urlscan.io logo urlscan.io
SecurityTrails logo

axabank.be.service-handeling.web.nitro-host.space Open in urlscan Pro
54.38.11.203  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://axabank.be.service-handeling.web.nitro-host.space/login
Submission: On May 11 via manual from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 21 HTTP transactions. The main IP is 54.38.11.203, located in France and belongs to OVH, FR. The main domain is axabank.be.service-handeling.web.nitro-host.space.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 11th 2020. Valid for: 3 months.
This is the only time axabank.be.service-handeling.web.nitro-host.space was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Axa (Insurance)

Domain & IP information

IP Address AS Autonomous System
17 54.38.11.203 16276 (OVH)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 171.18.26.113 43722 (ATNEDC-AS)
21 4
Domain Requested by
17 axabank.be.service-handeling.web.nitro-host.space axabank.be.service-handeling.web.nitro-host.space
code.jquery.com
2 www.axabank.be axabank.be.service-handeling.web.nitro-host.space
1 code.jquery.com axabank.be.service-handeling.web.nitro-host.space
21 3

This site contains links to these domains. Also see Links.

Domain
www.axabank.be
itunes.apple.com
play.google.com
Subject Issuer Validity Valid
axabank.be.service-handeling.web.nitro-host.space
Let's Encrypt Authority X3		 2020-05-11 -
2020-08-09		 3 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
www.axabank.be
DigiCert SHA2 High Assurance Server CA		 2019-12-12 -
2020-12-16		 a year crt.sh

This page contains 3 frames:

Primary Page: https://axabank.be.service-handeling.web.nitro-host.space/login
Frame ID: E676CAABC701968A46B2EFC1B06B607F
Requests: 19 HTTP requests in this frame

Frame: https://www.axabank.be/nl/homebanking/logon/notification-top
Frame ID: D56512CD98BB2B93C1BBBC54A370C77C
Requests: 1 HTTP requests in this frame

Frame: https://www.axabank.be/nl/homebanking/logon/notification-bottom
Frame ID: 02C4BE0BDA2A131D4652F86B92A961E6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<[^<]+class="[^"]*[^-](?:e-control|e-lib)/i

Page Statistics

21
Requests

95 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

490 kB
Transfer

690 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
axabank.be.service-handeling.web.nitro-host.space/ 		15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://axabank.be.service-handeling.web.nitro-host.space/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.11.203 , France, ASN16276 (OVH, FR),
Reverse DNS
plesk02.nitro-host.de
Software
nginx / PHP/7.4.5 PleskLin
Resource Hash
8966f3d58410edee78fa8427ffa525df71d923657b492db40fcc91c556071975

Request headers

:method
GET
:authority
axabank.be.service-handeling.web.nitro-host.space
:scheme
https
:path
/login
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
server
nginx
date
Mon, 11 May 2020 13:46:19 GMT
content-type
text/html; charset=UTF-8
content-length
4293
x-powered-by
PHP/7.4.5 PleskLin
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=3a80tcbe1nvdh7m7jv6hqotnek; path=/
vary
Accept-Encoding
content-encoding
gzip
main.css
axabank.be.service-handeling.web.nitro-host.space/public/axa/css/ 		356 KB
357 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://axabank.be.service-handeling.web.nitro-host.space/public/axa/css/main.css
Requested by
Host: axabank.be.service-handeling.web.nitro-host.space
URL: https://axabank.be.service-handeling.web.nitro-host.space/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.11.203 , France, ASN16276 (OVH, FR),
Reverse DNS
plesk02.nitro-host.de
Software
nginx / PleskLin
Resource Hash
7145dba4167f67fe98f59e22bf567c37e47ca8d3f36570135b17037990bac7ef

