rcs2.docuflex.nl
Open in
urlscan Pro
141.138.168.108
Public Scan
URL:
https://rcs2.docuflex.nl/
Submission Tags: phishingrod
Submission: On July 30 via api from DE — Scanned from NL
Submission Tags: phishingrod
Submission: On July 30 via api from DE — Scanned from NL
Summary
This website contacted 2 IPs
in 2 countries
across 2 domains to perform 10 HTTP transactions.
The main IP is 141.138.168.108, located in
Netherlands and
belongs to PREVIDER-AS, NL.
The main domain is rcs2.docuflex.nl.
TLS certificate: Issued by R3 on May 30th 2023. Valid for: 3 months.
This is the only time rcs2.docuflex.nl was scanned on urlscan.io!
TLS certificate: Issued by R3 on May 30th 2023. Valid for: 3 months.
This is the only time rcs2.docuflex.nl was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 9 | 141.138.168.108 141.138.168.108 | 20847 (PREVIDER-AS) (PREVIDER-AS) | |
| 1 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 10 | 2 |
9
141.138.168.108
(Netherlands)
ASN20847 (PREVIDER-AS, NL)
PTR: s163.webhostingserver.nl
ASN20847 (PREVIDER-AS, NL)
PTR: s163.webhostingserver.nl
| rcs2.docuflex.nl |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 9 |
docuflex.nl
rcs2.docuflex.nl |
138 KB |
| 1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 265 |
5 KB |
| 10 | 2 |
| Domain | Requested by | |
|---|---|---|
| 9 | rcs2.docuflex.nl |
rcs2.docuflex.nl
|
| 1 | cdnjs.cloudflare.com |
rcs2.docuflex.nl
|
| 10 | 2 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| rcs.docuflex.nl R3 |
2023-05-30 - 2023-08-28 |
3 months | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://rcs2.docuflex.nl/
Frame ID: 54B8FAA5155792BC0EF01668A37055BE
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
Docuflex - RCS (2) - WelcomeDetected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery-ui.*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
rcs2.docuflex.nl/ |
2 KB 1006 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
system.css
rcs2.docuflex.nl/rbs-core/view/system/css/ |
1 KB 569 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
theme.css
rcs2.docuflex.nl/rbs-public/theme/css/ |
0 89 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
rcs2.docuflex.nl/rbs-public/theme/css/ |
118 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/css/ |
26 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui.min.css
rcs2.docuflex.nl/rbs-core/view/system/css/ |
30 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-1.12.0.min.js
rcs2.docuflex.nl/rbs-public/theme/js/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui.min.js
rcs2.docuflex.nl/rbs-core/view/system/js/ |
248 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.js
rcs2.docuflex.nl/rbs-public/theme/js/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
theme.js
rcs2.docuflex.nl/rbs-public/theme/js/ |
391 B 320 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| jQuery11200345778621611741331 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .rcs2.docuflex.nl/ | Name: PHPSESSID Value: 298f960d9b9d141ca391efb9032ba011 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Content-Type-Options | nosniff |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
rcs2.docuflex.nl
141.138.168.108
2606:4700::6811:190e
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2b2d5252a89b3620a5aa754f0a141db4b665bca45017c798a67f901e83cac751
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
aec19ce68a132980155fbfc5c8184de10746aadc2fb8ad02b38a610739e85a19
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edd3f7de5de7377116eb811f2d55a51ac04865b18a0529705c897ded47b4ef58
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
fc328d942b4720ba4440d974c291d04a234ca23ae77c043739f17b20d6e7c89b