urlscan.io logo urlscan.io
SecurityTrails logo

www.dakwerken.com Open in urlscan Pro
178.208.33.230  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://user56769.vs.speednames.com/awd.html
Effective URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Submission: On April 05 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 44 HTTP transactions. The main IP is 178.208.33.230, located in Netherlands and belongs to COMBELL-AS, BE. The main domain is www.dakwerken.com.
This is the only time www.dakwerken.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: International Card Services (Financial)

Domain & IP information

IP Address AS Autonomous System
1 91.194.151.35 34922 (NETNAMES)
3 13 178.208.33.230 34762 (COMBELL-AS)
18 185.70.113.55 48645 (BITBRAINS)
1 151.101.114.110 54113 (FASTLY)
1 162.247.242.19 23467 (NEWRELIC-...)
44 6
1    91.194.151.35 (United Kingdom)

ASN34922 (NETNAMES, GB)
user56769.vs.speednames.com
13    178.208.33.230 (Netherlands)

ASN34762 (COMBELL-AS, BE)
PTR: mail.interbizbvba.be
www.dakwerken.com
18    185.70.113.55 (Netherlands)

ASN48645 (BITBRAINS, NL)
PTR: 185-70-113-55.icscards.nl
www.icscards.nl
1    151.101.114.110 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com
1    162.247.242.19 (United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-7.nr-data.net
bam.nr-data.net
Domain Requested by
18 www.icscards.nl www.dakwerken.com
13 www.dakwerken.com 3 redirects www.dakwerken.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.dakwerken.com
1 user56769.vs.speednames.com
0 www.jsbeautifiers.com Failed www.dakwerken.com
0 lifbcibllhkdhoafpjfnlhfpfgnpldfl Failed www.dakwerken.com
44 7

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Frame ID: F9F0BB236248C5777CA549973A810589
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://user56769.vs.speednames.com/awd.html Page URL
  2. http://www.dakwerken.com/images/image/ICS/Inloggen HTTP 301
    http://www.dakwerken.com/images/image/ICS/Inloggen/ HTTP 302
    http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893 HTTP 301
    http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/ Page URL
  3. http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_sub... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /CentOS/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • env /^NREUM/i
Overall confidence: 100%
Detected patterns
  • script /swfobject.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • script /sifr\.js/i

Page Statistics

44
Requests

0 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

177 kB
Transfer

502 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://user56769.vs.speednames.com/awd.html Page URL
  2. http://www.dakwerken.com/images/image/ICS/Inloggen HTTP 301
    http://www.dakwerken.com/images/image/ICS/Inloggen/ HTTP 302
    http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893 HTTP 301
    http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/ Page URL
  3. http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://www.dakwerken.com/images/image/ICS/Inloggen HTTP 301
  • http://www.dakwerken.com/images/image/ICS/Inloggen/ HTTP 302
  • http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893 HTTP 301
  • http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
awd.html
user56769.vs.speednames.com/ 		191 B
491 B 		Document
General
Check archive.org
Download Go to
Full URL
http://user56769.vs.speednames.com/awd.html
Protocol
HTTP/1.1
Server
91.194.151.35 , United Kingdom, ASN34922 (NETNAMES, GB),
Reverse DNS
Software
Apache/2.2.3 (CentOS) /
Resource Hash
c935641944e43a1525b457adbc6056c284eecf9164dfe1067487a6e51e5d15d7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
user56769.vs.speednames.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 05 Apr 2018 16:50:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Apr 2018 12:30:33 GMT
Server
Apache/2.2.3 (CentOS)
ETag
"5d573-bf-1b14cc40"
Vary
Accept-Encoding
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
159
/
www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/
Redirect Chain
  • http://www.dakwerken.com/images/image/ICS/Inloggen
  • http://www.dakwerken.com/images/image/ICS/Inloggen/
  • http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893
  • http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/
Protocol
HTTP/1.1
Server
178.208.33.230 , Netherlands, ASN34762 (COMBELL-AS, BE),
Reverse DNS
mail.interbizbvba.be
Software
Apache / PleskLin
Resource Hash
ba877c980018ab8f51f25e73c92588facedaca0d04c7a2fba1e097e6c35ec6a3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dakwerken.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://user56769.vs.speednames.com/awd.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://user56769.vs.speednames.com/awd.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 05 Apr 2018 16:50:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
text/html
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
2219

