ergotherapiehanne.be
Open in
urlscan Pro
2a00:f10:305:0:1c00:16ff:fe00:50d
Malicious Activity!
Public Scan
URL:
http://ergotherapiehanne.be/AA/ocnmails1-0.html
Submission: On April 02 via automatic, source openphish
Submission: On April 02 via automatic, source openphish
Summary
This website contacted 3 IPs
in 2 countries
across 2 domains to perform 28 HTTP transactions.
The main IP is 2a00:f10:305:0:1c00:16ff:fe00:50d, located in
Netherlands and
belongs to ASTRALUS, NL.
The main domain is ergotherapiehanne.be.
This is the only time ergotherapiehanne.be was scanned on urlscan.io!
This is the only time ergotherapiehanne.be was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: OCN (Telecommunication)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 12 | 2a00:f10:305:... 2a00:f10:305:0:1c00:16ff:fe00:50d | 48635 (ASTRALUS) (ASTRALUS) | |
| 14 | 118.23.186.14 118.23.186.14 | 4713 (OCN NTT C...) (OCN NTT Communications Corporation) | |
| 2 | 91.235.134.29 91.235.134.29 | 30286 (THM) (THM - ThreatMetrix Inc.) | |
| 28 | 3 |
14
118.23.186.14
(Japan)
ASN4713 (OCN NTT Communications Corporation, JP)
PTR: login.ocn.ne.jp
ASN4713 (OCN NTT Communications Corporation, JP)
PTR: login.ocn.ne.jp
| login.ocn.ne.jp |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 16 |
ocn.ne.jp
login.ocn.ne.jp sec.login.ocn.ne.jp |
20 KB |
| 12 |
ergotherapiehanne.be
ergotherapiehanne.be |
10 KB |
| 28 | 2 |
| Domain | Requested by | |
|---|---|---|
| 14 | login.ocn.ne.jp |
ergotherapiehanne.be
|
| 12 | ergotherapiehanne.be |
ergotherapiehanne.be
|
| 2 | sec.login.ocn.ne.jp |
ergotherapiehanne.be
|
| 28 | 3 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.ocn.ne.jp |
| www.ntt.com |
| support.ntt.com |
| login.ocn.ne.jp |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| login.ocn.ne.jp DigiCert SHA2 Extended Validation Server CA |
2018-12-04 - 2020-02-24 |
a year | crt.sh |
| sec.login.ocn.ne.jp DigiCert SHA2 Extended Validation Server CA |
2019-01-24 - 2020-02-08 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
http://ergotherapiehanne.be/AA/ocnmails1-0.html
Frame ID: 0341B484DBDAEA5F23F91C04A907317B
Requests: 27 HTTP requests in this frame
Frame:
http://ergotherapiehanne.be/AA/OCN%20MAIL_files/HP.html
Frame ID: D0B4C69CDA5637A7880301DB436BA152
Requests: 1 HTTP requests in this frame
11 Outgoing links
These are links going to different origins than the main page.
URL: http://www.ocn.ne.jp/
Title: OCNトップ
Title: OCNトップ
Search URL Search Domain Scan URL
URL: http://www.ntt.com/personal/services/option/mail/ocnmail.html
Search URL Search Domain Scan URL
URL: http://support.ntt.com/auth/faq/detail/pid2300000dqy
Title: ?
Title: ?
Search URL Search Domain Scan URL
URL: https://login.ocn.ne.jp/auth/PWReset/pc/PWResetDisplay.action
Title: メールアドレス・パスワードをお忘れの方
Title: メールアドレス・パスワードをお忘れの方
Search URL Search Domain Scan URL
URL: https://login.ocn.ne.jp/auth/PWUpdate/pc/PWUpdateDisplay.action
Title: パスワード変更
Title: パスワード変更
Search URL Search Domain Scan URL
URL: http://support.ntt.com/auth/faq/search
Title: よくあるご質問
Title: よくあるご質問
Search URL Search Domain Scan URL
URL: http://www.ntt.com/
Search URL Search Domain Scan URL
URL: http://www.ntt.com/content/dam/nttcom/hq/jp/about-us/disclosure/tariff/pdf/c093.pdf
Title: 利用規約
Title: 利用規約
Search URL Search Domain Scan URL
URL: http://www.ocn.ne.jp/privacy-policy/
Title: プライバシーポリシー
Title: プライバシーポリシー
Search URL Search Domain Scan URL
URL: http://www.ntt.com/copyright/
Title: © NTT Communications Corporation All Rights Reserved.
