zorgleeuw.onlineuur.nl Open in urlscan Pro
35.204.59.113 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://zorgleeuw.onlineuur.nl/login
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On May 21 via api (May 21st 2024, 12:29:56 pm UTC) from IT — Scanned from NL

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 35.204.59.113, located in Groningen, Netherlands and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is zorgleeuw.onlineuur.nl.
TLS certificate: Issued by R3 on May 21st 2024. Valid for: 3 months.

This is the only time zorgleeuw.onlineuur.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
9	35.204.59.113 35.204.59.113		396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9	1

9 35.204.59.113 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.59.204.35.bc.googleusercontent.com

zorgleeuw.onlineuur.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	onlineuur.nl zorgleeuw.onlineuur.nl	1 MB
9	1

	Domain	Requested by
9	zorgleeuw.onlineuur.nl	zorgleeuw.onlineuur.nl
9	1

This site contains no links.

Subject Issuer	Validity	Valid
zorgleeuw.onlineuur.nl R3	`2024-05-21` - `2024-08-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://zorgleeuw.onlineuur.nl/login
Frame ID: D7AD39ECE3D3FE8A0FDB98A0DDEA4FD3
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Zorgleeuw

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1085 kB
Transfer

3494 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request login Show response zorgleeuw.onlineuur.nl/	6 KB 3 KB	294ms 177ms	Document text/html	35.204.59.113 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://zorgleeuw.onlineuur.nl/login Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.204.59.113 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 113.59.204.35.bc.googleusercontent.com Software Apache/2.4.41 (Ubuntu) / Resource Hash `de19d6db80be29130a1fd37da55d1e95c8e8b67403421a7a53b070ad4b1db78e` Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Access-Control-Allow-Origin * Cache-Control no-cache, private Connection Keep-Alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Tue, 21 May 2024 12:29:51 GMT Keep-Alive timeout=5, max=100 Server Apache/2.4.41 (Ubuntu) Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	app.css zorgleeuw.onlineuur.nl/css/	297 KB 38 KB	32ms 30ms	Stylesheet text/css	35.204.59.113 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://zorgleeuw.onlineuur.nl/css/app.css?id=140bf61c6db078075627a372d1416cef Requested by Host: zorgleeuw.onlineuur.nl URL: https://zorgleeuw.onlineuur.nl/login Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.204.59.113 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 113.59.204.35.bc.googleusercontent.com Software Apache/2.4.41 (Ubuntu) / Resource Hash `8e33e12aaef7c8548d79adba180d5c0e32920c78e6c0d231c1480e5fd0be30a3` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://zorgleeuw.onlineuur.nl/login Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 21 May 2024 12:29:51 GMT Content-Encoding gzip Last-Modified Mon, 06 May 2024 07:03:11 GMT Server Apache/2.4.41 (Ubuntu) ETag "4a458-617c3a9927997-gzip" Vary Accept-Encoding Content-Type text/css Access-Control-Allow-Origin * Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 38282
GET H/1.1	200 OK	my-theme.css zorgleeuw.onlineuur.nl/css/4/	0 1 KB	262ms 228ms	Stylesheet text/css	35.204.59.113 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://zorgleeuw.onlineuur.nl/css/4/my-theme.css? Requested by Host: zorgleeuw.onlineuur.nl URL: https://zorgleeuw.onlineuur.nl/login Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.204.59.113 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 113.59.204.35.bc.googleusercontent.com Software Apache/2.4.41 (Ubuntu) / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://zorgleeuw.onlineuur.nl/login Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 21 May 2024 12:29:51 GMT Content-Encoding gzip Server Apache/2.4.41 (Ubuntu) Vary Accept-Encoding Transfer-Encoding chunked Content-Type text/css; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control no-cache, private Connection Keep-Alive Keep-Alive timeout=5, max=100
GET H/1.1	200 OK	manifest.js Show response zorgleeuw.onlineuur.nl/js/	1 KB 1 KB	53ms 18ms	Script application/javascript	35.204.59.113 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://zorgleeuw.onlineuur.nl/js/manifest.js?id=1e17103c49bb9c4c88a82cdcbb713b70 Requested by Host: zorgleeuw.onlineuur.nl URL: https://zorgleeuw.onlineuur.nl/login Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.204.59.113 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 113.59.204.35.bc.googleusercontent.com Software Apache/2.4.41 (Ubuntu) / Resource Hash `436811dee1a734990a6efc2bab3b923d0f3e9e1181562a843c14aa9e22fe0af9` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://zorgleeuw.onlineuur.nl/login Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 21 May 2024 12:29:51 GMT Content-Encoding gzip Last-Modified Tue, 05 Mar 2024 08:57:48 GMT Server Apache/2.4.41 (Ubuntu) ETag "5de-612e6094bd348-gzip" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 827