Redirect headers

Date
Thu, 05 Apr 2018 16:50:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Location
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
274
Primary Request login.php
www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/ 		17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Requested by
Host: www.dakwerken.com
URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/
Protocol
HTTP/1.1
Server
178.208.33.230 , Netherlands, ASN34762 (COMBELL-AS, BE),
Reverse DNS
mail.interbizbvba.be
Software
Apache / PleskLin
Resource Hash
611e989c10ca265978d94ec6453e893f184a353dd97669d65abc06a995dad3c3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dakwerken.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 05 Apr 2018 16:50:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
text/html
Connection
Keep-Alive
Keep-Alive
timeout=5, max=96
Content-Length
5411
reset.css
www.icscards.nl/theme/ics/style/ 		773 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.icscards.nl/theme/ics/style/reset.css
Requested by
Host: www.dakwerken.com
URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Protocol
HTTP/1.1
Server
185.70.113.55 , Netherlands, ASN48645 (BITBRAINS, NL),
Reverse DNS
185-70-113-55.icscards.nl
Software
/
Resource Hash
1a9e5defbf68ef0e716ee4076cd34f68e04c20f5bd1aefa41ab1877d373c9c2c
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 05 Apr 2018 16:50:49 GMT
last-modified
Thu, 23 Jun 2016 11:52:46 GMT
etag
"10c1f7-305-535f0b143ff80"
Strict-Transport-Security
max-age=16070400; includeSubDomains
p3p
CP="NON CUR OTPi OUR NOR UNI"
accept-ranges
bytes
content-type
text/css
content-length
773
structure.css
www.icscards.nl/theme/ics/style/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.icscards.nl/theme/ics/style/structure.css
Requested by
Host: www.dakwerken.com
URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Protocol
HTTP/1.1
Server
185.70.113.55 , Netherlands, ASN48645 (BITBRAINS, NL),
Reverse DNS
185-70-113-55.icscards.nl
Software
/
Resource Hash
5eb5bbeec22e6bb2f9ae09032794d0c523547c429f5015613cdd609a2c25bb31
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 05 Apr 2018 16:50:49 GMT
Content-Encoding
gzip
last-modified
Thu, 23 Jun 2016 11:52:46 GMT
etag
"10c1f8-645-535f0b143ff80"
Vary
Accept-Encoding
p3p
CP="NON CUR OTPi OUR NOR UNI"
Connection
Keep-Alive
Strict-Transport-Security
max-age=16070400; includeSubDomains
accept-ranges
bytes
content-type
text/css
content-length
530
components.css
www.icscards.nl/theme/ics/style/ 		97 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.icscards.nl/theme/ics/style/components.css
Requested by
Host: www.dakwerken.com
URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Protocol
HTTP/1.1
Server
185.70.113.55 , Netherlands, ASN48645 (BITBRAINS, NL),
Reverse DNS
185-70-113-55.icscards.nl
Software
/
Resource Hash
bc683373cd8b7d2340218bc84bf75f6f1840f1652d678338f1c283b271dd1406
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 05 Apr 2018 16:50:49 GMT
Content-Encoding
gzip
last-modified
Thu, 23 Jun 2016 11:52:46 GMT
etag
"b054a-18468-535f0b143ff80"
Vary
Accept-Encoding
p3p
CP="NON CUR OTPi OUR NOR UNI"
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=16070400; includeSubDomains
accept-ranges
bytes
content-type
text/css
jquery.keypad.css
www.icscards.nl/theme/ics/style/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.icscards.nl/theme/ics/style/jquery.keypad.css
Requested by
Host: www.dakwerken.com
URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Protocol
HTTP/1.1
Server
185.70.113.55 , Netherlands, ASN48645 (BITBRAINS, NL),
Reverse DNS
185-70-113-55.icscards.nl
Software
/
Resource Hash
4fc4784ec1668192826e7224ea9687f0bbd0323aa57ae3810f63cb48891dbd50
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 05 Apr 2018 16:50:49 GMT
Content-Encoding
gzip
last-modified
Thu, 23 Jun 2016 11:52:46 GMT
etag
"b054f-10e1-535f0b143ff80"
Vary
Accept-Encoding
p3p
CP="NON CUR OTPi OUR NOR UNI"
Connection
Keep-Alive
Strict-Transport-Security
max-age=16070400; includeSubDomains
accept-ranges
bytes
content-type
text/css
content-length
1465
js-enabled.css
www.icscards.nl/nlic/themes/html/ICS/style/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.icscards.nl/nlic/themes/html/ICS/style/js-enabled.css
Requested by
Host: www.dakwerken.com
URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Protocol
HTTP/1.1
Server
185.70.113.55 , Netherlands, ASN48645 (BITBRAINS, NL),
Reverse DNS
185-70-113-55.icscards.nl
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 05 Apr 2018 16:50:48 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-length
208
Strict-Transport-Security
max-age=16070400; includeSubDomains
content-type