Request headers

Referer
https://axabank.be.service-handeling.web.nitro-host.space/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 13:46:19 GMT
last-modified
Tue, 27 Aug 2019 05:05:06 GMT
server
nginx
x-powered-by
PleskLin
etag
"5d64ba02-591d7"
content-type
text/css
status
200
accept-ranges
bytes
content-length
365015
fonts.css
axabank.be.service-handeling.web.nitro-host.space/public/axa/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://axabank.be.service-handeling.web.nitro-host.space/public/axa/css/fonts.css
Requested by
Host: axabank.be.service-handeling.web.nitro-host.space
URL: https://axabank.be.service-handeling.web.nitro-host.space/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.11.203 , France, ASN16276 (OVH, FR),
Reverse DNS
plesk02.nitro-host.de
Software
nginx / PleskLin
Resource Hash
6f4faedf7db9712b3c3299ab430b0cf725dcfb09754aa7617c0de98b3acf33b0

Request headers

Referer
https://axabank.be.service-handeling.web.nitro-host.space/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 13:46:19 GMT
last-modified
Tue, 27 Aug 2019 04:47:32 GMT
server
nginx
x-powered-by
PleskLin
etag
"5d64b5e4-736"
content-type
text/css
status
200
accept-ranges
bytes
content-length
1846
jquery-3.4.1.js
code.jquery.com/ 		274 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.js
Requested by
Host: axabank.be.service-handeling.web.nitro-host.space
URL: https://axabank.be.service-handeling.web.nitro-host.space/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://axabank.be.service-handeling.web.nitro-host.space/login
Origin
https://axabank.be.service-handeling.web.nitro-host.space

Response headers

Date
Mon, 11 May 2020 13:46:19 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 May 2019 21:14:27 GMT
Server
nginx
ETag
W/"5cca0c33-4472c"
Vary
Accept-Encoding
X-HW
1589204779.dop052.fr8.t,1589204779.cds057.fr8.shn,1589204779.cds057.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
82889
Cookie set notification-top
www.axabank.be/nl/homebanking/logon/ Frame D565 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.axabank.be/nl/homebanking/logon/notification-top
Requested by
Host: axabank.be.service-handeling.web.nitro-host.space
URL: https://axabank.be.service-handeling.web.nitro-host.space/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
171.18.26.113 Cologne, Germany, ASN43722 (ATNEDC-AS, DE),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src axabank.be https://*.axabank.be; style-src https://*.axabank.be axabank.be https://fonts.googleapis.com https://*.bootstrapcdn.com https://*.google.com https://*.skedify.io 'unsafe-inline'; script-src https://*.skedify.io https://*.twitter.com https://*.twimg.com https://hello.myfonts.net https://www.google-analytics.com https://*.facebook.com https://*.google.com https://www.googleadservices.com https://*.bizographics.com https://*.linkedin.com https://*.facebook.net https://*.licdn.com https://*.doubleclick.net https://www.googletagmanager.com https://www.google.be https://*.googleapis.com https://*.axabank.be axabank.be https://code.jquery.com https://cdnjs.cloudflare.com https://*.bootstrapcdn.com https://*.crazyegg.com https://*.agconsult.com https://*.surveygizmo.com https://*.howsmyssl.com https://*.highcharts.com https://*.gstatic.com https://*.amazonaws.com https://*.youtube.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https://*.axabank.be https://*.twitter.com https://*.githubusercontent.com https://*.googleapis.com https://*.google.com https://*.facebook.com https://secure.adnxs.com https://*.google.be https://*.linkedin.com https://*.doubleclick.net https://www.google-analytics.com https://www.googletagmanager.com https://csi.gstatic.com https://maps.gstatic.com https://*.bootstrapcdn.com https://*.crazyegg.com; font-src https://*.bootstrapcdn.com https://plugin.skedify.io http://*.axabank.be https://fonts.gstatic.com; frame-src https://*.facebook.com https://*.twitter.com https://campaigns.axa.be https://*.axabank.be https://*.google.com https://www.youtube.com http://*.doubleclick.net https://*.agconsult.com https://*.surveygizmo.com; frame-ancestors https://*.axabank.be https://*.axa.be; connect-src https://*.axabank.be https://esg.services.axabank.be https://www.google-analytics.com https://api.skedify.io https://*.crazyegg.com https://*.doubleclick.net; object-src 'none'; report-uri /CspReportsHandler.ashx
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
www.axabank.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://axabank.be.service-handeling.web.nitro-host.space/login
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://axabank.be.service-handeling.web.nitro-host.space/login