GET H/1.1	200 OK	vendor.js Show response zorgleeuw.onlineuur.nl/js/	2 MB 701 KB	91ms 55ms	Script application/javascript	35.204.59.113 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://zorgleeuw.onlineuur.nl/js/vendor.js?id=e404f12d4041b37758f1638854a96bac Requested by Host: zorgleeuw.onlineuur.nl URL: https://zorgleeuw.onlineuur.nl/login Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.204.59.113 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 113.59.204.35.bc.googleusercontent.com Software Apache/2.4.41 (Ubuntu) / Resource Hash `5dc700800e5d12e5ac100c040e970d7fb99e06a4ef326fc7e2c22f65aa8adf1d` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://zorgleeuw.onlineuur.nl/login Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 21 May 2024 12:29:51 GMT Content-Encoding gzip Last-Modified Mon, 06 May 2024 07:03:11 GMT Server Apache/2.4.41 (Ubuntu) ETag "1cd824-617c3a992d75a-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type application/javascript Access-Control-Allow-Origin * Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100
GET H/1.1	200 OK	head.js Show response zorgleeuw.onlineuur.nl/js/	11 KB 4 KB	55ms 17ms	Script application/javascript	35.204.59.113 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://zorgleeuw.onlineuur.nl/js/head.js?id=11b12413e4661622ca90c722a22594ee Requested by Host: zorgleeuw.onlineuur.nl URL: https://zorgleeuw.onlineuur.nl/login Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.204.59.113 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 113.59.204.35.bc.googleusercontent.com Software Apache/2.4.41 (Ubuntu) / Resource Hash `73a081bcd1ffb053ba878417d04ba028212b2cbe22b8d8940d04a4ddda51af7f` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://zorgleeuw.onlineuur.nl/login Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 21 May 2024 12:29:51 GMT Content-Encoding gzip Last-Modified Tue, 05 Mar 2024 08:57:48 GMT Server Apache/2.4.41 (Ubuntu) ETag "2a9e-612e6094bd348-gzip" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 3767
GET H/1.1	200 OK	1219176467 zorgleeuw.onlineuur.nl/media/img/	12 KB 13 KB	270ms 232ms	Image image/png	35.204.59.113 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://zorgleeuw.onlineuur.nl/media/img/1219176467?h=200&w=230&signature=8c2fcb8aec8b350c11692c0b4e933f2770ec7d729c792f20732f0265031bd9f2 Requested by Host: zorgleeuw.onlineuur.nl URL: https://zorgleeuw.onlineuur.nl/login Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.204.59.113 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 113.59.204.35.bc.googleusercontent.com Software Apache/2.4.41 (Ubuntu) / Resource Hash `62353cdb8b006e44031e50d83313be9137b266b8fa642229849294748bbbb758` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://zorgleeuw.onlineuur.nl/login Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 21 May 2024 12:29:51 GMT Server Apache/2.4.41 (Ubuntu) Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=31536000, public Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 12304 Expires Wed, 21 May 2025 12:29:51 GMT
GET H/1.1	200 OK	app.js Show response zorgleeuw.onlineuur.nl/js/	1 MB 309 KB	51ms 51ms	Script application/javascript	35.204.59.113 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://zorgleeuw.onlineuur.nl/js/app.js?id=be71c4027d93a7b667a83e1f419ac2c5 Requested by Host: zorgleeuw.onlineuur.nl URL: https://zorgleeuw.onlineuur.nl/login Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.204.59.113 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 113.59.204.35.bc.googleusercontent.com Software Apache/2.4.41 (Ubuntu) / Resource Hash `6971a9c3e4923953eea92100ad093a899d28ab7a5db25fb2a5984e77ac8b6ad3` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://zorgleeuw.onlineuur.nl/login Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 21 May 2024 12:29:51 GMT Content-Encoding gzip Last-Modified Mon, 06 May 2024 07:03:11 GMT Server Apache/2.4.41 (Ubuntu) ETag "146836-617c3a99298d8-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type application/javascript Access-Control-Allow-Origin * Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98
GET H/1.1	200 OK	favicon.ico zorgleeuw.onlineuur.nl/	15 KB 15 KB	24ms 23ms	Other image/vnd.microsoft.icon	35.204.59.113 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://zorgleeuw.onlineuur.nl/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.204.59.113 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 113.59.204.35.bc.googleusercontent.com Software Apache/2.4.41 (Ubuntu) / Resource Hash `3ea4f55a7082b8e498eb39df1d0d900d52851f0c04e52d5c19a0739145cf7602` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://zorgleeuw.onlineuur.nl/login Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 21 May 2024 12:29:52 GMT Last-Modified Mon, 11 Dec 2023 08:11:34 GMT Server Apache/2.4.41 (Ubuntu) ETag "3c2e-60c377b7364e4" Content-Type image/vnd.microsoft.icon Access-Control-Allow-Origin * Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 15406

