rijschoolhoorn.nl Open in urlscan Pro
2a00:f10:13f:0:1c00:4fff:fe00:174 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://rijschoolhoorn.nl/de/capone/
Submission: On September 28 via manual (September 28th 2022, 7:39:57 am UTC) from FR — Scanned from NL

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 13 HTTP transactions. The main IP is 2a00:f10:13f:0:1c00:4fff:fe00:174, located in Netherlands and belongs to CLDIN-NL TWS, NL. The main domain is rijschoolhoorn.nl.

This is the only time rijschoolhoorn.nl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: CapitalOne (Financial)

Domain & IP information

	IP Address	AS Autonomous System
11	2a00:f10:13f:... 2a00:f10:13f:0:1c00:4fff:fe00:174	48635 (CLDIN-NL TWS) (CLDIN-NL TWS)
1 2	2606:4700:20:... 2606:4700:20::681a:95b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:80a::200a	15169 (GOOGLE) (GOOGLE)
13	3

11 2a00:f10:13f:0:1c00:4fff:fe00:174 (Netherlands)

ASN48635 (CLDIN-NL TWS, NL)

rijschoolhoorn.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:95b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.tailwindcss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	rijschoolhoorn.nl rijschoolhoorn.nl	147 KB
2	tailwindcss.com 1 redirects cdn.tailwindcss.com — Cisco Umbrella Rank: 120565	97 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 293	34 KB
13	3

	Domain	Requested by
11	rijschoolhoorn.nl	rijschoolhoorn.nl
2	cdn.tailwindcss.com	1 redirects rijschoolhoorn.nl
1	ajax.googleapis.com	rijschoolhoorn.nl
13	3

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://rijschoolhoorn.nl/de/capone/
Frame ID: 4D602D44E4B29F4E01FAB70469CFC64E
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In: Sign to your account(s)

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

8 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

278 kB
Transfer

558 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://cdn.tailwindcss.com/ HTTP 302
https://cdn.tailwindcss.com/3.1.8

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
rijschoolhoorn.nl/de/capone/ 5 KB
5 KB 170ms
15ms Document
text/html 2a00:f10:13f:0:1c00:4fff:fe00:174
CLDIN-NL TWS

General

Check archive.org

Show headers Download Go to

Full URL

http://rijschoolhoorn.nl/de/capone/

Protocol

HTTP/1.1

Server

2a00:f10:13f:0:1c00:4fff:fe00:174 , Netherlands, ASN48635 (CLDIN-NL TWS, NL),

Reverse DNS

Software

Apache /

Resource Hash

ffa20e77a5363b578599b8b9b1d23d311cd3b127a4e632814f01647af73a3679

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Upgrade, Keep-Alive
Content-Length: 4751
Content-Type: text/html
Date: Wed, 28 Sep 2022 07:39:52 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Mon, 19 Sep 2022 03:34:10 GMT
Server: Apache
Upgrade: h2,h2c
X-Content-Type-Options: nosniff

GET
H2

200

3.1.8 Show response
cdn.tailwindcss.com/
Redirect Chain

https://cdn.tailwindcss.com/
https://cdn.tailwindcss.com/3.1.8

319 KB
97 KB

39ms
39ms

Script
text/javascript

2606:4700:20::681a:95b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tailwindcss.com/3.1.8

Requested by

Host: rijschoolhoorn.nl
URL: http://rijschoolhoorn.nl/de/capone/

Protocol

Server

2606:4700:20::681a:95b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d6e7e5263fa38ed2725e4be49d49fdca61aa60f92ffc1edbd0c3b47dc8c9e2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://rijschoolhoorn.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 07:39:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2022 17:01:21 GMT
x-vercel-id: syd1::iad1::5cswb-1659718880314-e36b19295c12
age: 4631910
x-vercel-cache: MISS
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u2eaoZ4lGq8lo3B59%2B2r98zcCSelGR0b5DyCs1fUnQ5J71rrT3SI4bjnlw5XcyMdCPsOrV%2FPQcBeVzh%2FyOrnQeRD9Y54fHjPUkmkaozpqT9%2FdzHmQPbyjY%2FRHOGXeMOqGaLMRGfxnNL9Iu61b3x0dHY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000
cf-ray: 751ad3ea394d9b55-FRA
server: cloudflare

