mijn-aanvraag.net
Open in
urlscan Pro
2a06:98c1:3121::3
Malicious Activity!
Public Scan
Effective URL: https://mijn-aanvraag.net/K8IjL9/1M3k/663460e8ad495
Submission: On May 05 via api from BE — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on May 2nd 2024. Valid for: 3 months.
This is the only time mijn-aanvraag.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ING Group (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 35.241.186.140 35.241.186.140 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 1 | 54.78.186.219 54.78.186.219 | 16509 (AMAZON-02) (AMAZON-02) | |
10 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 40.114.178.124 40.114.178.124 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
11 | 3 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 140.186.241.35.bc.googleusercontent.com
x5yqt.mjt.lu | |
0jm03.mjt.lu |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-186-219.eu-west-1.compute.amazonaws.com
mandrillapp.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
external-content.duckduckgo.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
mijn-aanvraag.net
mijn-aanvraag.net |
691 KB |
2 |
mjt.lu
2 redirects
x5yqt.mjt.lu 0jm03.mjt.lu |
811 B |
1 |
duckduckgo.com
external-content.duckduckgo.com — Cisco Umbrella Rank: 6985 |
46 KB |
1 |
mandrillapp.com
1 redirects
mandrillapp.com — Cisco Umbrella Rank: 13541 |
732 B |
11 | 4 |
Domain | Requested by | |
---|---|---|
10 | mijn-aanvraag.net |
mijn-aanvraag.net
|
1 | external-content.duckduckgo.com |
mijn-aanvraag.net
|
1 | 0jm03.mjt.lu | 1 redirects |
1 | mandrillapp.com | 1 redirects |
1 | x5yqt.mjt.lu | 1 redirects |
11 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.rjv.fgov.be |
Subject Issuer | Validity | Valid | |
---|---|---|---|
mijn-aanvraag.net GTS CA 1P5 |
2024-05-02 - 2024-07-31 |
3 months | crt.sh |
*.duckduckgo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-05-02 - 2024-11-25 |
7 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://mijn-aanvraag.net/K8IjL9/1M3k/663460e8ad495
Frame ID: A3AB82B1834015DC62A794528698841A
Requests: 22 HTTP requests in this frame
Screenshot
Page Title
FormuIier | VakantiePage URL History Show full URLs
-
http://x5yqt.mjt.lu/lnk/AXAAAEFW22kAAAAAAAAAAQY43jcAAYCswuQAAAAAABGy_wBmN32bKlelKEicR1qaFCFRNdUm...
HTTP 307
https://x5yqt.mjt.lu/lnk/AXAAAEFW22kAAAAAAAAAAQY43jcAAYCswuQAAAAAABGy_wBmN32bKlelKEicR1qaFCFRNdUm... HTTP 302
https://mandrillapp.com/track/click/31348475/0jm03.mjt.lu?p=eyJzIjoiRGdKU3FkdnF3U3BHZHRBTndJMU44Tkds... HTTP 302
https://0jm03.mjt.lu/lnk/AVcAAD8fmFoAAAAAAAAAAdVGj9QAAYCsN6sAAAAAACF0VQBmNPJzk_PDoNQER-OG2ec42k5p... HTTP 302
https://mijn-aanvraag.net/K8IjL9/1M3k/663460e8ad495 Page URL
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Bij ons werken
Search URL Search Domain Scan URL
Title: Mijn rekeningnummer meedelen / Formulieren
Search URL Search Domain Scan URL
Title: Vakantiegeld
Search URL Search Domain Scan URL
Title: Vakantieduur
Search URL Search Domain Scan URL
Title: Wat in geval van ...
