waas-prod-app-fd4e6a6d2a84da94ef85df05fc0bdfe2.trafficmanager.net
Open in
urlscan Pro
20.54.174.254
Malicious Activity!
Public Scan
Submission: On May 04 via api from US — Scanned from NL
Summary
TLS certificate: Issued by QuoVadis Global SSL ICA G2 on June 21st 2023. Valid for: a year.
This is the only time waas-prod-app-fd4e6a6d2a84da94ef85df05fc0bdfe2.trafficmanager.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Coƶperatie VGZ (Healthcare)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 20.54.174.254 20.54.174.254 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2a00:1450:400... 2a00:1450:4001:81c::200a | 15169 (GOOGLE) (GOOGLE) | |
6 | 13.80.147.7 13.80.147.7 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2a00:1450:400... 2a00:1450:4001:800::2003 | 15169 (GOOGLE) (GOOGLE) | |
11 | 5 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
waas-prod-app-fd4e6a6d2a84da94ef85df05fc0bdfe2.trafficmanager.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.vgz.nl | |
www.iza.nl | |
www.izzdoorvgz.nl | |
www.vgzbewuzt.nl | |
services.mijnunivezorg.nl | |
services.mijnzorgzaam.nl |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
trafficmanager.net
waas-prod-app-fd4e6a6d2a84da94ef85df05fc0bdfe2.trafficmanager.net |
39 KB |
1 |
gstatic.com
fonts.gstatic.com |
31 KB |
1 |
mijnzorgzaam.nl
services.mijnzorgzaam.nl |
6 KB |
1 |
mijnunivezorg.nl
services.mijnunivezorg.nl |
4 KB |
1 |
vgzbewuzt.nl
www.vgzbewuzt.nl |
14 KB |
1 |
izzdoorvgz.nl
www.izzdoorvgz.nl |
18 KB |
1 |
iza.nl
www.iza.nl |
9 KB |
1 |
vgz.nl
www.vgz.nl |
12 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33 |
1 KB |
0 |
umczorgverzekering.nl
Failed
www.umczorgverzekering.nl Failed |
|
11 | 10 |
Domain | Requested by | |
---|---|---|
2 | waas-prod-app-fd4e6a6d2a84da94ef85df05fc0bdfe2.trafficmanager.net | |
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | services.mijnzorgzaam.nl |
waas-prod-app-fd4e6a6d2a84da94ef85df05fc0bdfe2.trafficmanager.net
|
1 | services.mijnunivezorg.nl |
waas-prod-app-fd4e6a6d2a84da94ef85df05fc0bdfe2.trafficmanager.net
|
1 | www.vgzbewuzt.nl |
waas-prod-app-fd4e6a6d2a84da94ef85df05fc0bdfe2.trafficmanager.net
|
1 | www.izzdoorvgz.nl |
waas-prod-app-fd4e6a6d2a84da94ef85df05fc0bdfe2.trafficmanager.net
|
1 | www.iza.nl |
waas-prod-app-fd4e6a6d2a84da94ef85df05fc0bdfe2.trafficmanager.net
|
1 | www.vgz.nl |
waas-prod-app-fd4e6a6d2a84da94ef85df05fc0bdfe2.trafficmanager.net
|
1 | fonts.googleapis.com |
waas-prod-app-fd4e6a6d2a84da94ef85df05fc0bdfe2.trafficmanager.net
|
0 | www.umczorgverzekering.nl Failed |
waas-prod-app-fd4e6a6d2a84da94ef85df05fc0bdfe2.trafficmanager.net
|
11 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
mijn.vgzbewuzt.nl QuoVadis Global SSL ICA G2 |
2023-06-21 - 2024-06-21 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-04-16 - 2024-07-09 |
3 months | crt.sh |
mijn.vgz.nl QuoVadis Global SSL ICA G2 |
2023-06-21 - 2024-06-21 |
a year | crt.sh |
mijn.iza.nl QuoVadis Global SSL ICA G2 |
2023-06-21 - 2024-06-21 |