Title: © NTT Communications Corporation All Rights Reserved.
Search URL Search Domain Scan URL
URL: http://www.ntt.com/en/copyright/
Title: © NTT Communications Corporation All Rights Reserved.
Title: © NTT Communications Corporation All Rights Reserved.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
ocnmails1-0.html
ergotherapiehanne.be/AA/ |
9 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style_en.css
login.ocn.ne.jp/auth/s1001/pc/common/css/ |
10 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
analytics.js
ergotherapiehanne.be/AA/OCN%20MAIL_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gtm_002.js
ergotherapiehanne.be/AA/OCN%20MAIL_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.js
ergotherapiehanne.be/AA/OCN%20MAIL_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery_002.js
login.ocn.ne.jp/auth/s1001/pc/common/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
css.js
login.ocn.ne.jp/auth/s1001/pc/common/js/ |
6 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mjl.js
login.ocn.ne.jp/auth/s1001/pc/common/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
run.js
login.ocn.ne.jp/auth/s1001/pc/common/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
timewait.js
login.ocn.ne.jp/auth/s1001/pc/common/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tags.js
sec.login.ocn.ne.jp/fp/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo_001.gif
login.ocn.ne.jp/auth/s1001/pc/common/images/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo_nttcommunications_001.gif
login.ocn.ne.jp/auth/s1001/pc/common/images/ |
920 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
css.js
login.ocn.ne.jp/auth/s1001/pc/common/css/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ocnid_navi.js
ergotherapiehanne.be/AA/OCN%20MAIL_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
visionalist.js
ergotherapiehanne.be/AA/OCN%20MAIL_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Trace.gif
ergotherapiehanne.be/AA/OCN%20MAIL_files/ |
0 194 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gtm.js
ergotherapiehanne.be/AA/OCN%20MAIL_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery_002.js
login.ocn.ne.jp/auth/s1001/pc/common/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mjl.js
login.ocn.ne.jp/auth/s1001/pc/common/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
run.js
login.ocn.ne.jp/auth/s1001/pc/common/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
timewait.js
login.ocn.ne.jp/auth/s1001/pc/common/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tags.js
sec.login.ocn.ne.jp/fp/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
css.js
login.ocn.ne.jp/auth/s1001/pc/common/css/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ocnid_navi.js
ergotherapiehanne.be/AA/OCN%20MAIL_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
visionalist.js
ergotherapiehanne.be/AA/OCN%20MAIL_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gtm.js
ergotherapiehanne.be/AA/OCN%20MAIL_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
HP.html
ergotherapiehanne.be/AA/OCN%20MAIL_files/ Frame D0B4 |
0 194 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: OCN (Telecommunication)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| mode_en function| mode_ja function| detect_browser function| detect_language function| styleChange string| VLTrace_custom_getparam object| dataLayer0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ergotherapiehanne.be
login.ocn.ne.jp
sec.login.ocn.ne.jp
118.23.186.14
2a00:f10:305:0:1c00:16ff:fe00:50d
91.235.134.29
0151f02cf403f0e303883df9204d45742d2b0200320289c53e79c61d0e548f6f
b5c966b8b7bb9905ee9e8d9fa6ca91ea1ab30cfc4e97900eeed5a305ecca360f
b675bafe177ded43cb9b977885eb52781d47208d86d293d2785e8935ff375ac3
cedb368eeaae7d060a30c807eccb3c2aad358c781fa7c54e3bbe1c64e516628c
cfe62bca36872c9f754772271aef9c6bc2011ba0ed764e467159c3b5433eaf62
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855