dh-btlnet.xyz Open in urlscan Pro
80.66.64.62  Malicious Activity! Public Scan

16 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ bneizndse.icu/	0 140 B	99ms 26ms	Document text/html	185.223.31.112 COMBAHTON combaht...
General Check archive.org Show headers Download Go to Full URL https://bneizndse.icu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.223.31.112 , Germany, ASN30823 (COMBAHTON combahton GmbH, DE), Reverse DNS plesk11.zap-webspace.com Software nginx / PHP/8.1.6 PleskLin Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-length 0 content-type text/html; charset=UTF-8 date Sat, 04 Jun 2022 15:02:23 GMT refresh 0;url=https://dh-btlnet.xyz/be/index.html server nginx x-powered-by PHP/8.1.6 PleskLin
GET H/1.1	200 OK	Primary Request index.html Show response dh-btlnet.xyz/be/	10 KB 3 KB	1412ms 159ms	Document text/html	80.66.64.62 SANNIKOV
General Check archive.org Show headers Download Go to Full URL https://dh-btlnet.xyz/be/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.66.64.62 Istanbul, Turkey, ASN57416 (SANNIKOV, RU), Reverse DNS home-4426.dabpoint.com Software Apache/2.4.18 (Ubuntu) / Resource Hash 267b12d3331586114d4683d66c01d1c24dcb1ecea0711d7da2497a24d845f1e8 Request headers Referer https://bneizndse.icu/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Encoding gzip Content-Length 2925 Content-Type text/html Date Sat, 04 Jun 2022 15:02:24 GMT ETag "28f6-5e09af0238b80-gzip" Keep-Alive timeout=5, max=100 Last-Modified Sat, 04 Jun 2022 08:22:22 GMT Server Apache/2.4.18 (Ubuntu) Vary Accept-Encoding
GET H/1.1	200 OK	css dh-btlnet.xyz/be/CSAM_files/	5 KB 5 KB	158ms 157ms	Stylesheet text/plain	80.66.64.62 SANNIKOV
General Check archive.org Show headers Download Go to Full URL https://dh-btlnet.xyz/be/CSAM_files/css Requested by Host: dh-btlnet.xyz URL: https://dh-btlnet.xyz/be/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.66.64.62 Istanbul, Turkey, ASN57416 (SANNIKOV, RU), Reverse DNS home-4426.dabpoint.com Software Apache/2.4.18 (Ubuntu) / Resource Hash 5f2e43b0385f0a4cbbdfc5225b9d3abebcfa0390fffdf424064ef61783e0822e Request headers accept-language de-DE,de;q=0.9 Referer https://dh-btlnet.xyz/be/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Sat, 04 Jun 2022 15:02:24 GMT Last-Modified Fri, 15 May 2020 22:48:40 GMT Server Apache/2.4.18 (Ubuntu) ETag "1208-5a5b79d49a200" Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 4616
GET H/1.1	200 OK	mmenu.css dh-btlnet.xyz/be/CSAM_files/	47 KB 7 KB	162ms 161ms	Stylesheet text/css	80.66.64.62 SANNIKOV
General Check archive.org Show headers Download Go to Full URL https://dh-btlnet.xyz/be/CSAM_files/mmenu.css Requested by Host: dh-btlnet.xyz URL: https://dh-btlnet.xyz/be/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.66.64.62 Istanbul, Turkey, ASN57416 (SANNIKOV, RU), Reverse DNS home-4426.dabpoint.com Software Apache/2.4.18 (Ubuntu) / Resource Hash f0e44d3d60c12b0b1ecaa625a389aa51ef04a1669cad832350a10017a8ae995d Request headers accept-language de-DE,de;q=0.9 Referer https://dh-btlnet.xyz/be/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Sat, 04 Jun 2022 15:02:24 GMT Content-Encoding gzip Last-Modified Fri, 15 May 2020 22:48:40 GMT Server Apache/2.4.18 (Ubuntu) ETag "bda3-5a5b79d49a200-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 6693
GET H/1.1	200 OK	font-awesome.min.css dh-btlnet.xyz/be/CSAM_files/	23 KB 6 KB	316ms 158ms	Stylesheet text/css	80.66.64.62 SANNIKOV
General Check archive.org Show headers Download Go to Full URL https://dh-btlnet.xyz/be/CSAM_files/font-awesome.min.css Requested by Host: dh-btlnet.xyz URL: https://dh-btlnet.xyz/be/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.66.64.62 Istanbul, Turkey, ASN57416 (SANNIKOV, RU), Reverse DNS home-4426.dabpoint.com Software Apache/2.4.18 (Ubuntu) / Resource Hash 541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd Request headers accept-language de-DE,de;q=0.9 Referer https://dh-btlnet.xyz/be/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Sat, 04 Jun 2022 15:02:24 GMT Content-Encoding gzip Last-Modified Fri, 15 May 2020 22:48:40 GMT Server Apache/2.4.18 (Ubuntu) ETag "5cbb-5a5b79d49a200-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 5443