Redirect headers

date: Wed, 28 Sep 2022 07:39:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-vercel-id: syd1::iad1::twkmr-1664350088658-065dd7da3894
age: 128
x-vercel-cache: MISS
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LnSbw6RbK3o0fVle2BcGV9Yg920l%2FeAE5dXuTJYPZqXoVBn9hBXdKb0Iu0jRe6AdJyjKMJdlEuoEWtuBcLELCCUPyYzRH4iJ25xCvLSQaUZusP4jgJBcuDnX6CQVhRSaESTGa1lahCcJHCkDVbUC5OI%3D"}],"group":"cf-nel","max_age":604800}
location: /3.1.8
cache-control: max-age=14400
strict-transport-security: max-age=63072000
cf-ray: 751ad3ea08f19b55-FRA
content-length: 0
server: cloudflare

GET
H/1.1 200
OK style.css
rijschoolhoorn.nl/de/capone/ 2 KB
2 KB 14ms
14ms Stylesheet
text/css 2a00:f10:13f:0:1c00:4fff:fe00:174
CLDIN-NL TWS

General

Check archive.org

Show headers Download Go to

Full URL

http://rijschoolhoorn.nl/de/capone/style.css

Requested by

Host: rijschoolhoorn.nl
URL: http://rijschoolhoorn.nl/de/capone/

Protocol

HTTP/1.1

Server

2a00:f10:13f:0:1c00:4fff:fe00:174 , Netherlands, ASN48635 (CLDIN-NL TWS, NL),

Reverse DNS

Software

Apache /

Resource Hash

0eba33e8035992dab1521cc62151435ae61e9f2bdc6afe2108da74e39a4bbc10

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://rijschoolhoorn.nl/de/capone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 07:39:52 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 17 Sep 2022 07:28:39 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2161

GET
H/1.1 200
OK capital-one-logo.svg
rijschoolhoorn.nl/de/capone/assets/ 4 KB
4 KB 14ms
14ms Image
image/svg+xml 2a00:f10:13f:0:1c00:4fff:fe00:174
CLDIN-NL TWS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://rijschoolhoorn.nl/de/capone/assets/capital-one-logo.svg

Requested by

Host: rijschoolhoorn.nl
URL: http://rijschoolhoorn.nl/de/capone/

Protocol

HTTP/1.1

Server

2a00:f10:13f:0:1c00:4fff:fe00:174 , Netherlands, ASN48635 (CLDIN-NL TWS, NL),

Reverse DNS

Software

Apache /

Resource Hash

57dfca5b95599a613da940f4a49ab6378fcf0586366a47cae679796930bf0eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://rijschoolhoorn.nl/de/capone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 07:39:52 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 17 Sep 2022 00:07:32 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3971

GET
H/1.1 200
OK 1.png
rijschoolhoorn.nl/de/capone/assets/ 8 KB
8 KB 15ms
15ms Image
image/png 2a00:f10:13f:0:1c00:4fff:fe00:174
CLDIN-NL TWS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://rijschoolhoorn.nl/de/capone/assets/1.png

Requested by

Host: rijschoolhoorn.nl
URL: http://rijschoolhoorn.nl/de/capone/

Protocol

HTTP/1.1

Server

2a00:f10:13f:0:1c00:4fff:fe00:174 , Netherlands, ASN48635 (CLDIN-NL TWS, NL),

Reverse DNS

Software

Apache /

Resource Hash

3390c6c4cbdbcf09a17ac77050aca96495522735e5f303a04c73f821740de109

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://rijschoolhoorn.nl/de/capone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 07:39:52 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 17 Sep 2022 05:18:16 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 8409

GET
H/1.1 200
OK icon-user.svg
rijschoolhoorn.nl/de/capone/assets/ 584 B
889 B 29ms
14ms Image
image/svg+xml 2a00:f10:13f:0:1c00:4fff:fe00:174
CLDIN-NL TWS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://rijschoolhoorn.nl/de/capone/assets/icon-user.svg