text/html;charset=UTF-8
headings.css
www.icscards.nl/nlic/themes/html/ICS/style/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.icscards.nl/nlic/themes/html/ICS/style/headings.css
Requested by
Host: www.dakwerken.com
URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Protocol
HTTP/1.1
Server
185.70.113.55 , Netherlands, ASN48645 (BITBRAINS, NL),
Reverse DNS
185-70-113-55.icscards.nl
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 05 Apr 2018 16:50:48 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-length
208
Strict-Transport-Security
max-age=16070400; includeSubDomains
content-type
text/html;charset=UTF-8
jquery-utils.min.js
www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/uncte/ 		180 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/uncte/jquery-utils.min.js
Requested by
Host: www.dakwerken.com
URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Protocol
HTTP/1.1
Server
178.208.33.230 , Netherlands, ASN34762 (COMBELL-AS, BE),
Reverse DNS
mail.interbizbvba.be
Software
Apache / PleskLin
Resource Hash
a334faf2a1cf0ed7eab0606ae7f78b488967e5b0da9379ece5f13b70115b26a5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dakwerken.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 05 Apr 2018 16:50:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Apr 2018 16:50:48 GMT
Server
Apache
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
54778
ETag
W/"3dc20c-2d015-5691cbdd6011b"
sifr.js
www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/uncte/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/uncte/sifr.js
Requested by
Host: www.dakwerken.com
URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Protocol
HTTP/1.1
Server
178.208.33.230 , Netherlands, ASN34762 (COMBELL-AS, BE),
Reverse DNS
mail.interbizbvba.be
Software
Apache / PleskLin
Resource Hash
a81e4db1b5b0d3e699a56fb07a76a5951ee08d6f8ce0793b31c66d20e9612089
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dakwerken.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 05 Apr 2018 16:50:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Apr 2018 16:50:48 GMT
Server
Apache
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
9845
ETag
W/"3dc20d-701a-5691cbdd6011b"
generale_style.js
www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/uncte/ 		88 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/uncte/generale_style.js
Requested by
Host: www.dakwerken.com
URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Protocol
HTTP/1.1
Server
178.208.33.230 , Netherlands, ASN34762 (COMBELL-AS, BE),
Reverse DNS
mail.interbizbvba.be
Software
Apache / PleskLin
Resource Hash
23e3ca8349931478ce6cc6ffb2b4b759871e6e54fb098884a3862487abb0a461
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dakwerken.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 05 Apr 2018 16:50:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Apr 2018 16:50:48 GMT
Server
Apache
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
30061
ETag
W/"3dc000-16183-5691cbdd0a21b"
sitestat-onclick.js
www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/uncte/ 		311 B
630 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/uncte/sitestat-onclick.js
Requested by
Host: www.dakwerken.com
URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Protocol
HTTP/1.1
Server
178.208.33.230 , Netherlands, ASN34762 (COMBELL-AS, BE),
Reverse DNS
mail.interbizbvba.be
Software
Apache / PleskLin
Resource Hash
725b2b103a184d23c4b1b822ae1f11f7b6d462e78c3ce1919afa3e8675ad6495
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dakwerken.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 05 Apr 2018 16:50:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Apr 2018 16:50:48 GMT
Server
Apache
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
235
ETag
W/"3dc1fa-137-5691cbdd5f17b"
swfobject.js
www.dakwerken.com/uncte/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dakwerken.com/uncte/swfobject.js
Requested by
Host: www.dakwerken.com
URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Protocol
HTTP/1.1
Server
178.208.33.230 , Netherlands, ASN34762 (COMBELL-AS, BE),
Reverse DNS
mail.interbizbvba.be
Software
Apache / PleskLin
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dakwerken.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 05 Apr 2018 16:50:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff nosniff
Server
Apache
X-Powered-By
PleskLin
X-Frame-Options
SAMEORIGIN
Content-Language
nl
Cache-Control
no-cache, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=utf-8
Vary
Accept-Encoding
Content-Length
2446
Keep-Alive
timeout=5, max=100
Expires
Sun, 19 Nov 1978 05:00:00 GMT
default.js
