urlscan.io logo urlscan.io
SecurityTrails logo

abnamro.nl-mijnabnamro-klantenservice.portalklanten-nl.website Open in urlscan Pro
199.188.200.216  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://abnamro.nl-mijnabnamro-klantenservice.portalklanten-nl.website/
Submission: On May 18 via manual from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 9 HTTP transactions. The main IP is 199.188.200.216, located in Los Angeles, United States and belongs to NAMECHEAP-NET, US. The main domain is abnamro.nl-mijnabnamro-klantenservice.portalklanten-nl.website.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 18th 2020. Valid for: a year.
This is the only time abnamro.nl-mijnabnamro-klantenservice.portalklanten-nl.website was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ABN Amro (Banking)

Domain & IP information

IP Address AS Autonomous System
1 199.188.200.216 22612 (NAMECHEAP...)
1 52.16.109.72 16509 (AMAZON-02)
9 3
Domain Requested by
1 w.usabilla.com srcdoc
1 abnamro.nl-mijnabnamro-klantenservice.portalklanten-nl.website
0 www.abnamro.nl Failed abnamro.nl-mijnabnamro-klantenservice.portalklanten-nl.website
9 3

This site contains links to these domains. Also see Links.

Domain
www.abnamro.nl
Subject Issuer Validity Valid
abnamro.nl-mijnabnamro-klantenservice.portalklanten-nl.website
Sectigo RSA Domain Validation Secure Server CA		 2020-05-18 -
2021-05-18		 a year crt.sh
w.usabilla.com
Amazon		 2020-04-10 -
2021-05-10		 a year crt.sh

This page contains 4 frames:

Primary Page: https://abnamro.nl-mijnabnamro-klantenservice.portalklanten-nl.website/
Frame ID: CC107912F90B03A785E3224C59A7405A
Requests: 15 HTTP requests in this frame

Frame: https://w.usabilla.com/3fdfb3d605e5.js?lv=1
Frame ID: 56D8EEBD76FCA5B6CB6CBACD4FB19BBC
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: F13282789A85E92297DCD93695B8DB60
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 919A13613AA1AD8660FF15D5ACBD89EF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /^(?:https?:)?\/\/tags\.tiqcdn\.com\//i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

9
Requests

22 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

493 kB
Transfer

1698 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
abnamro.nl-mijnabnamro-klantenservice.portalklanten-nl.website/ 		1 MB
468 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://abnamro.nl-mijnabnamro-klantenservice.portalklanten-nl.website/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.188.200.216 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server267-1.web-hosting.com
Software
Apache / PHP/7.2.30
Resource Hash
e97032f548bc46824ada494dea255f9a926eb16d3232d46ae7a5a3b739e8d542

Request headers

:method
GET
:authority
abnamro.nl-mijnabnamro-klantenservice.portalklanten-nl.website
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 18 May 2020 11:45:33 GMT
server
Apache
x-powered-by
PHP/7.2.30
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html; charset=UTF-8
roboto-regular.woff2
www.abnamro.nl/nl/widgetdelivery/unauthenticated/oca/style/css/themes/abnamro/fonts/ 		0
0
roboto-bold.woff2
www.abnamro.nl/nl/widgetdelivery/unauthenticated/oca/style/css/themes/abnamro/fonts/ 		0
0
roboto-condensed-regular.woff2
www.abnamro.nl/nl/widgetdelivery/unauthenticated/oca/style/css/themes/abnamro/fonts/ 		0
0
truncated
/ 		66 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1bf77a41beab12c2a0df2e92afabd6ab8c6cbd5d8e112a9d5b0280bb42f4d91d

Request headers

Origin
https://abnamro.nl-mijnabnamro-klantenservice.portalklanten-nl.website
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
text/plain
truncated
/ 		91 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4aab039eca72b7cad9388164b6d9b6402de36b6fe1d1cd0a38eaa8aa89ecccc9

Request headers

Origin
https://abnamro.nl-mijnabnamro-klantenservice.portalklanten-nl.website
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
text/plain
truncated
/ 		66 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44ad606492c593adb173cd8d728fdd5c1ef2971196c18afe58bb8f57851bb580

Request headers

Origin
https://abnamro.nl-mijnabnamro-klantenservice.portalklanten-nl.website
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
text/plain
truncated
/ 		117 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2559eef0e26286d8efb79b0573c0ea35c25b2b05e3732fbaf70dd4a35c25ecf