Search URL Search Domain Scan URL
Title: FAQ: Corona / Energie
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://x5yqt.mjt.lu/lnk/AXAAAEFW22kAAAAAAAAAAQY43jcAAYCswuQAAAAAABGy_wBmN32bKlelKEicR1qaFCFRNdUmggARwI0/1/YqMYOIbavC42M6KF1OPpDg/aHR0cHM6Ly9tYW5kcmlsbGFwcC5jb20vdHJhY2svY2xpY2svMzEzNDg0NzUvMGptMDMubWp0Lmx1P3A9ZXlKeklqb2lSR2RLVTNGa2RuRjNVM0JIWkhSQlRuZEpNVTQ0VGtkc1lsQkpJaXdpZGlJNk1Td2ljQ0k2SW50Y0luVmNJam96TVRNME9EUTNOU3hjSW5aY0lqb3hMRndpZFhKc1hDSTZYQ0pvZEhSd2N6cGNYRnd2WEZ4Y0x6QnFiVEF6TG0xcWRDNXNkVnhjWEM5c2JtdGNYRnd2UVZaalFVRkVPR1p0Um05QlFVRkJRVUZCUVVGQlpGWkhhamxSUVVGWlEzTk9Obk5CUVVGQlFVRkRSakJXVVVKdFRsQktlbXRmVUVSdlRsRkZVaTFQUnpKbFl6UXlhelZ3T1VGQlptTnVNRnhjWEM4eFhGeGNMMDFYTWpaMVdYUnRMVzFHY1hSVlJGbDZSMGhPZWtGY1hGd3ZZVWhTTUdOSVRUWk1lVGwwWVZkd2RVeFhSbWhpYmxwNVdWZEdia3h0Tld4a1F6bE1UMFZzY1ZSRWEzWk5WVEI2WVhrNE1rNXFUVEJPYWtKc1QwZEdhMDVFYXpGY0lpeGNJbWxrWENJNlhDSTBNMkU1TVRaaFpHUmlORFUwTUdJMk9HUTNOemt4Wm1RMk16QmtaVFk1TUZ3aUxGd2lkWEpzWDJsa2Mxd2lPbHRjSW1ObE5HWmxOVGhrT0RBd09EY3pNVE5qT0RSak1HVTFNekJoTlRVNU56RTBOMlV6WVdGa05tSmNJbDE5SW4w
HTTP 307
https://x5yqt.mjt.lu/lnk/AXAAAEFW22kAAAAAAAAAAQY43jcAAYCswuQAAAAAABGy_wBmN32bKlelKEicR1qaFCFRNdUmggARwI0/1/YqMYOIbavC42M6KF1OPpDg/aHR0cHM6Ly9tYW5kcmlsbGFwcC5jb20vdHJhY2svY2xpY2svMzEzNDg0NzUvMGptMDMubWp0Lmx1P3A9ZXlKeklqb2lSR2RLVTNGa2RuRjNVM0JIWkhSQlRuZEpNVTQ0VGtkc1lsQkpJaXdpZGlJNk1Td2ljQ0k2SW50Y0luVmNJam96TVRNME9EUTNOU3hjSW5aY0lqb3hMRndpZFhKc1hDSTZYQ0pvZEhSd2N6cGNYRnd2WEZ4Y0x6QnFiVEF6TG0xcWRDNXNkVnhjWEM5c2JtdGNYRnd2UVZaalFVRkVPR1p0Um05QlFVRkJRVUZCUVVGQlpGWkhhamxSUVVGWlEzTk9Obk5CUVVGQlFVRkRSakJXVVVKdFRsQktlbXRmVUVSdlRsRkZVaTFQUnpKbFl6UXlhelZ3T1VGQlptTnVNRnhjWEM4eFhGeGNMMDFYTWpaMVdYUnRMVzFHY1hSVlJGbDZSMGhPZWtGY1hGd3ZZVWhTTUdOSVRUWk1lVGwwWVZkd2RVeFhSbWhpYmxwNVdWZEdia3h0Tld4a1F6bE1UMFZzY1ZSRWEzWk5WVEI2WVhrNE1rNXFUVEJPYWtKc1QwZEdhMDVFYXpGY0lpeGNJbWxrWENJNlhDSTBNMkU1TVRaaFpHUmlORFUwTUdJMk9HUTNOemt4Wm1RMk16QmtaVFk1TUZ3aUxGd2lkWEpzWDJsa2Mxd2lPbHRjSW1ObE5HWmxOVGhrT0RBd09EY3pNVE5qT0RSak1HVTFNekJoTlRVNU56RTBOMlV6WVdGa05tSmNJbDE5SW4w HTTP 302
https://mandrillapp.com/track/click/31348475/0jm03.mjt.lu?p=eyJzIjoiRGdKU3FkdnF3U3BHZHRBTndJMU44TkdsYlBJIiwidiI6MSwicCI6IntcInVcIjozMTM0ODQ3NSxcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcLzBqbTAzLm1qdC5sdVxcXC9sbmtcXFwvQVZjQUFEOGZtRm9BQUFBQUFBQUFBZFZHajlRQUFZQ3NONnNBQUFBQUFDRjBWUUJtTlBKemtfUERvTlFFUi1PRzJlYzQyazVwOUFBZmNuMFxcXC8xXFxcL01XMjZ1WXRtLW1GcXRVRFl6R0hOekFcXFwvYUhSMGNITTZMeTl0YVdwdUxXRmhiblp5WVdGbkxtNWxkQzlMT0VscVREa3ZNVTB6YXk4Mk5qTTBOakJsT0dGa05EazFcIixcImlkXCI6XCI0M2E5MTZhZGRiNDU0MGI2OGQ3NzkxZmQ2MzBkZTY5MFwiLFwidXJsX2lkc1wiOltcImNlNGZlNThkODAwODczMTNjODRjMGU1MzBhNTU5NzE0N2UzYWFkNmJcIl19In0 HTTP 302
https://0jm03.mjt.lu/lnk/AVcAAD8fmFoAAAAAAAAAAdVGj9QAAYCsN6sAAAAAACF0VQBmNPJzk_PDoNQER-OG2ec42k5p9AAfcn0/1/MW26uYtm-mFqtUDYzGHNzA/aHR0cHM6Ly9taWpuLWFhbnZyYWFnLm5ldC9LOElqTDkvMU0zay82NjM0NjBlOGFkNDk1 HTTP 302
https://mijn-aanvraag.net/K8IjL9/1M3k/663460e8ad495 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
663460e8ad495
mijn-aanvraag.net/K8IjL9/1M3k/ Redirect Chain
|
2 MB 428 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
399 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
22 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
481 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kbc.png
