openstaande-omgeving.gq Open in urlscan Pro
89.203.250.232 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://openstaande-omgeving.gq/lng/verifieren.php
Submission Tags: @andsyn1 phishing malicious Search All
Submission: On October 21 via api (October 21st 2020, 1:44:47 pm UTC) from NL

Summary HTTP 11 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 11 HTTP transactions. The main IP is 89.203.250.232, located in Czech Republic and belongs to CDT-AS The Czech Republic, CZ. The main domain is openstaande-omgeving.gq.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 21st 2020. Valid for: 3 months.

This is the only time openstaande-omgeving.gq was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ING Group (Banking)

Domain & IP information

	IP Address	AS Autonomous System
7	89.203.250.232 89.203.250.232	25512 (CDT-AS Th...) (CDT-AS The Czech Republic)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6811:4f6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	4

7 89.203.250.232 (Czech Republic)

ASN25512 (CDT-AS The Czech Republic, CZ)
PTR: 232-250-203-89.hicoria.com

openstaande-omgeving.gq	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4f6b (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	openstaande-omgeving.gq openstaande-omgeving.gq	138 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	32 KB
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	jquery.com code.jquery.com	24 KB
11	4

	Domain	Requested by
7	openstaande-omgeving.gq	openstaande-omgeving.gq
2	maxcdn.bootstrapcdn.com	openstaande-omgeving.gq
1	cdnjs.cloudflare.com	openstaande-omgeving.gq
1	code.jquery.com	openstaande-omgeving.gq
11	4

This site contains links to these domains. Also see Links.

Domain
inlogcodes.mijn.ing.nl
www.ing.nl

Subject Issuer	Validity	Valid
openstaande-omgeving.gq Let's Encrypt Authority X3	`2020-10-21` - `2021-01-19`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
cdnjs.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-12` - `2022-08-17`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://openstaande-omgeving.gq/lng/verifieren.php
Frame ID: 479088F4F559B5E08AFD65A02040C19C
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

11
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

200 kB
Transfer

403 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://inlogcodes.mijn.ing.nl/particulier/zelf-regelen/instellen/inlogcodes/index.jsp
Title: Hulp nodig?

Search URL Search Domain Scan URL

URL: https://www.ing.nl/de-ing/veilig-bankieren/index.html
Title: Veilig bankieren

Search URL Search Domain Scan URL

URL: https://www.ing.nl/de-ing/privacy-statement/index.html
Title: Privacy en cookies

Search URL Search Domain Scan URL

URL: https://www.ing.nl/de-ing/disclaimer/index.html
Title: Disclaimer

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request verifieren.php Show response
openstaande-omgeving.gq/lng/ 4 KB
2 KB 174ms
37ms Document
text/html 89.203.250.232
CDT-AS The Czech ...

General

Check archive.org

Show headers Download Go to

Full URL: https://openstaande-omgeving.gq/lng/verifieren.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.203.250.232 , Czech Republic, ASN25512 (CDT-AS The Czech Republic, CZ),
Reverse DNS: 232-250-203-89.hicoria.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: f8fae559510a02744c8e9f90d74b454bcf418aa7bc8eed65ebbd91174b77605c

Request headers

Host: openstaande-omgeving.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 21 Oct 2020 13:44:30 GMT
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1615
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/css/ 124 KB
19 KB 1531ms
10ms Stylesheet
text/css 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/css/bootstrap.min.css

Requested by

Host: openstaande-omgeving.gq
URL: https://openstaande-omgeving.gq/lng/verifieren.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

414caa66bb79bc88c1ba6a2a415d2333c0a01aab1c15f74684dfa7542a97d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://openstaande-omgeving.gq
Referer: https://openstaande-omgeving.gq/lng/verifieren.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 13:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:34:09 GMT
status: 200
etag: "1544639649"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 19494

GET
H/1.1 200
OK style.css
openstaande-omgeving.gq/lng/ 6 KB
2 KB 37ms
36ms Stylesheet
text/css 89.203.250.232
CDT-AS The Czech ...

