herinnering-0388.info
Open in
urlscan Pro
77.72.85.159
Malicious Activity!
Public Scan
Effective URL: https://herinnering-0388.info/terugstorten-koppeling/openbaar
Submission: On May 24 via manual from BE — Scanned from DE
Summary
TLS certificate: Issued by R3 on May 14th 2024. Valid for: 3 months.
This is the only time herinnering-0388.info was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ING Group (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2a02:2430:3:f... 2a02:2430:3:ffff:f000::220 | 59491 (LIVENET-) (LIVENET-) | |
4 | 77.72.85.159 77.72.85.159 | 62005 (BV-EU-AS) (BV-EU-AS) | |
5 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
herinnering-0388.info
herinnering-0388.info |
809 KB |
1 |
lmy.de
1 redirects
lmy.de |
470 B |
0 |
bing.com
Failed
www.bing.com Failed |
|
5 | 3 |
Domain | Requested by | |
---|---|---|
4 | herinnering-0388.info |
herinnering-0388.info
|
1 | lmy.de | 1 redirects |
0 | www.bing.com Failed | |
5 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
herinnering-0388.info R3 |
2024-05-14 - 2024-08-12 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://herinnering-0388.info/terugstorten-koppeling/openbaar
Frame ID: 1AF3CDD823458227D76A3E8E3BB70B31
Requests: 20 HTTP requests in this frame
Screenshot
Page Title
Terugbetaling Procedure | FluviusPage URL History Show full URLs
-
http://lmy.de/herinnering
HTTP 307
https://lmy.de/herinnering HTTP 301
https://herinnering-0388.info/terugstorten-koppeling/openbaar Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://lmy.de/herinnering
HTTP 307
https://lmy.de/herinnering HTTP 301
https://herinnering-0388.info/terugstorten-koppeling/openbaar Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 18- https://herinnering-0388.info/favicon.ico HTTP 302
- https://bing.fr/ HTTP 301
- https://www.bing.com/?cc=fr
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
openbaar
herinnering-0388.info/terugstorten-koppeling/ Redirect Chain
|
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
herinnering-0388.info/public/landing/ |
717 KB 373 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.6.0.js
herinnering-0388.info/public/ |
282 KB 84 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loader.js
herinnering-0388.info/public/landing/ |
1 MB 351 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
8 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
23 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
21 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
8 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
17 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
8 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
61 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
112 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 3 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
57 KB 57 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
www.bing.com/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.bing.com
- URL
- https://www.bing.com/?cc=fr
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ING Group (Banking)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery string| htmlcontent function| getRandomInRange function| randString function| _0x1f12 function| replaceAll function| load_random_dom_content function| _0xb888 function| _0x55d1fd function| _0x5232 function| _0x253a10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
lmy.de/ | Name: PHPSESSID Value: g4ghcrdcgahnd1bkdbm6lr5eqj |
|
lmy.de/ | Name: short_575163 Value: 1 |
|
herinnering-0388.info/ | Name: PHPSESSID Value: ii4r0o5fvh01kqliijlkadg6id |
|
.bing.com/ | Name: MUID Value: 395646D69C5C69320BEE525F9DA86889 |
|
.bing.com/ | Name: SRCHD Value: AF=NOFORM |
|
.bing.com/ | Name: SRCHUID Value: V=2&GUID=171A6000A0F44B0CAC31B3C7082210BC&dmnchg=1 |
|
.bing.com/ | Name: SRCHUSR Value: DOB=20240524 |
|
.bing.com/ | Name: SRCHHPGUSR Value: SRCHLANG=fr |
|
.bing.com/ | Name: _SS Value: SID=1BD447D473AE6F9927EF535D725A6EA4 |
|
.bing.com/ | Name: _HPVN Value: CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyNC0wNS0yNFQwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIlRucyI6MCwiRGZ0IjpudWxsLCJNdnMiOjAsIkZsdCI6MCwiSW1wIjoxLCJUb2JuIjowfQ== |
8 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
herinnering-0388.info
lmy.de
www.bing.com
www.bing.com
2a02:2430:3:ffff:f000::220
77.72.85.159
0d48975b5e09b20b8d7795052820c17a1169303170ba16e9cc405add13d28b24
0ee865a2ddcfcdbfb65265588a893c98dc1eb6cf863cf1d83e31dac70626cb88
13d16753e223a8db554602b0b4db715eaf883696c4ba982007404456217b285b
1455cced62b8d35612b80448677b9284c5fbfa7bbb23e2d247d562646e2d8474
1457925150992ddbb523a5bb1bf16a7ab9743bd16286fb4f7d4c033fc958e5ae
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
220d0a62f2a76a5bc0dc487c53a7d0e3ff3933e194f4fba81ab0522cab26927c
282a91f39aa41aafd3e90e64cf3a600f806e1a019f9075acc75f42dd475d1d0c
46398f6374e7f7afd4384087d40fc17b640714a90fb7267aeb8b4ebb60cc7df1
54e5e667d74e28275add58f598f5fec4496ff5ec52713f4dd6bad2390c0b8a68
6a472e7eee580fafe1718b21743e5a21d2d1aa22b79057d58fab141ce9b6bd40
a11523d8d9b247faab200bd3d51688352418c17341cf2da98db5beb8c1742cc7
a96cfe81466548c7abfec29515f4b5e5ce13eb5e639911bbe2f73fcca9dad601
aaa5a3965a6c1b06fc72992e9a66cf5da9e346bf0603c32f5e6ce427e310ac44
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b349c2b3768e84be4728eb82d47f5f2732d6c8a6f3a0aa93f0e49cb1a2e9fea5
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6feee1ba452536b2959447d5996ddc72329ce138594081c81bc422873341689