a year | crt.sh |
mijn.izzdoorvgz.nl QuoVadis Global SSL ICA G2 |
2023-06-21 - 2024-06-21 |
a year | crt.sh |
mijnunivezorg.nl QuoVadis Global SSL ICA G2 |
2023-06-21 - 2024-06-21 |
a year | crt.sh |
mijnzorgzaam.nl QuoVadis Global SSL ICA G2 |
2023-06-21 - 2024-06-21 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-04-16 - 2024-07-09 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://waas-prod-app-fd4e6a6d2a84da94ef85df05fc0bdfe2.trafficmanager.net/
Frame ID: 8E2FF8DA7A3954DC0592F368906434F8
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
Sorry, de website is niet bereikbaarDetected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
waas-prod-app-fd4e6a6d2a84da94ef85df05fc0bdfe2.trafficmanager.net/ |
20 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header-logo-vgz.png
www.vgz.nl/-/media/Project/Websites/VGZ/VGZ-website/site-images/logos/ |
10 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header-logo-iza.png
www.iza.nl/-/media/project/websites/iza/iza-website/site-images/logos/ |
7 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-header.png
www.izzdoorvgz.nl/-/media/project/websites/vgz-voor-de-zorg/vgz-voor-de-zorg-website/site-images/logos/ |
16 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header-logo-vgzbewuzt.png
www.vgzbewuzt.nl/-/media/project/websites/bewuzt/bewuzt-website/site-images/logos/ |
12 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
logo-umc-zorgverzekering-header.png
www.umczorgverzekering.nl/-/media/project/websites/umc-website/site-images/logos/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
unive_logo.svg
services.mijnunivezorg.nl/-/media/project/websites/unive/zorgzoeker/ |
2 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
zorgzaam_logo_klein.png
services.mijnzorgzaam.nl/-/media/project/websites/zorgzaam/zorgzaam-website/logo/ |
4 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ |
30 KB 31 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
waas-prod-app-fd4e6a6d2a84da94ef85df05fc0bdfe2.trafficmanager.net/ |
20 KB 20 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.umczorgverzekering.nl
- URL
- https://www.umczorgverzekering.nl/-/media/project/websites/umc-website/site-images/logos/logo-umc-zorgverzekering-header.png?h=114&w=300&hash=1759944BCF42A5905D2D11A4A2E1F7B6
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Coƶperatie VGZ (Healthcare)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
14 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.www.iza.nl/ | Name: ARRAffinitySameSite Value: 488a5bbc0c2c02bfb933773d26f6b1001b933bb450c6c892990564e8ce836f4a |
|
.www.iza.nl/ | Name: BNES_ARRAffinitySameSite Value: gE1hp7VHwpteow8bzRJHuhYzKD4DcLPW7RYnLOq2+UQHiUHqYynSJcNoldUVLQteXaRwN8QtaAbK8evQT6t4E8dD1A9y7ZsvjgsjlURD0CdTgJGTy5YONTnVfKeVeRhxUOLa+mcVPhZm+/WjteEwOw4ehR8wtFGmzjyIryxjkog= |
|
.services.mijnunivezorg.nl/ | Name: ARRAffinitySameSite Value: 488a5bbc0c2c02bfb933773d26f6b1001b933bb450c6c892990564e8ce836f4a |
|
