vgz.nl.8lbmrsarim91uv.ga
Open in
urlscan Pro
47.254.133.229
Malicious Activity!
Public Scan
Effective URL: https://vgz.nl.8lbmrsarim91uv.ga/
Submission: On February 25 via api from BE
Summary
TLS certificate: Issued by R3 on February 25th 2021. Valid for: 3 months.
This is the only time vgz.nl.8lbmrsarim91uv.ga was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Coƶperatie VGZ (Healthcare)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2402:ee80:59:... 2402:ee80:59:2::136 | 132647 (IDNIC-PAN...) (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia) | |
11 | 47.254.133.229 47.254.133.229 | 45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.) | |
1 | 2606:4700::68... 2606:4700::6810:125e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2620:0:862:ed... 2620:0:862:ed1a::2:b | 14907 (WIKIMEDIA) (WIKIMEDIA) | |
13 | 3 |
ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID)
s.id |
ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
vgz.nl.8lbmrsarim91uv.ga |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
8lbmrsarim91uv.ga
vgz.nl.8lbmrsarim91uv.ga |
193 KB |
1 |
wikimedia.org
upload.wikimedia.org |
5 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com |
30 KB |
1 |
s.id
1 redirects
s.id |
746 B |
13 | 4 |
Domain | Requested by | |
---|---|---|
11 | vgz.nl.8lbmrsarim91uv.ga |
vgz.nl.8lbmrsarim91uv.ga
|
1 | upload.wikimedia.org |
vgz.nl.8lbmrsarim91uv.ga
|
1 | cdnjs.cloudflare.com |
vgz.nl.8lbmrsarim91uv.ga
|
1 | s.id | 1 redirects |
13 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
vgz.nl.8lbmrsarim91uv.ga R3 |
2021-02-25 - 2021-05-26 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-21 - 2021-10-20 |
a year | crt.sh |
*.wikipedia.org DigiCert SHA2 High Assurance Server CA |
2020-11-09 - 2021-11-16 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://vgz.nl.8lbmrsarim91uv.ga/
Frame ID: 5EEB0C56FE9F9FB67589781D16C00E0A
Requests: 13 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://s.id/VGZ50k
HTTP 301
https://vgz.nl.8lbmrsarim91uv.ga/ Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://s.id/VGZ50k
HTTP 301
https://vgz.nl.8lbmrsarim91uv.ga/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
vgz.nl.8lbmrsarim91uv.ga/ Redirect Chain
|
26 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
menu.png
vgz.nl.8lbmrsarim91uv.ga/ |
862 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
vgz.nl.8lbmrsarim91uv.ga/ |
10 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
profile.png
vgz.nl.8lbmrsarim91uv.ga/ |
904 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow-right.png
vgz.nl.8lbmrsarim91uv.ga/ |
327 B 617 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loader.gif
vgz.nl.8lbmrsarim91uv.ga/ |
88 KB 89 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.png
vgz.nl.8lbmrsarim91uv.ga/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
socials.png
vgz.nl.8lbmrsarim91uv.ga/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.8.0/ |
90 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roboto.woff2
vgz.nl.8lbmrsarim91uv.ga/ |
15 KB 16 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1280px-Arrow-down.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/9/9d/Arrow-down.svg/ |
5 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icons.woff2
vgz.nl.8lbmrsarim91uv.ga/ |
32 KB 32 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
semibold.woff2
vgz.nl.8lbmrsarim91uv.ga/ |
20 KB 21 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Coƶperatie VGZ (Healthcare)24 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| change_text function| change_text2 function| redirect function| show_checkmark1 function| show_checkmark2 function| show_checkmark3 function| show_line1 function| show_line2 function| show_line3 function| reload function| name_change number| custom_amount object| jQuery18007135150540172230 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
s.id
upload.wikimedia.org
vgz.nl.8lbmrsarim91uv.ga
2402:ee80:59:2::136
2606:4700::6810:125e
2620:0:862:ed1a::2:b
47.254.133.229
232d719aa07791802a62d1b8527923a53ef6d3ea68a74d3f701dc3d23f429b10
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
4bbcfd75de2a145199e251ecb59235f0269791028fd6cec74eb71f32a1308433
647bbde56752f49ede35b708c802c33a3fb91e98346af9529d30752c3a08473d
68c3d4df37d235c1f7f020402d611c6d28f711e4236169239d4b21b89386dbd6
81aa14acb204f43ed49a42e940da4f96b9fb62fd83d6eaa8f5c98fcba7222003
831821c9649cfd9c82777ce0486ea08d645e546906eac9c722de260512025894
8dec85af7987accb4dad9ae72aa3cde5e0101ce0f20b86b3321f19806c432c7c
90be667cb3682a4ed4762264bc1aef8623ec0ef5e012a6417b6d497b84f70b3a
97341d5b3f7a2e500b7ffb5588d90f22eeb5e622134bb978f691bad16e24ad3a
cba734b0f34bca62058a244714e936a41be05a92e24d6852ce58cfa2228a8e7a
d73e2e1bff9c55b85284ff287cb20dc29ad9165ec09091a0597b61199f330805
ee98eb68435da5039a853f76a8069134584a3ec67c4ba1c29aad1ce35470c489