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 09:55:34 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Nov 2020 09:03:49 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 235
x-content-type-options: nosniff

GET
H2 200 icn-arrow-overwrite.png
sns.particulier-betaalverzoek.com/public/sns/css/ 176 B
480 B 618ms
617ms Image
image/png 162.213.255.5
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sns.particulier-betaalverzoek.com/public/sns/css/icn-arrow-overwrite.png

Requested by

Host: sns.particulier-betaalverzoek.com
URL: https://sns.particulier-betaalverzoek.com/public/sns/css/label.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.255.5 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business24-3.web-hosting.com

Software

Apache /

Resource Hash

57e0a8491fa8318f779e474b690f147893d14bd4a8bf2a1f8ff11bbe2c13e73a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sns.particulier-betaalverzoek.com/public/sns/css/label.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 09:55:34 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Nov 2020 09:03:48 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 176
x-content-type-options: nosniff

GET

404
www.sns.nl/
Redirect Chain

https://sns.particulier-betaalverzoek.com/public/sns/css/webfonts/fs_joey-regular-webfont.woff
https://www.sns.nl/404

0
0

GET
H2

404

404
www.snsbank.nl/
Redirect Chain

https://sns.particulier-betaalverzoek.com/public/sns/img/hyperlinks/questionmark.png
https://www.sns.nl/404
https://www.snsbank.nl/404

0
0

28ms
28ms

Image
text/html

194.53.208.72
NL-DEVOLKSBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.snsbank.nl/404
Requested by: Host: sns.particulier-betaalverzoek.com
URL: https://sns.particulier-betaalverzoek.com/public/sns/css/label.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.53.208.72 Utrecht, Netherlands, ASN57090 (NL-DEVOLKSBANK, NL),
Reverse DNS: www.snsbank.nl
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sns.particulier-betaalverzoek.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Mon, 16 Nov 2020 09:55:35 GMT
referrer-policy: strict-origin-when-cross-origin
status: 301
x-frame-options: DENY
content-type: text/html
location: https://www.snsbank.nl/404
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31536000
content-length: 166
x-content-type-options: nosniff

GET

404
www.sns.nl/
Redirect Chain

https://sns.particulier-betaalverzoek.com/public/sns/css/webfonts/fs_joey-regular-webfont.html
https://www.sns.nl/404

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.sns.nl
URL: https://www.sns.nl/404

Domain: www.sns.nl
URL: https://www.sns.nl/404

Domain: www.sns.nl
URL: https://www.sns.nl/404

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: SNS Bank (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			sns.particulier-betaalverzoek.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6a9f9bec7d5632eb6d383ae1a8ec75fe

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

sns.particulier-betaalverzoek.com
www.sns.nl
www.snsbank.nl
www.sns.nl
162.213.255.5
194.53.208.72
32181166830c11014203c3c125a46c63d344b87e76c6a7a1dfea9bc39c8d72e5
4245130a6a4e96ee12f1f7dd18a569a4681daad1112f4ad82ef81007987340e0
57e0a8491fa8318f779e474b690f147893d14bd4a8bf2a1f8ff11bbe2c13e73a
57f0521e1e882ea1fb14c3513c841515dc18c600298612ae63178423d8295a1e
5c73999b14b11ab003720c2f187a97d750154f402e4c43676166c129c823f281
71ee949765d5c7a36bc9c7c8e9537ebc55c1f39d03731e15c62b9c0964dd406e
7239c191825005e5baaf8e8cf9dc707e53770b35c94b9d3ab95e1edc89380601
7489c8add51d61b471521e76a71ece16066d3e9ef320777e868052ceebef571f
d5d27f10326f3d3d4e4a81cdc6a252ee4d08f852a51077ce39f001184e1c3799
e2f44cc0fbb32466c82c39aee7150b4f548c3bcc847cd99f15e9e392f56fe2f9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

sns.particulier-betaalverzoek.com Open in urlscan Pro 162.213.255.5 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

18 Requests

83 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

212 kBTransfer

462 kBSize

1 Cookies

18 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

sns.particulier-betaalverzoek.com Open in urlscan Pro
162.213.255.5 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

83 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

212 kB
Transfer

462 kB
Size

1
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!