GET H/1.1	200 OK	master.css dh-btlnet.xyz/be/CSAM_files/	18 KB 4 KB	323ms 160ms	Stylesheet text/css	80.66.64.62 SANNIKOV
General Check archive.org Show headers Download Go to Full URL https://dh-btlnet.xyz/be/CSAM_files/master.css Requested by Host: dh-btlnet.xyz URL: https://dh-btlnet.xyz/be/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.66.64.62 Istanbul, Turkey, ASN57416 (SANNIKOV, RU), Reverse DNS home-4426.dabpoint.com Software Apache/2.4.18 (Ubuntu) / Resource Hash 09d7f3b331b3de2846eeda054348a0e7110e0c242d1b0828f54562296b33f747 Request headers accept-language de-DE,de;q=0.9 Referer https://dh-btlnet.xyz/be/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Sat, 04 Jun 2022 15:02:24 GMT Content-Encoding gzip Last-Modified Fri, 15 May 2020 22:48:40 GMT Server Apache/2.4.18 (Ubuntu) ETag "4976-5a5b79d49a200-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 3832
GET H/1.1	200 OK	logo-be.png dh-btlnet.xyz/be/CSAM_files/	1 KB 2 KB	161ms 159ms	Image image/png	80.66.64.62 SANNIKOV
General Check archive.org Show headers Download Go to Show image Full URL https://dh-btlnet.xyz/be/CSAM_files/logo-be.png Requested by Host: dh-btlnet.xyz URL: https://dh-btlnet.xyz/be/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.66.64.62 Istanbul, Turkey, ASN57416 (SANNIKOV, RU), Reverse DNS home-4426.dabpoint.com Software Apache/2.4.18 (Ubuntu) / Resource Hash 228d57e0f824aa812d5e7314a1408907c74a7043eb64f7b63395bacc00c06233 Request headers accept-language de-DE,de;q=0.9 Referer https://dh-btlnet.xyz/be/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Sat, 04 Jun 2022 15:02:24 GMT Last-Modified Fri, 15 May 2020 22:48:40 GMT Server Apache/2.4.18 (Ubuntu) ETag "552-5a5b79d49a200" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1362
GET H2	403	png-clipart-dhl-express-dhl-global-forwarding-logistics-freight-forwarding-agency-chief-executive-others-miscellaneous-company-thumbnail.png e7.pngegg.com/pngimages/128/300/	0 0	54ms 24ms	Image text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://e7.pngegg.com/pngimages/128/300/png-clipart-dhl-express-dhl-global-forwarding-logistics-freight-forwarding-agency-chief-executive-others-miscellaneous-company-thumbnail.png Requested by Host: dh-btlnet.xyz URL: https://dh-btlnet.xyz/be/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://dh-btlnet.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers
GET H/1.1	200 OK	Belfius%20logo%202012%20stacked.png dh-btlnet.xyz/be/CSAM_files/	13 KB 13 KB	158ms 157ms	Image image/png	80.66.64.62 SANNIKOV
General Check archive.org Show headers Download Go to Show image Full URL https://dh-btlnet.xyz/be/CSAM_files/Belfius%20logo%202012%20stacked.png Requested by Host: dh-btlnet.xyz URL: https://dh-btlnet.xyz/be/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.66.64.62 Istanbul, Turkey, ASN57416 (SANNIKOV, RU), Reverse DNS home-4426.dabpoint.com Software Apache/2.4.18 (Ubuntu) / Resource Hash a8fca6c0b7ed04de5ced6976b61be6cf79e4433257267abc1b0f5df8893a2cd0 Request headers accept-language de-DE,de;q=0.9 Referer https://dh-btlnet.xyz/be/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Sat, 04 Jun 2022 15:02:24 GMT Last-Modified Fri, 15 May 2020 22:48:40 GMT Server Apache/2.4.18 (Ubuntu) ETag "345a-5a5b79d49a200" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 13402
GET H/1.1	200 OK	303px-KBC_Logo.svg.png dh-btlnet.xyz/be/CSAM_files/	8 KB 9 KB	163ms 162ms	Image image/png	80.66.64.62 SANNIKOV