Response headers

Date
Mon, 11 May 2020 13:46:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
X-Frame-Options
DENY
Access-Control-Allow-Origin
https://www.axabank.be
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
POST
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Security-Policy
default-src axabank.be https://*.axabank.be; style-src https://*.axabank.be axabank.be https://fonts.googleapis.com https://*.bootstrapcdn.com https://*.google.com https://*.skedify.io 'unsafe-inline'; script-src https://*.skedify.io https://*.twitter.com https://*.twimg.com https://hello.myfonts.net https://www.google-analytics.com https://*.facebook.com https://*.google.com https://www.googleadservices.com https://*.bizographics.com https://*.linkedin.com https://*.facebook.net https://*.licdn.com https://*.doubleclick.net https://www.googletagmanager.com https://www.google.be https://*.googleapis.com https://*.axabank.be axabank.be https://code.jquery.com https://cdnjs.cloudflare.com https://*.bootstrapcdn.com https://*.crazyegg.com https://*.agconsult.com https://*.surveygizmo.com https://*.howsmyssl.com https://*.highcharts.com https://*.gstatic.com https://*.amazonaws.com https://*.youtube.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https://*.axabank.be https://*.twitter.com https://*.githubusercontent.com https://*.googleapis.com https://*.google.com https://*.facebook.com https://secure.adnxs.com https://*.google.be https://*.linkedin.com https://*.doubleclick.net https://www.google-analytics.com https://www.googletagmanager.com https://csi.gstatic.com https://maps.gstatic.com https://*.bootstrapcdn.com https://*.crazyegg.com; font-src https://*.bootstrapcdn.com https://plugin.skedify.io http://*.axabank.be https://fonts.gstatic.com; frame-src https://*.facebook.com https://*.twitter.com https://campaigns.axa.be https://*.axabank.be https://*.google.com https://www.youtube.com http://*.doubleclick.net https://*.agconsult.com https://*.surveygizmo.com; frame-ancestors https://*.axabank.be https://*.axa.be; connect-src https://*.axabank.be https://esg.services.axabank.be https://www.google-analytics.com https://api.skedify.io https://*.crazyegg.com https://*.doubleclick.net; object-src 'none'; report-uri /CspReportsHandler.ashx
X-OneAgent-JS-Injection
true
X-ruxit-JS-Agent
true
Content-Length
2301
Set-Cookie
axa#lang=nl; expires=Wed, 11-May-2022 01:00:39 GMT; path=/; secure ASP.NET_SessionId=spe1ldbptfttbpvdde1faugi; path=/; secure; HttpOnly; SameSite=Lax axa#lang=nl; expires=Wed, 11-May-2022 01:00:39 GMT; path=/; secure ASP.NET_SessionId=spe1ldbptfttbpvdde1faugi; path=/; secure; HttpOnly; SameSite=Lax SC_ANALYTICS_GLOBAL_COOKIE=9a3e420439794a729330897c5c8fc41d|False; domain=http://dev.axabank.sc8.be/; expires=Thu, 09-May-2030 13:46:19 GMT; path=/; secure; HttpOnly tls_notification_exp=exp=5/11/2020 4:10:19 PM; expires=Mon, 11-May-2020 14:10:19 GMT; path=/; secure; HttpOnly dtCookie=v_4_srv_2_sn_1AC1948C8BEC5974D612A91F461E1D1F_perc_100000_ol_0_mul_1; Path=/; Domain=.axabank.be TS0154f53f=01f064368a1f916496e6859401d2e943129114e9e03d88052eee32405adc8b32667400c00bf5b36f5d3a85accafe4764cb024e7b14; Path=/; Domain=.www.axabank.be