www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/uncte/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/uncte/default.js
Requested by
Host: www.dakwerken.com
URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Protocol
HTTP/1.1
Server
178.208.33.230 , Netherlands, ASN34762 (COMBELL-AS, BE),
Reverse DNS
mail.interbizbvba.be
Software
Apache / PleskLin
Resource Hash
ccc203d87d538ef6d081289d30df3407c161ffcc08d7ed757804a71eab723751
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dakwerken.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 05 Apr 2018 16:50:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Apr 2018 16:50:48 GMT
Server
Apache
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
10528
ETag
W/"3dc207-a3e7-5691cbdd5f17b"
sifr-config.js
www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/uncte/ 		1 KB
790 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/uncte/sifr-config.js
Requested by
Host: www.dakwerken.com
URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Protocol
HTTP/1.1
Server
178.208.33.230 , Netherlands, ASN34762 (COMBELL-AS, BE),
Reverse DNS
mail.interbizbvba.be
Software
Apache / PleskLin
Resource Hash
05b6bc87e34b52eb71d64ea1c6992eb5c169a04c7ae52759b75b8232640e52ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dakwerken.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 05 Apr 2018 16:50:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Apr 2018 16:50:48 GMT
Server
Apache
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
396
ETag
W/"3dc209-553-5691cbdd5f17b"
document_iterator.js
lifbcibllhkdhoafpjfnlhfpfgnpldfl/ 		0
0
find_proxy.js
lifbcibllhkdhoafpjfnlhfpfgnpldfl/ 		0
0
get_html_text.js
lifbcibllhkdhoafpjfnlhfpfgnpldfl/ 		0
0
global_constants.js
lifbcibllhkdhoafpjfnlhfpfgnpldfl/ 		0
0
name_injection_builder.js
lifbcibllhkdhoafpjfnlhfpfgnpldfl/ 		0
0
number_injection_builder.js
lifbcibllhkdhoafpjfnlhfpfgnpldfl/ 		0
0
menu_injection_builder.js
lifbcibllhkdhoafpjfnlhfpfgnpldfl/ 		0
0
string_finder.js
lifbcibllhkdhoafpjfnlhfpfgnpldfl/ 		0
0
change_sink.js
lifbcibllhkdhoafpjfnlhfpfgnpldfl/ 		0
0
logo-ics.gif
www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/uncte/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/uncte/logo-ics.gif
Requested by
Host: www.dakwerken.com
URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Protocol
HTTP/1.1
Server
178.208.33.230 , Netherlands, ASN34762 (COMBELL-AS, BE),
Reverse DNS
mail.interbizbvba.be
Software
Apache / PleskLin
Resource Hash
f00805b6957e246fdc574176010969c85477e583a3dbaa100449f6e948d18be8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dakwerken.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 05 Apr 2018 16:50:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Apr 2018 16:50:48 GMT
Server
Apache
X-Powered-By
PleskLin
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3386
ETag
W/"3dc1f8-d3a-5691cbdd5f17b"
import.css
www.dakwerken.com/content/ICS-VISA/style/ 		0
0
style.js
www.jsbeautifiers.com/js/script/ 		0
0
bg-page.gif
www.icscards.nl/theme/ics/images/backgrounds/ 		239 B
917 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.icscards.nl/theme/ics/images/backgrounds/bg-page.gif
Requested by
Host: www.dakwerken.com
URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Protocol
HTTP/1.1
Server
185.70.113.55 , Netherlands, ASN48645 (BITBRAINS, NL),
Reverse DNS
185-70-113-55.icscards.nl
Software
/
Resource Hash
e4523bb118f9bf48fd1f2da7fa37e2d2185413db69c968e1685f4984da61615a
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://www.icscards.nl/theme/ics/style/structure.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 05 Apr 2018 16:50:49 GMT
last-modified
Tue, 04 Feb 2014 13:28:48 GMT
etag
"b045a-ef-4f1949ec4e400"
Strict-Transport-Security
max-age=16070400; includeSubDomains
p3p
CP="NON CUR OTPi OUR NOR UNI"
accept-ranges
bytes
content-type
image/gif
content-length
239
bg-form-btm.gif
www.icscards.nl/theme/ics/images/backgrounds/ 		960 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.icscards.nl/theme/ics/images/backgrounds/bg-form-btm.gif
Requested by
Host: www.dakwerken.com
URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Protocol
HTTP/1.1
Server
185.70.113.55 , Netherlands, ASN48645 (BITBRAINS, NL),
Reverse DNS
185-70-113-55.icscards.nl
Software
/
Resource Hash
cdace515ac10c355f53a364350c74a8dcaad2f15fa091c9da65a2a995c80c0b7
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://www.icscards.nl/theme/ics/style/components.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 05 Apr 2018 16:50:49 GMT
last-modified
Tue, 04 Feb 2014 13:28:48 GMT
etag
"b043c-3c0-4f1949ec4e400"
Strict-Transport-Security
max-age=16070400; includeSubDomains
p3p
CP="NON CUR OTPi OUR NOR UNI"