General Check archive.org Show headers Download Go to Show image Full URL https://dh-btlnet.xyz/be/CSAM_files/303px-KBC_Logo.svg.png Requested by Host: dh-btlnet.xyz URL: https://dh-btlnet.xyz/be/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.66.64.62 Istanbul, Turkey, ASN57416 (SANNIKOV, RU), Reverse DNS home-4426.dabpoint.com Software Apache/2.4.18 (Ubuntu) / Resource Hash 657231dd849913d013b47217800b7f2100976e02a379daab3d1d9b522dd8a449 Request headers accept-language de-DE,de;q=0.9 Referer https://dh-btlnet.xyz/be/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Sat, 04 Jun 2022 15:02:24 GMT Last-Modified Fri, 15 May 2020 22:48:40 GMT Server Apache/2.4.18 (Ubuntu) ETag "2151-5a5b79d49a200" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 8529
GET H/1.1	200 OK	266px-AXA_Logo.svg.png dh-btlnet.xyz/be/CSAM_files/	9 KB 10 KB	510ms 170ms	Image image/png	80.66.64.62 SANNIKOV
General Check archive.org Show headers Download Go to Show image Full URL https://dh-btlnet.xyz/be/CSAM_files/266px-AXA_Logo.svg.png Requested by Host: dh-btlnet.xyz URL: https://dh-btlnet.xyz/be/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.66.64.62 Istanbul, Turkey, ASN57416 (SANNIKOV, RU), Reverse DNS home-4426.dabpoint.com Software Apache/2.4.18 (Ubuntu) / Resource Hash 63b4f381fe73f81a33ee0ceab087bbe1f9e2c70b7657e8e5b55eb33e3e5ec568 Request headers accept-language de-DE,de;q=0.9 Referer https://dh-btlnet.xyz/be/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Sat, 04 Jun 2022 15:02:25 GMT Last-Modified Fri, 15 May 2020 22:48:40 GMT Server Apache/2.4.18 (Ubuntu) ETag "25b4-5a5b79d49a200" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 9652
GET H/1.1	200 OK	Z7GJVM4p.jpg dh-btlnet.xyz/be/CSAM_files/	12 KB 12 KB	481ms 168ms	Image image/jpeg	80.66.64.62 SANNIKOV
General Check archive.org Show headers Download Go to Show image Full URL https://dh-btlnet.xyz/be/CSAM_files/Z7GJVM4p.jpg Requested by Host: dh-btlnet.xyz URL: https://dh-btlnet.xyz/be/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.66.64.62 Istanbul, Turkey, ASN57416 (SANNIKOV, RU), Reverse DNS home-4426.dabpoint.com Software Apache/2.4.18 (Ubuntu) / Resource Hash 3b284bb8019b8db0bf0515a31238ee2314eab0683acbccc2a8d06d40ee0e7003 Request headers accept-language de-DE,de;q=0.9 Referer https://dh-btlnet.xyz/be/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Sat, 04 Jun 2022 15:02:25 GMT Last-Modified Fri, 15 May 2020 22:48:40 GMT Server Apache/2.4.18 (Ubuntu) ETag "300e-5a5b79d49a200" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 12302
GET H/1.1	200 OK	ing_logo_sq.jpg dh-btlnet.xyz/be/CSAM_files/	34 KB 34 KB	301ms 162ms	Image image/jpeg	80.66.64.62 SANNIKOV
General Check archive.org Show headers Download Go to Show image Full URL https://dh-btlnet.xyz/be/CSAM_files/ing_logo_sq.jpg Requested by Host: dh-btlnet.xyz URL: https://dh-btlnet.xyz/be/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.66.64.62 Istanbul, Turkey, ASN57416 (SANNIKOV, RU), Reverse DNS home-4426.dabpoint.com Software Apache/2.4.18 (Ubuntu) / Resource Hash 65d8f44a8cb66acc1e58127c7360f3507f0363c93917575f57fe3aca88a1777f Request headers accept-language de-DE,de;q=0.9 Referer https://dh-btlnet.xyz/be/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Sat, 04 Jun 2022 15:02:25 GMT Last-Modified Fri, 15 May 2020 22:48:40 GMT Server Apache/2.4.18 (Ubuntu) ETag "886d-5a5b79d49a200" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 34925
GET H/1.1	200 OK	20131119210819_1_Crelan-Bank-logo-300px.png dh-btlnet.xyz/be/CSAM_files/	37 KB 37 KB	457ms 160ms	Image image/png	80.66.64.62 SANNIKOV