Keep-Alive
timeout=5, max=500
Connection
Keep-Alive
Cookie set notification-bottom
www.axabank.be/nl/homebanking/logon/ Frame 02C4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.axabank.be/nl/homebanking/logon/notification-bottom
Requested by
Host: axabank.be.service-handeling.web.nitro-host.space
URL: https://axabank.be.service-handeling.web.nitro-host.space/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
171.18.26.113 Cologne, Germany, ASN43722 (ATNEDC-AS, DE),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src axabank.be https://*.axabank.be; style-src https://*.axabank.be axabank.be https://fonts.googleapis.com https://*.bootstrapcdn.com https://*.google.com https://*.skedify.io 'unsafe-inline'; script-src https://*.skedify.io https://*.twitter.com https://*.twimg.com https://hello.myfonts.net https://www.google-analytics.com https://*.facebook.com https://*.google.com https://www.googleadservices.com https://*.bizographics.com https://*.linkedin.com https://*.facebook.net https://*.licdn.com https://*.doubleclick.net https://www.googletagmanager.com https://www.google.be https://*.googleapis.com https://*.axabank.be axabank.be https://code.jquery.com https://cdnjs.cloudflare.com https://*.bootstrapcdn.com https://*.crazyegg.com https://*.agconsult.com https://*.surveygizmo.com https://*.howsmyssl.com https://*.highcharts.com https://*.gstatic.com https://*.amazonaws.com https://*.youtube.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https://*.axabank.be https://*.twitter.com https://*.githubusercontent.com https://*.googleapis.com https://*.google.com https://*.facebook.com https://secure.adnxs.com https://*.google.be https://*.linkedin.com https://*.doubleclick.net https://www.google-analytics.com https://www.googletagmanager.com https://csi.gstatic.com https://maps.gstatic.com https://*.bootstrapcdn.com https://*.crazyegg.com; font-src https://*.bootstrapcdn.com https://plugin.skedify.io http://*.axabank.be https://fonts.gstatic.com; frame-src https://*.facebook.com https://*.twitter.com https://campaigns.axa.be https://*.axabank.be https://*.google.com https://www.youtube.com http://*.doubleclick.net https://*.agconsult.com https://*.surveygizmo.com; frame-ancestors https://*.axabank.be https://*.axa.be; connect-src https://*.axabank.be https://esg.services.axabank.be https://www.google-analytics.com https://api.skedify.io https://*.crazyegg.com https://*.doubleclick.net; object-src 'none'; report-uri /CspReportsHandler.ashx
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
www.axabank.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://axabank.be.service-handeling.web.nitro-host.space/login
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://axabank.be.service-handeling.web.nitro-host.space/login