Request headers

Origin
https://abnamro.nl-mijnabnamro-klantenservice.portalklanten-nl.website
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
text/plain
truncated
/ 		15 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Request headers

Origin
https://abnamro.nl-mijnabnamro-klantenservice.portalklanten-nl.website
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
text/plain
truncated
/ 		21 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04f193d53943327ad065c836558a359f1a8db263ef444613af904210c35d08f4

Request headers

Origin
https://abnamro.nl-mijnabnamro-klantenservice.portalklanten-nl.website
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
text/plain
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
979a47f2e9f7c3c0c347d06566aacb659d75db72f0837c3d72d517a90cade48e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		160 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
293680a5c9b05ee7c9c775597a78a96e2326217111b9d8d46689349877dc497c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		319 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4d7c09c1e402abcb3280abeccea1b9389a02c61ceaacf30442f00ad04555889

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		413 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
621f18fe641d405022bf6db951d83e3614ebae5feb03a94c18e1a54e9f2d3a73

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc415517aa38b6486894686f9bc8d977f4759c424787c820b2d7e8de8efe286e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
3fdfb3d605e5.js
w.usabilla.com/ Frame 56D8 		54 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.usabilla.com/3fdfb3d605e5.js?lv=1
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.109.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-109-72.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
39234e7c3d0475811f37480cfbc860a2d237e03b2d73135fe39048f974aab319

Request headers

Referer
https://abnamro.nl-mijnabnamro-klantenservice.portalklanten-nl.website/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 May 2020 11:45:36 GMT
content-encoding
gzip
x-widget-server
2.1
etag
"d1bd7b668d3c8f7d06309f6aa6c4552a"
content-type
text/javascript
status
200
cache-control
public,max-age=0
content-length
14018
truncated
/ Frame F132 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2826a167c38ca84f1bd4ceaf548d08dea0a5ad559b75afc4b197bab64f5b4ad7

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 919A 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.abnamro.nl
URL
https://www.abnamro.nl/nl/widgetdelivery/unauthenticated/oca/style/css/themes/abnamro/fonts/roboto-regular.woff2
Domain
www.abnamro.nl
URL
https://www.abnamro.nl/nl/widgetdelivery/unauthenticated/oca/style/css/themes/abnamro/fonts/roboto-bold.woff2
Domain
www.abnamro.nl
URL
https://www.abnamro.nl/nl/widgetdelivery/unauthenticated/oca/style/css/themes/abnamro/fonts/roboto-condensed-regular.woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ABN Amro (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| savepage_ShadowLoader

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abnamro.nl-mijnabnamro-klantenservice.portalklanten-nl.website
w.usabilla.com
www.abnamro.nl
www.abnamro.nl
199.188.200.216
52.16.109.72
04f193d53943327ad065c836558a359f1a8db263ef444613af904210c35d08f4
1bf77a41beab12c2a0df2e92afabd6ab8c6cbd5d8e112a9d5b0280bb42f4d91d
2826a167c38ca84f1bd4ceaf548d08dea0a5ad559b75afc4b197bab64f5b4ad7
28516ae5216500c21a31bd2e74e0ddb19c77f8919c7ca6572e6068f72d8b6e33
293680a5c9b05ee7c9c775597a78a96e2326217111b9d8d46689349877dc497c
39234e7c3d0475811f37480cfbc860a2d237e03b2d73135fe39048f974aab319
44ad606492c593adb173cd8d728fdd5c1ef2971196c18afe58bb8f57851bb580
48fe130729279f84b01a263365b14084fa7630fe1e20c727c2ff867f123d60b5
4aab039eca72b7cad9388164b6d9b6402de36b6fe1d1cd0a38eaa8aa89ecccc9
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
621f18fe641d405022bf6db951d83e3614ebae5feb03a94c18e1a54e9f2d3a73
64b293e07e5bae0e3c717f0fcbdb1e2f34af65db73d4087ea4052ad13b87dc16
979a47f2e9f7c3c0c347d06566aacb659d75db72f0837c3d72d517a90cade48e
bf6078082bda76d19c57299c0ddbd91891760e9ec8526497e012b6b80656a887
c2559eef0e26286d8efb79b0573c0ea35c25b2b05e3732fbaf70dd4a35c25ecf
cc415517aa38b6486894686f9bc8d977f4759c424787c820b2d7e8de8efe286e
e97032f548bc46824ada494dea255f9a926eb16d3232d46ae7a5a3b739e8d542
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d7c09c1e402abcb3280abeccea1b9389a02c61ceaacf30442f00ad04555889