General Check archive.org Show headers Download Go to Show image Full URL https://dh-btlnet.xyz/be/CSAM_files/20131119210819_1_Crelan-Bank-logo-300px.png Requested by Host: dh-btlnet.xyz URL: https://dh-btlnet.xyz/be/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.66.64.62 Istanbul, Turkey, ASN57416 (SANNIKOV, RU), Reverse DNS home-4426.dabpoint.com Software Apache/2.4.18 (Ubuntu) / Resource Hash 071dcb9cb3fba66a88f7cc4d58bc0db50c24a8d696ab02ff3452b28d29e47ee1 Request headers accept-language de-DE,de;q=0.9 Referer https://dh-btlnet.xyz/be/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Sat, 04 Jun 2022 15:02:25 GMT Last-Modified Fri, 15 May 2020 22:48:40 GMT Server Apache/2.4.18 (Ubuntu) ETag "92c9-5a5b79d49a200" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 37577
GET H/1.1	200 OK	unnamed.png dh-btlnet.xyz/be/CSAM_files/	15 KB 15 KB	296ms 160ms	Image image/png	80.66.64.62 SANNIKOV
General Check archive.org Show headers Download Go to Show image Full URL https://dh-btlnet.xyz/be/CSAM_files/unnamed.png Requested by Host: dh-btlnet.xyz URL: https://dh-btlnet.xyz/be/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.66.64.62 Istanbul, Turkey, ASN57416 (SANNIKOV, RU), Reverse DNS home-4426.dabpoint.com Software Apache/2.4.18 (Ubuntu) / Resource Hash 451cadcfc88ac4645079e3cb33e388589c164df7c7e25974c599b3956f0a54f6 Request headers accept-language de-DE,de;q=0.9 Referer https://dh-btlnet.xyz/be/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Sat, 04 Jun 2022 15:02:25 GMT Last-Modified Fri, 15 May 2020 22:48:40 GMT Server Apache/2.4.18 (Ubuntu) ETag "3c30-5a5b79d49a200" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 15408
GET H/1.1	200 OK	unnamed(1).png dh-btlnet.xyz/be/CSAM_files/	119 KB 120 KB	311ms 164ms	Image image/png	80.66.64.62 SANNIKOV
General Check archive.org Show headers Download Go to Show image Full URL https://dh-btlnet.xyz/be/CSAM_files/unnamed(1).png Requested by Host: dh-btlnet.xyz URL: https://dh-btlnet.xyz/be/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.66.64.62 Istanbul, Turkey, ASN57416 (SANNIKOV, RU), Reverse DNS home-4426.dabpoint.com Software Apache/2.4.18 (Ubuntu) / Resource Hash cdf6bda14c2bd91fd53897d192e43e7b8227a6d997875b6103ad70ab773b9d6f Request headers accept-language de-DE,de;q=0.9 Referer https://dh-btlnet.xyz/be/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Sat, 04 Jun 2022 15:02:25 GMT Last-Modified Fri, 15 May 2020 22:48:40 GMT Server Apache/2.4.18 (Ubuntu) ETag "1dd92-5a5b79d49a200" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 122258
GET H2	200	Oorgagouy1L60iefnD4AjacHF2cXKQBiRvkzAvndGqH67-447XECxrgnJBsPw6J-TA play-lh.googleusercontent.com/	27 KB 27 KB	79ms 28ms	Image image/png	2a00:1450:4001:813::2016 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/Oorgagouy1L60iefnD4AjacHF2cXKQBiRvkzAvndGqH67-447XECxrgnJBsPw6J-TA Requested by Host: dh-btlnet.xyz URL: https://dh-btlnet.xyz/be/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 9bdf2b71b714fc6cb098b356dc279f25debcf6f2751f57500f0f0795d11db7eb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dh-btlnet.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sat, 04 Jun 2022 15:02:24 GMT x-content-type-options nosniff age 0 content-disposition inline;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27325 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Tue, 31 May 2022 12:35:13 GMT
GET		jquery-1.11.3.min.js csam.localhost/js/	0 0
GET		mmenu.polyfills.js csam.localhost/js/	0 0
GET		mmenu.js csam.localhost/js/	0 0
GET		match-height.js csam.localhost/js/	0 0
GET		master.js csam.localhost/js/	0 0
GET H/1.1	200 OK	print.css dh-btlnet.xyz/be/CSAM_files/	786 B 694 B	168ms 168ms	Stylesheet text/css	80.66.64.62 SANNIKOV
General Check archive.org Show headers Download Go to Full URL https://dh-btlnet.xyz/be/CSAM_files/print.css Requested by Host: dh-btlnet.xyz URL: https://dh-btlnet.xyz/be/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.66.64.62 Istanbul, Turkey, ASN57416 (SANNIKOV, RU), Reverse DNS home-4426.dabpoint.com Software Apache/2.4.18 (Ubuntu) / Resource Hash 0799c36d1b03608b74039316f495e8364db7e947ae067d7b26d20f74fecd6bae Request headers accept-language de-DE,de;q=0.9 Referer https://dh-btlnet.xyz/be/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Sat, 04 Jun 2022 15:02:25 GMT Content-Encoding gzip Last-Modified Fri, 15 May 2020 22:48:40 GMT Server Apache/2.4.18 (Ubuntu) ETag "312-5a5b79d49a200-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 359