Response headers

Date
Mon, 11 May 2020 13:46:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
X-Frame-Options
DENY
Access-Control-Allow-Origin
https://www.axabank.be
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
POST
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Security-Policy
default-src axabank.be https://*.axabank.be; style-src https://*.axabank.be axabank.be https://fonts.googleapis.com https://*.bootstrapcdn.com https://*.google.com https://*.skedify.io 'unsafe-inline'; script-src https://*.skedify.io https://*.twitter.com https://*.twimg.com https://hello.myfonts.net https://www.google-analytics.com https://*.facebook.com https://*.google.com https://www.googleadservices.com https://*.bizographics.com https://*.linkedin.com https://*.facebook.net https://*.licdn.com https://*.doubleclick.net https://www.googletagmanager.com https://www.google.be https://*.googleapis.com https://*.axabank.be axabank.be https://code.jquery.com https://cdnjs.cloudflare.com https://*.bootstrapcdn.com https://*.crazyegg.com https://*.agconsult.com https://*.surveygizmo.com https://*.howsmyssl.com https://*.highcharts.com https://*.gstatic.com https://*.amazonaws.com https://*.youtube.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https://*.axabank.be https://*.twitter.com https://*.githubusercontent.com https://*.googleapis.com https://*.google.com https://*.facebook.com https://secure.adnxs.com https://*.google.be https://*.linkedin.com https://*.doubleclick.net https://www.google-analytics.com https://www.googletagmanager.com https://csi.gstatic.com https://maps.gstatic.com https://*.bootstrapcdn.com https://*.crazyegg.com; font-src https://*.bootstrapcdn.com https://plugin.skedify.io http://*.axabank.be https://fonts.gstatic.com; frame-src https://*.facebook.com https://*.twitter.com https://campaigns.axa.be https://*.axabank.be https://*.google.com https://www.youtube.com http://*.doubleclick.net https://*.agconsult.com https://*.surveygizmo.com; frame-ancestors https://*.axabank.be https://*.axa.be; connect-src https://*.axabank.be https://esg.services.axabank.be https://www.google-analytics.com https://api.skedify.io https://*.crazyegg.com https://*.doubleclick.net; object-src 'none'; report-uri /CspReportsHandler.ashx
X-OneAgent-JS-Injection
true
X-ruxit-JS-Agent
true
Content-Length
2299
Set-Cookie
axa#lang=nl; expires=Wed, 11-May-2022 01:00:32 GMT; path=/; secure ASP.NET_SessionId=lwx4yes1ipe45gpfktsvegud; path=/; secure; HttpOnly; SameSite=Lax axa#lang=nl; expires=Wed, 11-May-2022 01:00:32 GMT; path=/; secure ASP.NET_SessionId=lwx4yes1ipe45gpfktsvegud; path=/; secure; HttpOnly; SameSite=Lax SC_ANALYTICS_GLOBAL_COOKIE=96393776e98f4bf6a11827ec4d911414|False; domain=http://dev.axabank.sc8.be/; expires=Thu, 09-May-2030 13:46:20 GMT; path=/; secure; HttpOnly tls_notification_exp=exp=11/05/2020 16:10:20; expires=Mon, 11-May-2020 14:10:20 GMT; path=/; secure; HttpOnly dtCookie=v_4_srv_1_sn_3BD3D89A39DE68576925FE6B2AFDF778_perc_100000_ol_0_mul_1; Path=/; Domain=.axabank.be TS0154f53f=01f064368a205bf9237e1509aa00ad27c3e08844f3c0cc05f513e64b9181072436bab6e71c306024d85fed0bf996e970f5b4c22dee; Path=/; Domain=.www.axabank.be
Keep-Alive
timeout=5, max=500
Connection
Keep-Alive
logo6481.svg
axabank.be.service-handeling.web.nitro-host.space/public/axa/img/svg/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://axabank.be.service-handeling.web.nitro-host.space/public/axa/img/svg/logo6481.svg?ver=25261
Requested by
Host: axabank.be.service-handeling.web.nitro-host.space
URL: https://axabank.be.service-handeling.web.nitro-host.space/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.11.203 , France, ASN16276 (OVH, FR),
Reverse DNS
plesk02.nitro-host.de
Software
nginx / PleskLin
Resource Hash
4f15551e8df16365a4eba91f078b16e4dc40959a98f6f8e1de8b2ad895ccc705

Request headers

Referer
https://axabank.be.service-handeling.web.nitro-host.space/public/axa/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 13:46:19 GMT
last-modified
Thu, 27 Jun 2019 04:53:56 GMT
server
nginx
x-powered-by
PleskLin
etag
"5d144be4-93a"
content-type
image/svg+xml
status
200
accept-ranges
bytes
content-length
2362
carret-sprite-small-new6481.svg
axabank.be.service-handeling.web.nitro-host.space/public/axa/img/svg/ 		822 B
996 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://axabank.be.service-handeling.web.nitro-host.space/public/axa/img/svg/carret-sprite-small-new6481.svg?ver=25261
Requested by
Host: axabank.be.service-handeling.web.nitro-host.space
URL: https://axabank.be.service-handeling.web.nitro-host.space/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.11.203 , France, ASN16276 (OVH, FR),
Reverse DNS
plesk02.nitro-host.de
Software
nginx / PleskLin
Resource Hash
54a75f49cb12c58d57a321f4a9e46240575f36957e2a5a209505cc83d7b25af6

