www.abnamro.nl-mijnabnamro-klantenservice.portalklanten-nl.website
Open in
urlscan Pro
199.188.200.216
Malicious Activity!
Public Scan
Submission: On May 18 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 18th 2020. Valid for: a year.
This is the only time www.abnamro.nl-mijnabnamro-klantenservice.portalklanten-nl.website was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ABN Amro (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 199.188.200.216 199.188.200.216 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 | 54.77.20.174 54.77.20.174 | 16509 (AMAZON-02) (AMAZON-02) | |
5 | 3 |
ASN22612 (NAMECHEAP-NET, US)
PTR: server267-1.web-hosting.com
www.abnamro.nl-mijnabnamro-klantenservice.portalklanten-nl.website |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-20-174.eu-west-1.compute.amazonaws.com
w.usabilla.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
1 |
usabilla.com
w.usabilla.com |
14 KB |
1 |
portalklanten-nl.website
www.abnamro.nl-mijnabnamro-klantenservice.portalklanten-nl.website |
468 KB |
0 |
abnamro.nl
Failed
www.abnamro.nl Failed |
|
5 | 3 |
Domain | Requested by | |
---|---|---|
1 | w.usabilla.com |
srcdoc
|
1 | www.abnamro.nl-mijnabnamro-klantenservice.portalklanten-nl.website | |
0 | www.abnamro.nl Failed |
www.abnamro.nl-mijnabnamro-klantenservice.portalklanten-nl.website
|
5 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.abnamro.nl |
Subject Issuer | Validity | Valid | |
---|---|---|---|
abnamro.nl-mijnabnamro-klantenservice.portalklanten-nl.website Sectigo RSA Domain Validation Secure Server CA |
2020-05-18 - 2021-05-18 |
a year | crt.sh |
w.usabilla.com Amazon |
2020-04-10 - 2021-05-10 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.abnamro.nl-mijnabnamro-klantenservice.portalklanten-nl.website/
Frame ID: CEE406E0688FC29766E07DB7B1F205DA
Requests: 15 HTTP requests in this frame
Frame:
https://w.usabilla.com/3fdfb3d605e5.js?lv=1
Frame ID: 57A4107C51730C39B863F86526DDB3C5
Requests: 1 HTTP requests in this frame
Frame:
data://truncated
Frame ID: 0ADDF852173FF228B3F55CAB70C5D152
Requests: 1 HTTP requests in this frame
Frame:
data://truncated
Frame ID: B03B9F23119B95EE69B63D9EB82A48C5
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Tealium (Advertising Networks) Expand
Detected patterns
- script /^(?:https?:)?\/\/tags\.tiqcdn\.com\//i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Title: ABNAMRO.nl
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: EN
Search URL Search Domain Scan URL
Title: Over ABN AMRO
Search URL Search Domain Scan URL
Title: Toegankelijkheid
Search URL Search Domain Scan URL
Title: Duurzaamheid
Search URL Search Domain Scan URL
Title: Veiligheid
Search URL Search Domain Scan URL
Title: Privacy en cookies
Search URL Search Domain Scan URL
Title: Disclaimer
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.abnamro.nl-mijnabnamro-klantenservice.portalklanten-nl.website/ |
1 MB 468 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
roboto-regular.woff2
www.abnamro.nl/nl/widgetdelivery/unauthenticated/oca/style/css/themes/abnamro/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
roboto-bold.woff2
www.abnamro.nl/nl/widgetdelivery/unauthenticated/oca/style/css/themes/abnamro/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
roboto-condensed-regular.woff2
www.abnamro.nl/nl/widgetdelivery/unauthenticated/oca/style/css/themes/abnamro/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
66 KB 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
91 KB 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
66 KB 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
117 KB 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
15 KB 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
21 KB 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
160 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
319 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
413 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3fdfb3d605e5.js
w.usabilla.com/ Frame 57A4 |
54 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 0ADD |
6 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame B03B |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.abnamro.nl
- URL
- https://www.abnamro.nl/nl/widgetdelivery/unauthenticated/oca/style/css/themes/abnamro/fonts/roboto-regular.woff2
- Domain
- www.abnamro.nl
- URL
- https://www.abnamro.nl/nl/widgetdelivery/unauthenticated/oca/style/css/themes/abnamro/fonts/roboto-bold.woff2
- Domain
- www.abnamro.nl
- URL
- https://www.abnamro.nl/nl/widgetdelivery/unauthenticated/oca/style/css/themes/abnamro/fonts/roboto-condensed-regular.woff2
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ABN Amro (Banking)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| savepage_ShadowLoader0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
w.usabilla.com
www.abnamro.nl
www.abnamro.nl-mijnabnamro-klantenservice.portalklanten-nl.website
www.abnamro.nl
199.188.200.216
54.77.20.174
04f193d53943327ad065c836558a359f1a8db263ef444613af904210c35d08f4
1bf77a41beab12c2a0df2e92afabd6ab8c6cbd5d8e112a9d5b0280bb42f4d91d
2826a167c38ca84f1bd4ceaf548d08dea0a5ad559b75afc4b197bab64f5b4ad7
293680a5c9b05ee7c9c775597a78a96e2326217111b9d8d46689349877dc497c
3e7fc5be0d5df2cd0511e61fadb347c31c9be32bf1c852fdbcc8b05f92750b51
44ad606492c593adb173cd8d728fdd5c1ef2971196c18afe58bb8f57851bb580
4aab039eca72b7cad9388164b6d9b6402de36b6fe1d1cd0a38eaa8aa89ecccc9
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
621f18fe641d405022bf6db951d83e3614ebae5feb03a94c18e1a54e9f2d3a73
979a47f2e9f7c3c0c347d06566aacb659d75db72f0837c3d72d517a90cade48e
c2559eef0e26286d8efb79b0573c0ea35c25b2b05e3732fbaf70dd4a35c25ecf
cc415517aa38b6486894686f9bc8d977f4759c424787c820b2d7e8de8efe286e
e97032f548bc46824ada494dea255f9a926eb16d3232d46ae7a5a3b739e8d542
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d7c09c1e402abcb3280abeccea1b9389a02c61ceaacf30442f00ad04555889