accept-ranges
bytes
content-type
image/gif
content-length
960
bg-form-buttons-btm.gif
www.icscards.nl/theme/ics/images/backgrounds/ 		259 B
939 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.icscards.nl/theme/ics/images/backgrounds/bg-form-buttons-btm.gif
Requested by
Host: www.dakwerken.com
URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Protocol
HTTP/1.1
Server
185.70.113.55 , Netherlands, ASN48645 (BITBRAINS, NL),
Reverse DNS
185-70-113-55.icscards.nl
Software
/
Resource Hash
c11b081b276221bc5f48ba2d805419958bbe65df6f15c6e0899166bd0bd162ff
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://www.icscards.nl/theme/ics/style/components.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 05 Apr 2018 16:50:49 GMT
last-modified
Tue, 04 Feb 2014 13:28:48 GMT
etag
"10c0e3-103-4f1949ec4e400"
Strict-Transport-Security
max-age=16070400; includeSubDomains
p3p
CP="NON CUR OTPi OUR NOR UNI"
accept-ranges
bytes
content-type
image/gif
content-length
259
bg-form-top.gif
www.icscards.nl/theme/ics/images/backgrounds/ 		173 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.icscards.nl/theme/ics/images/backgrounds/bg-form-top.gif
Requested by
Host: www.dakwerken.com
URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Protocol
HTTP/1.1
Server
185.70.113.55 , Netherlands, ASN48645 (BITBRAINS, NL),
Reverse DNS
185-70-113-55.icscards.nl
Software
/
Resource Hash
dd6f18397c2fda19a522184a518e30a0268fc0283590a18bc8c31d4aba652a79
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://www.icscards.nl/theme/ics/style/components.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 05 Apr 2018 16:50:49 GMT
last-modified
Tue, 04 Feb 2014 13:28:48 GMT
etag
"10c0e6-ad-4f1949ec4e400"
Strict-Transport-Security
max-age=16070400; includeSubDomains
p3p
CP="NON CUR OTPi OUR NOR UNI"
accept-ranges
bytes
content-type
image/gif
content-length
173
link-nav-left.gif
www.icscards.nl/theme/ics/images/hyperlinks/ 		732 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.icscards.nl/theme/ics/images/hyperlinks/link-nav-left.gif
Requested by
Host: www.dakwerken.com
URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Protocol
HTTP/1.1
Server
185.70.113.55 , Netherlands, ASN48645 (BITBRAINS, NL),
Reverse DNS
185-70-113-55.icscards.nl
Software
/
Resource Hash
514a0218dcd2219657e84af80a019a517a734175c24c1db30ae2bb29af2721cd
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://www.icscards.nl/theme/ics/style/components.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 05 Apr 2018 16:50:49 GMT
last-modified
Tue, 04 Feb 2014 13:28:48 GMT
etag
"10c192-2dc-4f1949ec4e400"
Strict-Transport-Security
max-age=16070400; includeSubDomains
p3p
CP="NON CUR OTPi OUR NOR UNI"
accept-ranges
bytes
content-type
image/gif
content-length
732
link-nav-right.gif
www.icscards.nl/theme/ics/images/hyperlinks/ 		244 B
923 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.icscards.nl/theme/ics/images/hyperlinks/link-nav-right.gif
Requested by
Host: www.dakwerken.com
URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Protocol
HTTP/1.1
Server
185.70.113.55 , Netherlands, ASN48645 (BITBRAINS, NL),
Reverse DNS
185-70-113-55.icscards.nl
Software
/
Resource Hash
ca6d99e3a56986fc18f24a525da1dec933ed5cddc5494db5e37b986e11f004d7
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://www.icscards.nl/theme/ics/style/components.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 05 Apr 2018 16:50:49 GMT
last-modified
Tue, 04 Feb 2014 13:28:48 GMT
etag
"10c196-f4-4f1949ec4e400"
Strict-Transport-Security
max-age=16070400; includeSubDomains
p3p
CP="NON CUR OTPi OUR NOR UNI"
accept-ranges
bytes
content-type
image/gif
content-length
244
logo-ics.gif
www.icscards.nl/theme/ics/images/logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.icscards.nl/theme/ics/images/logos/logo-ics.gif
Requested by
Host: www.dakwerken.com
URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Protocol
HTTP/1.1
Server
185.70.113.55 , Netherlands, ASN48645 (BITBRAINS, NL),
Reverse DNS
185-70-113-55.icscards.nl
Software
/
Resource Hash
f00805b6957e246fdc574176010969c85477e583a3dbaa100449f6e948d18be8
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://www.icscards.nl/theme/ics/style/components.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 05 Apr 2018 16:50:49 GMT
last-modified
Tue, 04 Feb 2014 13:28:48 GMT
etag
"10c1cd-d3a-4f1949ec4e400"
Strict-Transport-Security
max-age=16070400; includeSubDomains
p3p
CP="NON CUR OTPi OUR NOR UNI"
accept-ranges
bytes
content-type
image/gif
content-length
3386
bg-field-shadow-tr.gif
www.icscards.nl/theme/ics/images/backgrounds/ 		106 B
785 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.icscards.nl/theme/ics/images/backgrounds/bg-field-shadow-tr.gif