Request headers

Referer
https://axabank.be.service-handeling.web.nitro-host.space/public/axa/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 13:46:19 GMT
etag
"336-58c46f2ffc100"
last-modified
Thu, 27 Jun 2019 04:53:56 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/svg+xml
status
200
x-accel-version
0.01
accept-ranges
bytes
content-length
822
app-store-new6481.png
axabank.be.service-handeling.web.nitro-host.space/public/axa/img/png/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://axabank.be.service-handeling.web.nitro-host.space/public/axa/img/png/app-store-new6481.png?ver=25261
Requested by
Host: axabank.be.service-handeling.web.nitro-host.space
URL: https://axabank.be.service-handeling.web.nitro-host.space/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.11.203 , France, ASN16276 (OVH, FR),
Reverse DNS
plesk02.nitro-host.de
Software
nginx / PleskLin
Resource Hash
716d5073916b9a9d1c6b4b76b60728ba66ea6e4c2211d8a70c483b303706dabc

Request headers

Referer
https://axabank.be.service-handeling.web.nitro-host.space/public/axa/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 13:46:19 GMT
last-modified
Thu, 27 Jun 2019 04:53:56 GMT
server
nginx
x-powered-by
PleskLin
etag
"5d144be4-1778"
content-type
image/png
status
200
accept-ranges
bytes
content-length
6008
google-play-new6481.png
axabank.be.service-handeling.web.nitro-host.space/public/axa/img/png/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://axabank.be.service-handeling.web.nitro-host.space/public/axa/img/png/google-play-new6481.png?ver=25261
Requested by
Host: axabank.be.service-handeling.web.nitro-host.space
URL: https://axabank.be.service-handeling.web.nitro-host.space/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.11.203 , France, ASN16276 (OVH, FR),
Reverse DNS
plesk02.nitro-host.de
Software
nginx / PleskLin
Resource Hash
f4ba1c3cbb97291ff424113bfa8525be04947309a8cb8b584ca3985f20224a6e

Request headers

Referer
https://axabank.be.service-handeling.web.nitro-host.space/public/axa/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 13:46:19 GMT
last-modified
Thu, 27 Jun 2019 04:53:56 GMT
server
nginx
x-powered-by
PleskLin
etag
"5d144be4-de8"
content-type
image/png
status
200
accept-ranges
bytes
content-length
3560
source-sans-pro-v11-latin-700.woff2
axabank.be.service-handeling.web.nitro-host.space/public/axa/fonts// 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://axabank.be.service-handeling.web.nitro-host.space/public/axa/fonts//source-sans-pro-v11-latin-700.woff2
Requested by
Host: axabank.be.service-handeling.web.nitro-host.space
URL: https://axabank.be.service-handeling.web.nitro-host.space/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.11.203 , France, ASN16276 (OVH, FR),
Reverse DNS
plesk02.nitro-host.de
Software
nginx / PleskLin
Resource Hash
c09055f0d3ce5ac45f886c935226d1e4cb0f7488525e9f8b298f26fc0171e5a8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://axabank.be.service-handeling.web.nitro-host.space/public/axa/css/fonts.css
Origin
https://axabank.be.service-handeling.web.nitro-host.space

Response headers

date
Mon, 11 May 2020 13:46:19 GMT
last-modified
Thu, 27 Jun 2019 04:53:54 GMT
server
nginx
x-powered-by
PleskLin
etag
"5d144be2-3c78"
content-type
font/woff2
status
200
accept-ranges
bytes
content-length
15480
source-sans-pro-v11-latin-regular.woff2
axabank.be.service-handeling.web.nitro-host.space/public/axa/fonts// 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://axabank.be.service-handeling.web.nitro-host.space/public/axa/fonts//source-sans-pro-v11-latin-regular.woff2
Requested by
Host: axabank.be.service-handeling.web.nitro-host.space
URL: https://axabank.be.service-handeling.web.nitro-host.space/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.11.203 , France, ASN16276 (OVH, FR),
Reverse DNS
plesk02.nitro-host.de
Software
nginx / PleskLin
Resource Hash
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://axabank.be.service-handeling.web.nitro-host.space/public/axa/css/fonts.css
Origin
https://axabank.be.service-handeling.web.nitro-host.space