General

Check archive.org

Show headers Download Go to

Full URL: https://openstaande-omgeving.gq/lng/style.css
Requested by: Host: openstaande-omgeving.gq
URL: https://openstaande-omgeving.gq/lng/verifieren.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.203.250.232 , Czech Republic, ASN25512 (CDT-AS The Czech Republic, CZ),
Reverse DNS: 232-250-203-89.hicoria.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: eb967c8a3dcd5a27e55cb9db9cc1f7566087ab2e3a7c60258cacbe3684a48976

Request headers

Referer: https://openstaande-omgeving.gq/lng/verifieren.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 21 Oct 2020 13:44:30 GMT
Content-Encoding: gzip
Last-Modified: Sun, 18 Oct 2020 09:45:20 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "19ec-5b1eedb25f5e7-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1783

GET
H/1.1 200
OK logo1.png
openstaande-omgeving.gq/lng/ 62 KB
62 KB 72ms
36ms Image
image/png 89.203.250.232
CDT-AS The Czech ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openstaande-omgeving.gq/lng/logo1.png
Requested by: Host: openstaande-omgeving.gq
URL: https://openstaande-omgeving.gq/lng/verifieren.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.203.250.232 , Czech Republic, ASN25512 (CDT-AS The Czech Republic, CZ),
Reverse DNS: 232-250-203-89.hicoria.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 585017a10de219258180ee632773ef1d8faf339ef98ce8b74e279eb39196860e

Request headers

Referer: https://openstaande-omgeving.gq/lng/verifieren.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 21 Oct 2020 13:44:30 GMT
Last-Modified: Sun, 18 Oct 2020 09:45:20 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "f722-5b1eedb1dd7c7"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 63266

GET
H/1.1 200
OK arrow-chevron-open-right.svg
openstaande-omgeving.gq/lng/ 373 B
662 B 101ms
34ms Image
image/svg+xml 89.203.250.232
CDT-AS The Czech ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openstaande-omgeving.gq/lng/arrow-chevron-open-right.svg
Requested by: Host: openstaande-omgeving.gq
URL: https://openstaande-omgeving.gq/lng/verifieren.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.203.250.232 , Czech Republic, ASN25512 (CDT-AS The Czech Republic, CZ),
Reverse DNS: 232-250-203-89.hicoria.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 4660e3da26ee1cca9ff90b3ad94fa57ff2b7083558980456c562dd43948d52f1

Request headers

Referer: https://openstaande-omgeving.gq/lng/verifieren.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 21 Oct 2020 13:44:30 GMT
Last-Modified: Sun, 18 Oct 2020 09:45:18 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "175-5b1eedb05eaca"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 373

GET
H2 200 jquery-3.2.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 1528ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by: Host: openstaande-omgeving.gq
URL: https://openstaande-omgeving.gq/lng/verifieren.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Origin: https://openstaande-omgeving.gq
Referer: https://openstaande-omgeving.gq/lng/verifieren.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 13:44:31 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2017 19:01:15 GMT
server: nginx
status: 200
etag: W/"58d026fb-10fdd"
vary: Accept-Encoding
x-hw: 1603287871.dop018.fr8.t,1603287871.cds276.fr8.hn,1603287871.cds257.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 23856

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.3/umd/ 19 KB
7 KB 52ms
33ms Script
application/javascript 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.3/umd/popper.min.js

Requested by

Host: openstaande-omgeving.gq
URL: https://openstaande-omgeving.gq/lng/verifieren.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e95b881702116fa860c3e41ef7ebaac83c3ecf0db026aaae023b46671db74ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Origin: https://openstaande-omgeving.gq
Referer: https://openstaande-omgeving.gq/lng/verifieren.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 13:44:30 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 578442
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6174
cf-request-id: 05ed00826e000017760d18a000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
etag: "5eb03fa9-4b24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603287870"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5e5b69e3defa1776-FRA
expires: Mon, 11 Oct 2021 13:44:30 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/js/ 49 KB
13 KB 1527ms
8ms Script
text/javascript 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/js/bootstrap.min.js

Requested by

Host: openstaande-omgeving.gq
URL: https://openstaande-omgeving.gq/lng/verifieren.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

1886bc561dec7c44a7541d82377ad81a40ff32496f32ad259884f0790c44d6a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://openstaande-omgeving.gq
Referer: https://openstaande-omgeving.gq/lng/verifieren.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 13:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:33:52 GMT
status: 200
etag: "1544639632"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 13086