Requested by
Host: www.dakwerken.com
URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Protocol
HTTP/1.1
Server
185.70.113.55 , Netherlands, ASN48645 (BITBRAINS, NL),
Reverse DNS
185-70-113-55.icscards.nl
Software
/
Resource Hash
7df6f886b7663c23da8cc7dde7e8502d037b07ceeaadd2dc39ad237ea5eca3f2
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://www.icscards.nl/theme/ics/style/components.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 05 Apr 2018 16:50:49 GMT
last-modified
Tue, 04 Feb 2014 13:28:48 GMT
etag
"10c0e0-6a-4f1949ec4e400"
Strict-Transport-Security
max-age=16070400; includeSubDomains
p3p
CP="NON CUR OTPi OUR NOR UNI"
accept-ranges
bytes
content-type
image/gif
content-length
106
btn-site-search.gif
www.icscards.nl/theme/ics/images/buttons/ 		854 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.icscards.nl/theme/ics/images/buttons/btn-site-search.gif
Requested by
Host: www.dakwerken.com
URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Protocol
HTTP/1.1
Server
185.70.113.55 , Netherlands, ASN48645 (BITBRAINS, NL),
Reverse DNS
185-70-113-55.icscards.nl
Software
/
Resource Hash
933e25cd232248b4cbb8b6e502bd0cb21fad0a053fd3e6b3a683798091b6cbc3
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://www.icscards.nl/theme/ics/style/components.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 05 Apr 2018 16:50:49 GMT
last-modified
Tue, 04 Feb 2014 13:28:50 GMT
etag
"b048d-356-4f1949ee36880"
Strict-Transport-Security
max-age=16070400; includeSubDomains
p3p
CP="NON CUR OTPi OUR NOR UNI"
accept-ranges
bytes
content-type
image/gif
content-length
854
SunOT-Regular.woff
www.icscards.nl/theme/ics/fonts/ 		0
0
link-help.gif
www.icscards.nl/theme/ics/images/hyperlinks/ 		489 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.icscards.nl/theme/ics/images/hyperlinks/link-help.gif
Requested by
Host: www.dakwerken.com
URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Protocol
HTTP/1.1
Server
185.70.113.55 , Netherlands, ASN48645 (BITBRAINS, NL),
Reverse DNS
185-70-113-55.icscards.nl
Software
/
Resource Hash
9d0e3549d2065b602f6c481986e612b1d47a2de961dfc23e98e739aa7f8894f0
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://www.icscards.nl/theme/ics/style/components.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 05 Apr 2018 16:50:49 GMT
last-modified
Wed, 16 Jul 2014 08:08:46 GMT
etag
"10c188-1e9-4fe4b08885f80"
Strict-Transport-Security
max-age=16070400; includeSubDomains
p3p
CP="NON CUR OTPi OUR NOR UNI"
accept-ranges
bytes
content-type
image/gif
content-length
489
bg-help-panel.gif
www.icscards.nl/theme/ics/images/backgrounds/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.icscards.nl/theme/ics/images/backgrounds/bg-help-panel.gif
Requested by
Host: www.dakwerken.com
URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Protocol
HTTP/1.1
Server
185.70.113.55 , Netherlands, ASN48645 (BITBRAINS, NL),
Reverse DNS
185-70-113-55.icscards.nl
Software
/
Resource Hash
0579bd53477bdda92837f4fab5449895c34e3e3b7bab417dd45a1f6fe8e9a272
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://www.icscards.nl/theme/ics/style/components.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 05 Apr 2018 16:50:49 GMT
last-modified
Tue, 04 Feb 2014 13:28:48 GMT
etag
"10c0ed-57d-4f1949ec4e400"
Strict-Transport-Security
max-age=16070400; includeSubDomains
p3p
CP="NON CUR OTPi OUR NOR UNI"
accept-ranges
bytes
content-type
image/gif
content-length
1405
btn-submit.gif
www.icscards.nl/theme/ics/images/buttons/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.icscards.nl/theme/ics/images/buttons/btn-submit.gif
Requested by
Host: www.dakwerken.com
URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Protocol
HTTP/1.1
Server
185.70.113.55 , Netherlands, ASN48645 (BITBRAINS, NL),
Reverse DNS
185-70-113-55.icscards.nl
Software
/
Resource Hash
6cb1dc7b32b13a17aa93d1cd2c87eba69950911df46cf223e3db65b4c616c6d8
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://www.icscards.nl/theme/ics/style/components.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 05 Apr 2018 16:50:49 GMT
last-modified
Tue, 04 Feb 2014 13:28:50 GMT
etag
"10c137-b94-4f1949ee36880"
Strict-Transport-Security
max-age=16070400; includeSubDomains
p3p
CP="NON CUR OTPi OUR NOR UNI"
accept-ranges
bytes
content-type
image/gif
content-length
2964
SunOT-Regular.ttf
www.icscards.nl/theme/ics/fonts/ 		0
0
nr-1071.min.js
js-agent.newrelic.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1071.min.js
Requested by
Host: www.dakwerken.com
URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Protocol
SPDY
Server
151.101.114.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280