.services.mijnunivezorg.nl/ | Name: BNES_ARRAffinitySameSite Value: RRGOsShgdssbqVNtjyPNtTbJfdN1yqmQ6x0VTW++n4tq+5lnYBp4C5lD5o5/npu4KJQARh04eWWF3ZHhaNvwxLNAUQHlQHPqD9P7l6xzDPgSS0r9v3BGqUOyvkdSZrjG+D0Qqd9xO/x2PEeaNyvHmpVWoneKAppDCYDXDmtL2Ls= |
|
.www.vgz.nl/ | Name: ARRAffinitySameSite Value: c7f84ee18b05f2103ad33268dc11d480daa7c348981d68e7212727b4f1ac80f5 |
|
.www.vgz.nl/ | Name: BNES_ARRAffinitySameSite Value: yvj9N17Aut5HnAIQPIuB2MC7IAXjlWwGoCsq4IVYpj3FTyNHop3V0ES37b1zxoMjxKMPirxUUrJ9HlEC3Rb8Q3WsIQdqrsmwygb4UdS7nIr2wYrXpC2po5nNpz/4cyZxwMUxbMUSn2InXycYbVaN8wHDtazfXpztuiKw8mnfbRQ= |
|
.www.izzdoorvgz.nl/ | Name: ARRAffinitySameSite Value: c7f84ee18b05f2103ad33268dc11d480daa7c348981d68e7212727b4f1ac80f5 |
|
.www.izzdoorvgz.nl/ | Name: BNES_ARRAffinitySameSite Value: nWjaWKrBijSXVOtiLl1SEg09drgQ5Q8h3/JBaVIND6HNvkrtL+mac/drTlrudBPA9TiwAko4y98IjFGGc2UUFBkr6IzjUGttaWAQfEp384KBPwJYf8sOpLg22b2t4ZTjsI8UtarRfUXfpFHOza151YGNAa/sn5KQDh0nYCR39F8= |
|
.services.mijnzorgzaam.nl/ | Name: ARRAffinitySameSite Value: c7f84ee18b05f2103ad33268dc11d480daa7c348981d68e7212727b4f1ac80f5 |
|
.services.mijnzorgzaam.nl/ | Name: BNES_ARRAffinitySameSite Value: s2V32Wm/OZMwcFJPYiY6LMn8XxgI40y4sAs/rsGMDS4bIfKaxrBVHAz8z56m9d5FkYhIAkuWmd1H/Ri8GhwxjV1XokGGsvM+hBOU0LyC5xEwPPQgEHv+hgG16/H7BWFa7fVwpQVJdgHAD46PClKYIZp0bWhqJ9+l7KxlA7tS2HE= |
|
.www.vgzbewuzt.nl/ | Name: ARRAffinitySameSite Value: 488a5bbc0c2c02bfb933773d26f6b1001b933bb450c6c892990564e8ce836f4a |
|
.www.vgzbewuzt.nl/ | Name: BNES_ARRAffinitySameSite Value: YUH658+9ZFwdfL6IbBwFQXcwrfumLbXK54bb2VJLr8w4ZYENxTq/2bWX9UZ4D4FIn+AofidTyRkrMk++7f6Rv829mAVukp8b7uIb5IWr3eGJ3GmLOCtK6moFYlVfloLKeMYv6fPHuSnTeI7shtG06PKCbL0TAEmop7N2aJ6Mi2I= |
|
.www.umczorgverzekering.nl/ | Name: ARRAffinitySameSite Value: 0aba8610b3668e35db799e4265d8ca6f47ce8c287298a576437486a2c7e64c08 |
|
.www.umczorgverzekering.nl/ | Name: BNES_ARRAffinitySameSite Value: gcRwX4VtnUBiRxy0skgHQkKg0DhYYfUx3Ml/I9wIBvV3S0F1ceZnoLckIlUXqxBNZZgYTgGqjCyxM+JHgrsCJlx4SUCDAJTAmTUNy1VqCnLbyjQKiJ8fEs/4EmQPVeWTz75nHZJF8GhByyIAyAQ+8uBg0tSscIGlQl+ydmDHprg= |
16 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
services.mijnunivezorg.nl
services.mijnzorgzaam.nl
waas-prod-app-fd4e6a6d2a84da94ef85df05fc0bdfe2.trafficmanager.net
www.iza.nl
www.izzdoorvgz.nl
www.umczorgverzekering.nl
www.vgz.nl
www.vgzbewuzt.nl
www.umczorgverzekering.nl
13.80.147.7
20.54.174.254
2a00:1450:4001:800::2003
2a00:1450:4001:81c::200a
06269b9fa4cca7e7172667ffba1959d938d74bcf7fb0e63b63dc9516cac96a5a
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
58969d9e1827f49fce993aca79b6bbed95c3bc75dc6a8ea64d48741966a6c3b0
81aa14acb204f43ed49a42e940da4f96b9fb62fd83d6eaa8f5c98fcba7222003
ab4d0dad0d0af5389d6ec581e1f5693f6c498809a09a9a693559a04aca344ca7
d1d96d5546da46bfd618f570fb86265991d41e04f153b028567a82292b73010f
e4cd954e8d18bf3066dc54c08246aad199d45fbed27b931a1b688b37d632ee6a
e6b7fe263e6f6873885feda36cc66692b1938dc5a5e0f1048d9be7478732e9f4
eaee1e4dd77680e5eb3ad89385db2a48837800b5d9c54f395a1913ea8eb42bff
f2b218e0d4cb2cafd88eb7a17f7800fe6048e464063a94715791d557cd24b735