Requested by

Host: rijschoolhoorn.nl
URL: http://rijschoolhoorn.nl/de/capone/

Protocol

HTTP/1.1

Server

2a00:f10:13f:0:1c00:4fff:fe00:174 , Netherlands, ASN48635 (CLDIN-NL TWS, NL),

Reverse DNS

Software

Apache /

Resource Hash

32f101709eb4240f21b330c854ed3bd539c0dc9001f08bf51d4e6a5b6bf641c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://rijschoolhoorn.nl/de/capone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 07:39:52 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 17 Sep 2022 00:07:47 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/svg+xml
Keep-Alive: timeout=5, max=100
Content-Length: 584

GET
H/1.1 200
OK user.svg
rijschoolhoorn.nl/de/capone/assets/ 1 KB
2 KB 28ms
14ms Image
image/svg+xml 2a00:f10:13f:0:1c00:4fff:fe00:174
CLDIN-NL TWS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://rijschoolhoorn.nl/de/capone/assets/user.svg

Requested by

Host: rijschoolhoorn.nl
URL: http://rijschoolhoorn.nl/de/capone/

Protocol

HTTP/1.1

Server

2a00:f10:13f:0:1c00:4fff:fe00:174 , Netherlands, ASN48635 (CLDIN-NL TWS, NL),

Reverse DNS

Software

Apache /

Resource Hash

b4567ffa170c9600acbf01052800d38c9abd799848f809ce00a36f989b3111f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://rijschoolhoorn.nl/de/capone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 07:39:52 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 17 Sep 2022 05:40:37 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/svg+xml
Keep-Alive: timeout=5, max=100
Content-Length: 1325

GET
H/1.1 200
OK locked.svg
rijschoolhoorn.nl/de/capone/assets/ 2 KB
2 KB 29ms
14ms Image
image/svg+xml 2a00:f10:13f:0:1c00:4fff:fe00:174
CLDIN-NL TWS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://rijschoolhoorn.nl/de/capone/assets/locked.svg

Requested by

Host: rijschoolhoorn.nl
URL: http://rijschoolhoorn.nl/de/capone/

Protocol

HTTP/1.1

Server

2a00:f10:13f:0:1c00:4fff:fe00:174 , Netherlands, ASN48635 (CLDIN-NL TWS, NL),

Reverse DNS

Software

Apache /

Resource Hash

19715a997a01d5bf6905a35482874ab22cad47a4ff0aff0dc53bea6a1f6db588

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://rijschoolhoorn.nl/de/capone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 07:39:52 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 17 Sep 2022 06:19:08 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/svg+xml
Keep-Alive: timeout=5, max=100
Content-Length: 1774

GET
H/1.1 200
OK footer.png
rijschoolhoorn.nl/de/capone/assets/ 30 KB
30 KB 29ms
15ms Image
image/png 2a00:f10:13f:0:1c00:4fff:fe00:174
CLDIN-NL TWS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://rijschoolhoorn.nl/de/capone/assets/footer.png

Requested by

Host: rijschoolhoorn.nl
URL: http://rijschoolhoorn.nl/de/capone/

Protocol

HTTP/1.1

Server

2a00:f10:13f:0:1c00:4fff:fe00:174 , Netherlands, ASN48635 (CLDIN-NL TWS, NL),

Reverse DNS

Software

Apache /

Resource Hash

f7325912d7dc5bb1ac470e72f08d0aae2a87369baa90aca8592572d7ae1b2447

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://rijschoolhoorn.nl/de/capone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 07:39:52 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 17 Sep 2022 07:33:48 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=100
Content-Length: 30886

GET
H/1.1 200
OK footerm.png
rijschoolhoorn.nl/de/capone/assets/ 37 KB
37 KB 29ms
15ms Image
image/png 2a00:f10:13f:0:1c00:4fff:fe00:174
CLDIN-NL TWS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://rijschoolhoorn.nl/de/capone/assets/footerm.png

Requested by

Host: rijschoolhoorn.nl
URL: http://rijschoolhoorn.nl/de/capone/

Protocol

HTTP/1.1

Server

2a00:f10:13f:0:1c00:4fff:fe00:174 , Netherlands, ASN48635 (CLDIN-NL TWS, NL),

Reverse DNS

Software

Apache /

Resource Hash

057eb4474ddfc39f0803abd5ad5537e29910e65b9b42e22155a5a4dd36e75bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://rijschoolhoorn.nl/de/capone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 07:39:52 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 17 Sep 2022 07:33:48 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=100
Content-Length: 37582