GET H/1.1	404 Not Found	fontawesome-webfont.woff2 dh-btlnet.xyz/be/fonts/	0 0	169ms 165ms	Font text/html	80.66.64.62 SANNIKOV
General Check archive.org Show headers Download Go to Full URL https://dh-btlnet.xyz/be/fonts/fontawesome-webfont.woff2?v=4.3.0 Requested by Host: dh-btlnet.xyz URL: https://dh-btlnet.xyz/be/CSAM_files/font-awesome.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.66.64.62 Istanbul, Turkey, ASN57416 (SANNIKOV, RU), Reverse DNS home-4426.dabpoint.com Software Apache/2.4.18 (Ubuntu) / Resource Hash Request headers Referer https://dh-btlnet.xyz/be/CSAM_files/font-awesome.min.css Origin https://dh-btlnet.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Sat, 04 Jun 2022 15:02:24 GMT Server Apache/2.4.18 (Ubuntu) Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 276 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	circle.png dh-btlnet.xyz/be/CSAM_files/img/puces/	276 B 276 B	531ms 157ms	Image text/html	80.66.64.62 SANNIKOV
General Check archive.org Show headers Download Go to Show image Full URL https://dh-btlnet.xyz/be/CSAM_files/img/puces/circle.png Requested by Host: dh-btlnet.xyz URL: https://dh-btlnet.xyz/be/CSAM_files/master.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.66.64.62 Istanbul, Turkey, ASN57416 (SANNIKOV, RU), Reverse DNS home-4426.dabpoint.com Software Apache/2.4.18 (Ubuntu) / Resource Hash 34c98d5e4f56da9d2ddc38e853a7a7f9fed52584fc52baa363d47347941ee1c1 Request headers accept-language de-DE,de;q=0.9 Referer https://dh-btlnet.xyz/be/CSAM_files/master.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Sat, 04 Jun 2022 15:02:25 GMT Server Apache/2.4.18 (Ubuntu) Connection Keep-Alive Keep-Alive timeout=5, max=95 Content-Length 276 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	fontawesome-webfont.woff dh-btlnet.xyz/be/fonts/	0 0	224ms 156ms	Font text/html	80.66.64.62 SANNIKOV
General Check archive.org Show headers Download Go to Full URL https://dh-btlnet.xyz/be/fonts/fontawesome-webfont.woff?v=4.3.0 Requested by Host: dh-btlnet.xyz URL: https://dh-btlnet.xyz/be/CSAM_files/font-awesome.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.66.64.62 Istanbul, Turkey, ASN57416 (SANNIKOV, RU), Reverse DNS home-4426.dabpoint.com Software Apache/2.4.18 (Ubuntu) / Resource Hash Request headers Referer https://dh-btlnet.xyz/be/CSAM_files/font-awesome.min.css Origin https://dh-btlnet.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Sat, 04 Jun 2022 15:02:25 GMT Server Apache/2.4.18 (Ubuntu) Connection Keep-Alive Keep-Alive timeout=5, max=96 Content-Length 276 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	fontawesome-webfont.ttf dh-btlnet.xyz/be/fonts/	0 0	175ms 162ms	Font text/html	80.66.64.62 SANNIKOV
General Check archive.org Show headers Download Go to Full URL https://dh-btlnet.xyz/be/fonts/fontawesome-webfont.ttf?v=4.3.0 Requested by Host: dh-btlnet.xyz URL: https://dh-btlnet.xyz/be/CSAM_files/font-awesome.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.66.64.62 Istanbul, Turkey, ASN57416 (SANNIKOV, RU), Reverse DNS home-4426.dabpoint.com Software Apache/2.4.18 (Ubuntu) / Resource Hash Request headers Referer https://dh-btlnet.xyz/be/CSAM_files/font-awesome.min.css Origin https://dh-btlnet.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Sat, 04 Jun 2022 15:02:25 GMT Server Apache/2.4.18 (Ubuntu) Connection Keep-Alive Keep-Alive timeout=5, max=98 Content-Length 276 Content-Type text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