Request headers

Referer
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 05 Apr 2018 16:50:49 GMT
content-encoding
gzip
x-amz-request-id
4FA97F9146AC1E0C
x-cache
HIT
status
200
content-length
9086
x-amz-id-2
2u+ePBLq0i+86Rc6Ty4s1JjLllOr+DvppPFIKi56RBFSrYzKnBNjQJjsdHXpgMCr0P5LWmRHmOY=
x-served-by
cache-hhn1547-HHN
last-modified
Wed, 28 Feb 2018 23:33:31 GMT
server
AmazonS3
x-timer
S1522947050.671354,VS0,VE0
etag
"a1a545c95f313a230157b47dca555c25"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
56508
a30010f2fa
bam.nr-data.net/1/ 		57 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/a30010f2fa?a=61958773&v=1071.385e752&to=YwNVMhNRXhJRARJfCVpJYhQIH1kMUQUDRUldC1YBBB95ImNNL1gKWwFQAw8fGk5cDQFfCBoWXxY%3D&rst=768&ref=http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php&be=27&fe=751&dc=523&perf=%7B%22timing%22:%7B%22of%22:1522947048917,%22n%22:0,%22u%22:20,%22ue%22:20,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:0,%22rp%22:18,%22rpe%22:20,%22dl%22:22,%22di%22:522,%22ds%22:522,%22de%22:532,%22dc%22:750,%22l%22:750,%22le%22:751%7D,%22navigation%22:%7B%7D%7D&at=T0RWRFtLTRw%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1071.min.js
Protocol
HTTP/1.1
Server
162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-7.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
lifbcibllhkdhoafpjfnlhfpfgnpldfl
URL
chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/document_iterator.js
Domain
lifbcibllhkdhoafpjfnlhfpfgnpldfl
URL
chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/find_proxy.js
Domain
lifbcibllhkdhoafpjfnlhfpfgnpldfl
URL
chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/get_html_text.js
Domain
lifbcibllhkdhoafpjfnlhfpfgnpldfl
URL
chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/global_constants.js
Domain
lifbcibllhkdhoafpjfnlhfpfgnpldfl
URL
chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/name_injection_builder.js
Domain
lifbcibllhkdhoafpjfnlhfpfgnpldfl
URL
chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/number_injection_builder.js
Domain
lifbcibllhkdhoafpjfnlhfpfgnpldfl
URL
chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/menu_injection_builder.js
Domain
lifbcibllhkdhoafpjfnlhfpfgnpldfl
URL
chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/string_finder.js
Domain
lifbcibllhkdhoafpjfnlhfpfgnpldfl
URL
chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/change_sink.js
Domain
www.dakwerken.com
URL
http://www.dakwerken.com/content/ICS-VISA/style/import.css
Domain
www.jsbeautifiers.com
URL
http://www.jsbeautifiers.com/js/script/style.js
Domain
www.icscards.nl
URL
https://www.icscards.nl/theme/ics/fonts/SunOT-Regular.woff
Domain
www.icscards.nl
URL
https://www.icscards.nl/theme/ics/fonts/SunOT-Regular.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: International Card Services (Financial)