GET
H/1.1 404
Not Found bg.png
openstaande-omgeving.gq/lng/ 286 B
286 B 42ms
41ms Image
text/html 89.203.250.232
CDT-AS The Czech ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openstaande-omgeving.gq/lng/bg.png
Requested by: Host: openstaande-omgeving.gq
URL: https://openstaande-omgeving.gq/lng/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.203.250.232 , Czech Republic, ASN25512 (CDT-AS The Czech Republic, CZ),
Reverse DNS: 232-250-203-89.hicoria.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: ca67948c28f25ecfb740b335c2e6ae57ccee923a9ebbcd98e3f962679ca28b54

Request headers

Referer: https://openstaande-omgeving.gq/lng/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 21 Oct 2020 13:44:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 286
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK ing.ttf
openstaande-omgeving.gq/lng/ 70 KB
70 KB 37ms
36ms Font
application/font-sfnt 89.203.250.232
CDT-AS The Czech ...

General

Check archive.org

Show headers Download Go to

Full URL: https://openstaande-omgeving.gq/lng/ing.ttf
Requested by: Host: openstaande-omgeving.gq
URL: https://openstaande-omgeving.gq/lng/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.203.250.232 , Czech Republic, ASN25512 (CDT-AS The Czech Republic, CZ),
Reverse DNS: 232-250-203-89.hicoria.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 2f3bd101622b80b58bf0cd3714742b23d0e63775de7a770685e68880d366b49e

Request headers

Origin: https://openstaande-omgeving.gq
Referer: https://openstaande-omgeving.gq/lng/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 21 Oct 2020 13:44:31 GMT
Last-Modified: Sun, 18 Oct 2020 09:45:19 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "11768-5b1eedb1b2848"
Content-Type: application/font-sfnt
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 71528

GET
H/1.1 200
OK checkbox.svg
openstaande-omgeving.gq/lng/ 285 B
573 B 34ms
34ms Image
image/svg+xml 89.203.250.232
CDT-AS The Czech ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openstaande-omgeving.gq/lng/checkbox.svg
Requested by: Host: openstaande-omgeving.gq
URL: https://openstaande-omgeving.gq/lng/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.203.250.232 , Czech Republic, ASN25512 (CDT-AS The Czech Republic, CZ),
Reverse DNS: 232-250-203-89.hicoria.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 753715f3d281b57d2df1a9f7163eb448e7d727e30172a9fe7e5bcc11fc4e9677

Request headers

Referer: https://openstaande-omgeving.gq/lng/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 21 Oct 2020 13:44:34 GMT
Last-Modified: Sun, 18 Oct 2020 09:45:19 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "11d-5b1eedb114509"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 285

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ING Group (Banking)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
maxcdn.bootstrapcdn.com
openstaande-omgeving.gq
2001:4de0:ac19::1:b:2a
2001:4de0:ac19::1:b:2b
2606:4700::6811:4f6b
89.203.250.232
1886bc561dec7c44a7541d82377ad81a40ff32496f32ad259884f0790c44d6a5
2f3bd101622b80b58bf0cd3714742b23d0e63775de7a770685e68880d366b49e
414caa66bb79bc88c1ba6a2a415d2333c0a01aab1c15f74684dfa7542a97d2f7
4660e3da26ee1cca9ff90b3ad94fa57ff2b7083558980456c562dd43948d52f1
585017a10de219258180ee632773ef1d8faf339ef98ce8b74e279eb39196860e
753715f3d281b57d2df1a9f7163eb448e7d727e30172a9fe7e5bcc11fc4e9677
8e95b881702116fa860c3e41ef7ebaac83c3ecf0db026aaae023b46671db74ce
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
ca67948c28f25ecfb740b335c2e6ae57ccee923a9ebbcd98e3f962679ca28b54
eb967c8a3dcd5a27e55cb9db9cc1f7566087ab2e3a7c60258cacbe3684a48976
f8fae559510a02744c8e9f90d74b454bcf418aa7bc8eed65ebbd91174b77605c

openstaande-omgeving.gq Open in urlscan Pro 89.203.250.232 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

200 kBTransfer

403 kBSize

0 Cookies

4 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

9 JavaScript Global Variables

0 Cookies

Indicators

openstaande-omgeving.gq Open in urlscan Pro
89.203.250.232 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

200 kB
Transfer

403 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!