csam.localhost

URL

https://csam.localhost/js/jquery-1.11.3.min.js

Domain

csam.localhost

URL

https://csam.localhost/js/mmenu.polyfills.js

Domain

csam.localhost

URL

https://csam.localhost/js/mmenu.js

Domain

csam.localhost

URL

https://csam.localhost/js/match-height.js

Domain

csam.localhost

URL

https://csam.localhost/js/master.js

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Belgian Government (Government)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://e7.pngegg.com/pngimages/128/300/png-clipart-dhl-express-dhl-global-forwarding-logistics-freight-forwarding-agency-chief-executive-others-miscellaneous-company-thumbnail.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://dh-btlnet.xyz/be/fonts/fontawesome-webfont.woff2?v=4.3.0 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://dh-btlnet.xyz/be/fonts/fontawesome-webfont.woff?v=4.3.0 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://dh-btlnet.xyz/be/CSAM_files/img/puces/circle.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://dh-btlnet.xyz/be/fonts/fontawesome-webfont.ttf?v=4.3.0 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bneizndse.icu
csam.localhost
dh-btlnet.xyz
e7.pngegg.com
play-lh.googleusercontent.com
csam.localhost
185.223.31.112
2a00:1450:4001:813::2016
2a06:98c1:3121::3
80.66.64.62
071dcb9cb3fba66a88f7cc4d58bc0db50c24a8d696ab02ff3452b28d29e47ee1
0799c36d1b03608b74039316f495e8364db7e947ae067d7b26d20f74fecd6bae
09d7f3b331b3de2846eeda054348a0e7110e0c242d1b0828f54562296b33f747
228d57e0f824aa812d5e7314a1408907c74a7043eb64f7b63395bacc00c06233
267b12d3331586114d4683d66c01d1c24dcb1ecea0711d7da2497a24d845f1e8
34c98d5e4f56da9d2ddc38e853a7a7f9fed52584fc52baa363d47347941ee1c1
3b284bb8019b8db0bf0515a31238ee2314eab0683acbccc2a8d06d40ee0e7003
451cadcfc88ac4645079e3cb33e388589c164df7c7e25974c599b3956f0a54f6
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5f2e43b0385f0a4cbbdfc5225b9d3abebcfa0390fffdf424064ef61783e0822e
63b4f381fe73f81a33ee0ceab087bbe1f9e2c70b7657e8e5b55eb33e3e5ec568
657231dd849913d013b47217800b7f2100976e02a379daab3d1d9b522dd8a449
65d8f44a8cb66acc1e58127c7360f3507f0363c93917575f57fe3aca88a1777f
9bdf2b71b714fc6cb098b356dc279f25debcf6f2751f57500f0f0795d11db7eb
a8fca6c0b7ed04de5ced6976b61be6cf79e4433257267abc1b0f5df8893a2cd0
cdf6bda14c2bd91fd53897d192e43e7b8227a6d997875b6103ad70ab773b9d6f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0e44d3d60c12b0b1ecaa625a389aa51ef04a1669cad832350a10017a8ae995d