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| yeste function| rigl object| NREUM object| newrelic function| __nr_require function| $ function| jQuery object| sIFR function| parseSelector string| _uacct number| _userv number| _ufsc string| _udn string| _uhash string| _utimeout string| _ugifpath string| _utsp number| _uflash number| _utitle number| _ulink number| _uanchor string| _utcp number| _usample number| _uctm string| _ucto string| _uccn string| _ucmd string| _ucsr string| _uctr string| _ucct string| _ucid string| _ucno object| _uOsr object| _uOkw object| _uOno object| _uRno undefined| _uff undefined| _udh undefined| _udt number| _ubl string| _udo undefined| _uu number| _ufns number| _uns string| _ur number| _ufno number| _ust object| _ubd object| _udl string| _udlh string| _uwv string| _ugifpath2 function| urchinTracker function| _uGH function| _uInfo function| _uVoid function| _uCInfo function| _uRef function| _uOrg function| _uGCse function| _uBInfo function| __utmSetTrans function| _uFlash function| __utmLinkerUrl function| __utmLinker function| __utmLinkPost function| __utmSetVar function| _uGCS function| _uGC function| _uDomain function| _uHash function| _uFixA function| _uTrim function| _uEC function| __utmVisitorCode function| _uIN function| _uES function| _uUES function| _uVG function| _uSP function| urchinPathCopy function| _uCO function| _uGT string| _utk function| _uNx string| ML string| MI string| OT number| j function| ns_onclick object| FnDefault object| FnLanguageSelect object| FnToggleHelp object| FnAccordion object| FnAlphanumeric object| FnAutoTabCC object| FnTableSlide object| FnTableSlideExplain object| FnCarousel object| FnStyleSelect object| FnError object| FnDatePicker object| FnNewsTicker object| FnNoCopyPaste object| FnYearMonthSelectorDD object| FnExtendForm object| FnLimitInput object| FnToggleCheckboxDetails object| FnToggleRadioDetails object| FnExternalLinks object| FnPageList object| FnPinPad object| FnDebug object| FnLogin object| FnLogout object| FnSitestat object| FnSelectedOption object| FnAddress string| swfPath object| sunOTregular function| do_sIFR

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
js-agent.newrelic.com
lifbcibllhkdhoafpjfnlhfpfgnpldfl
user56769.vs.speednames.com
www.dakwerken.com
www.icscards.nl
www.jsbeautifiers.com
lifbcibllhkdhoafpjfnlhfpfgnpldfl
www.dakwerken.com
www.icscards.nl
www.jsbeautifiers.com
151.101.114.110
162.247.242.19
178.208.33.230
185.70.113.55
91.194.151.35
0579bd53477bdda92837f4fab5449895c34e3e3b7bab417dd45a1f6fe8e9a272
05b6bc87e34b52eb71d64ea1c6992eb5c169a04c7ae52759b75b8232640e52ac
1a9e5defbf68ef0e716ee4076cd34f68e04c20f5bd1aefa41ab1877d373c9c2c
23e3ca8349931478ce6cc6ffb2b4b759871e6e54fb098884a3862487abb0a461
4fc4784ec1668192826e7224ea9687f0bbd0323aa57ae3810f63cb48891dbd50
514a0218dcd2219657e84af80a019a517a734175c24c1db30ae2bb29af2721cd
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
5eb5bbeec22e6bb2f9ae09032794d0c523547c429f5015613cdd609a2c25bb31
611e989c10ca265978d94ec6453e893f184a353dd97669d65abc06a995dad3c3
6cb1dc7b32b13a17aa93d1cd2c87eba69950911df46cf223e3db65b4c616c6d8
725b2b103a184d23c4b1b822ae1f11f7b6d462e78c3ce1919afa3e8675ad6495
7df6f886b7663c23da8cc7dde7e8502d037b07ceeaadd2dc39ad237ea5eca3f2
933e25cd232248b4cbb8b6e502bd0cb21fad0a053fd3e6b3a683798091b6cbc3
9d0e3549d2065b602f6c481986e612b1d47a2de961dfc23e98e739aa7f8894f0
a334faf2a1cf0ed7eab0606ae7f78b488967e5b0da9379ece5f13b70115b26a5
a81e4db1b5b0d3e699a56fb07a76a5951ee08d6f8ce0793b31c66d20e9612089
ba877c980018ab8f51f25e73c92588facedaca0d04c7a2fba1e097e6c35ec6a3
bc683373cd8b7d2340218bc84bf75f6f1840f1652d678338f1c283b271dd1406
c11b081b276221bc5f48ba2d805419958bbe65df6f15c6e0899166bd0bd162ff
c935641944e43a1525b457adbc6056c284eecf9164dfe1067487a6e51e5d15d7
ca6d99e3a56986fc18f24a525da1dec933ed5cddc5494db5e37b986e11f004d7
ccc203d87d538ef6d081289d30df3407c161ffcc08d7ed757804a71eab723751
cdace515ac10c355f53a364350c74a8dcaad2f15fa091c9da65a2a995c80c0b7
dd6f18397c2fda19a522184a518e30a0268fc0283590a18bc8c31d4aba652a79
e4523bb118f9bf48fd1f2da7fa37e2d2185413db69c968e1685f4984da61615a
f00805b6957e246fdc574176010969c85477e583a3dbaa100449f6e948d18be8
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23