mijn-aanvraag.net/logo/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
belfius.png
mijn-aanvraag.net/logo/ |
23 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
argenta.png
mijn-aanvraag.net/logo/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ing-be.png
mijn-aanvraag.net/logo/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
axa.png
mijn-aanvraag.net/logo/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnp.png
mijn-aanvraag.net/logo/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
crelan.png
mijn-aanvraag.net/logo/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fintro.png
mijn-aanvraag.net/logo/ |
61 KB 61 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bpost.png
mijn-aanvraag.net/logo/ |
112 KB 112 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
external-content.duckduckgo.com/iu/ |
45 KB 46 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
460 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
6 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
356 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
797 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
124 KB 124 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
78 KB 78 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ING Group (Banking)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| savepage_ShadowLoader2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
mandrillapp.com/ | Name: PHPSESSID Value: 4p7jmvt8n4ps630a0bmug69f9l |
|
mijn-aanvraag.net/ | Name: PHPSESSID Value: 4b0err82a3pflnu56li7qupqu4 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
0jm03.mjt.lu
external-content.duckduckgo.com
mandrillapp.com
mijn-aanvraag.net
x5yqt.mjt.lu
2a06:98c1:3121::3
35.241.186.140
40.114.178.124
54.78.186.219
007aa9f06b9d1607f994987f16d1c701727c2e24ab10b5c37b531e1902c217e0
0d48975b5e09b20b8d7795052820c17a1169303170ba16e9cc405add13d28b24
13d16753e223a8db554602b0b4db715eaf883696c4ba982007404456217b285b
1457925150992ddbb523a5bb1bf16a7ab9743bd16286fb4f7d4c033fc958e5ae
1488eba9470cae06ffea39cde795b5beb66dec4872db0bf9073be9c65e7ea136
213656231faaf82363ce4b9c17c484d2a1743c9b5ff27cdf0e99874aee0de8fa
245818b22d1ec4892fcb722437e32888e97f63a0316bd22aaf9f44cde01f4c91
282a91f39aa41aafd3e90e64cf3a600f806e1a019f9075acc75f42dd475d1d0c
46398f6374e7f7afd4384087d40fc17b640714a90fb7267aeb8b4ebb60cc7df1
54e5e667d74e28275add58f598f5fec4496ff5ec52713f4dd6bad2390c0b8a68
73c2fa30a5d4830ef236d62a151f413c87a403feda3d4411392915a12eb9860a
7cc3cef132accc5758604f9b2166ce79f85b3fffc6a5881c02f7b7241e2f1cd4
9f2d74714222ea2d8e64bdbebdc73575e05e86b800ae857d80de0e7898b60603
a11523d8d9b247faab200bd3d51688352418c17341cf2da98db5beb8c1742cc7
a96cfe81466548c7abfec29515f4b5e5ce13eb5e639911bbe2f73fcca9dad601
af69651dc18397489c0368757113922834a5626b2ae54cf9e750e0f4756c3ed9
b9d35eabc5aa6c5a38e228d2e68cfbfadb1b0f6ea310de54e6d369b8fe82b3dc
b9f1cec7e3ff2dcc40d78aa2d5dcdc602d622e7700f4fafc04fae3b108220f6a
ce65ed2c88527fab5c95d51f2bedccab4dde22a3e7395d9ca11cf20557134212
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
e950c2193f4f8e1a8e76c1b99b76868cdfd96f3665a07346137a9b694752876a
f6feee1ba452536b2959447d5996ddc72329ce138594081c81bc422873341689