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 141ms
36ms Script
text/javascript 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: rijschoolhoorn.nl
URL: http://rijschoolhoorn.nl/de/capone/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://rijschoolhoorn.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 04:14:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 04:14:56 GMT

GET
H/1.1 200
OK Optimist_W_Rg.woff2
rijschoolhoorn.nl/de/capone/assets/ 28 KB
28 KB 15ms
14ms Font
font/woff2 2a00:f10:13f:0:1c00:4fff:fe00:174
CLDIN-NL TWS

General

Check archive.org

Show headers Download Go to

Full URL

http://rijschoolhoorn.nl/de/capone/assets/Optimist_W_Rg.woff2

Requested by

Host: rijschoolhoorn.nl
URL: http://rijschoolhoorn.nl/de/capone/style.css

Protocol

HTTP/1.1

Server

2a00:f10:13f:0:1c00:4fff:fe00:174 , Netherlands, ASN48635 (CLDIN-NL TWS, NL),

Reverse DNS

Software

Apache /

Resource Hash

9b98e19f831844b3dae8e1fd65b6802bc778446fbdacac8203e34bbc02eacbcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://rijschoolhoorn.nl/de/capone/style.css
Origin: http://rijschoolhoorn.nl
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 07:39:52 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 17 Sep 2022 05:18:01 GMT
Server: Apache
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 28388

GET
H/1.1 200
OK Optimist_W_Lt.woff2
rijschoolhoorn.nl/de/capone/assets/ 27 KB
27 KB 14ms
14ms Font
font/woff2 2a00:f10:13f:0:1c00:4fff:fe00:174
CLDIN-NL TWS

General

Check archive.org

Show headers Download Go to

Full URL

http://rijschoolhoorn.nl/de/capone/assets/Optimist_W_Lt.woff2

Requested by

Host: rijschoolhoorn.nl
URL: http://rijschoolhoorn.nl/de/capone/style.css

Protocol

HTTP/1.1

Server

2a00:f10:13f:0:1c00:4fff:fe00:174 , Netherlands, ASN48635 (CLDIN-NL TWS, NL),

Reverse DNS

Software

Apache /

Resource Hash

902c5a9d8ad932630fb2021fe1a1a7f4f06513b19e8d073866178ee65ff33fe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://rijschoolhoorn.nl/de/capone/style.css
Origin: http://rijschoolhoorn.nl
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 07:39:52 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 17 Sep 2022 05:18:01 GMT
Server: Apache
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 27852

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: CapitalOne (Financial)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.tailwindcss.com
rijschoolhoorn.nl
2606:4700:20::681a:95b
2a00:1450:400d:80a::200a
2a00:f10:13f:0:1c00:4fff:fe00:174
057eb4474ddfc39f0803abd5ad5537e29910e65b9b42e22155a5a4dd36e75bc4
0eba33e8035992dab1521cc62151435ae61e9f2bdc6afe2108da74e39a4bbc10
19715a997a01d5bf6905a35482874ab22cad47a4ff0aff0dc53bea6a1f6db588
2d6e7e5263fa38ed2725e4be49d49fdca61aa60f92ffc1edbd0c3b47dc8c9e2b
32f101709eb4240f21b330c854ed3bd539c0dc9001f08bf51d4e6a5b6bf641c6
3390c6c4cbdbcf09a17ac77050aca96495522735e5f303a04c73f821740de109
57dfca5b95599a613da940f4a49ab6378fcf0586366a47cae679796930bf0eed
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
902c5a9d8ad932630fb2021fe1a1a7f4f06513b19e8d073866178ee65ff33fe9
9b98e19f831844b3dae8e1fd65b6802bc778446fbdacac8203e34bbc02eacbcd
b4567ffa170c9600acbf01052800d38c9abd799848f809ce00a36f989b3111f8
f7325912d7dc5bb1ac470e72f08d0aae2a87369baa90aca8592572d7ae1b2447
ffa20e77a5363b578599b8b9b1d23d311cd3b127a4e632814f01647af73a3679

rijschoolhoorn.nl Open in urlscan Pro 2a00:f10:13f:0:1c00:4fff:fe00:174 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

8 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

278 kBTransfer

558 kBSize

0 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

11 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

rijschoolhoorn.nl Open in urlscan Pro
2a00:f10:13f:0:1c00:4fff:fe00:174 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

8 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

278 kB
Transfer

558 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!