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			zorgleeuw.onlineuur.nl/	1970-01-20 20:45:01	Name: XSRF-TOKEN Value: eyJpdiI6IlFla2I5VURmdHR3bVVOVWM3R1RPWFE9PSIsInZhbHVlIjoiQ2dYeUpYaWVpNDh5SWJYUURURFdjS3R6bURZWTlmb2d5clljWWgrdUpXMFVOTmlFenRUb3RqdFp4QTZRU1wveisiLCJtYWMiOiI5NzdiYTkzMzI4Y2M4YzRkZTZmOTYzM2U2MDJkMWE4ZjU4YzhmNDQxZTUyMzg4YjBkNTBhNDU0MTQ5YjgxZWJjIn0%3D
			zorgleeuw.onlineuur.nl/	1970-01-20 20:45:01	Name: onlineuur_session Value: eyJpdiI6InRVQzFmZFhxdmhXNTAwaWF6V2t1eXc9PSIsInZhbHVlIjoiNXFUT091N1JmYVJMaURRTFwvUDhyUG5JU293M0Z0aDVuU3U2eHFDa1QydUdkaWlvc2Fpcjh1XC85bkU0a1lvcGkwIiwibWFjIjoiZDFlMjU4N2E3ZTIzY2QzNjZhNzVmYWFjMGUzZjAyZWZjZGQ3ZjI0NGU4MTI3OGZmZTNmNDMyNDk4YzM0ZDQ2NyJ9

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	info	URL: https://zorgleeuw.onlineuur.nl/login(Line 111) Message: Autofocus processing was blocked because a document already has a focused element.
recommendation	verbose	URL: https://zorgleeuw.onlineuur.nl/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

zorgleeuw.onlineuur.nl
35.204.59.113
3ea4f55a7082b8e498eb39df1d0d900d52851f0c04e52d5c19a0739145cf7602
436811dee1a734990a6efc2bab3b923d0f3e9e1181562a843c14aa9e22fe0af9
5dc700800e5d12e5ac100c040e970d7fb99e06a4ef326fc7e2c22f65aa8adf1d
62353cdb8b006e44031e50d83313be9137b266b8fa642229849294748bbbb758
6971a9c3e4923953eea92100ad093a899d28ab7a5db25fb2a5984e77ac8b6ad3
73a081bcd1ffb053ba878417d04ba028212b2cbe22b8d8940d04a4ddda51af7f
8e33e12aaef7c8548d79adba180d5c0e32920c78e6c0d231c1480e5fd0be30a3
de19d6db80be29130a1fd37da55d1e95c8e8b67403421a7a53b070ad4b1db78e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

zorgleeuw.onlineuur.nl Open in urlscan Pro 35.204.59.113 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

1085 kBTransfer

3494 kBSize

2 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

2 Cookies

2 Console Messages

Indicators

zorgleeuw.onlineuur.nl Open in urlscan Pro
35.204.59.113 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1085 kB
Transfer

3494 kB
Size

2
Cookies

9 HTTP transactions
0 data transactions