Response headers

date
Mon, 11 May 2020 13:46:19 GMT
last-modified
Thu, 27 Jun 2019 04:53:54 GMT
server
nginx
x-powered-by
PleskLin
etag
"5d144be2-3e24"
content-type
font/woff2
status
200
accept-ranges
bytes
content-length
15908
heartbeat
axabank.be.service-handeling.web.nitro-host.space/ 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://axabank.be.service-handeling.web.nitro-host.space/heartbeat
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.11.203 , France, ASN16276 (OVH, FR),
Reverse DNS
plesk02.nitro-host.de
Software
nginx / PHP/7.4.5, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://axabank.be.service-handeling.web.nitro-host.space/login
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 May 2020 13:46:20 GMT
server
nginx
x-powered-by
PHP/7.4.5, PleskLin
content-type
text/html; charset=UTF-8
status
200
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 19 Nov 1981 08:52:00 GMT
heartbeat
axabank.be.service-handeling.web.nitro-host.space/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://axabank.be.service-handeling.web.nitro-host.space/heartbeat
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.11.203 , France, ASN16276 (OVH, FR),
Reverse DNS
plesk02.nitro-host.de
Software
nginx / PHP/7.4.5, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://axabank.be.service-handeling.web.nitro-host.space/login
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 May 2020 13:46:22 GMT
server
nginx
x-powered-by
PHP/7.4.5, PleskLin
content-type
text/html; charset=UTF-8
status
200
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 19 Nov 1981 08:52:00 GMT
heartbeat
axabank.be.service-handeling.web.nitro-host.space/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://axabank.be.service-handeling.web.nitro-host.space/heartbeat
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.11.203 , France, ASN16276 (OVH, FR),
Reverse DNS
plesk02.nitro-host.de
Software
nginx / PHP/7.4.5, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://axabank.be.service-handeling.web.nitro-host.space/login
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 May 2020 13:46:23 GMT
server
nginx
x-powered-by
PHP/7.4.5, PleskLin
content-type
text/html; charset=UTF-8
status
200
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 19 Nov 1981 08:52:00 GMT
heartbeat
axabank.be.service-handeling.web.nitro-host.space/ 		0
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://axabank.be.service-handeling.web.nitro-host.space/heartbeat
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.11.203 , France, ASN16276 (OVH, FR),
Reverse DNS
plesk02.nitro-host.de
Software
nginx / PHP/7.4.5, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://axabank.be.service-handeling.web.nitro-host.space/login
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 May 2020 13:46:24 GMT
server
nginx
x-powered-by
PHP/7.4.5, PleskLin
content-type
text/html; charset=UTF-8
status
200
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 19 Nov 1981 08:52:00 GMT
heartbeat
axabank.be.service-handeling.web.nitro-host.space/ 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://axabank.be.service-handeling.web.nitro-host.space/heartbeat
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.11.203 , France, ASN16276 (OVH, FR),
Reverse DNS
plesk02.nitro-host.de
Software
nginx / PHP/7.4.5, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://axabank.be.service-handeling.web.nitro-host.space/login
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 May 2020 13:46:26 GMT
server
nginx
x-powered-by
PHP/7.4.5, PleskLin
content-type
text/html; charset=UTF-8
status
200
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 19 Nov 1981 08:52:00 GMT
heartbeat
axabank.be.service-handeling.web.nitro-host.space/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://axabank.be.service-handeling.web.nitro-host.space/heartbeat
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.11.203 , France, ASN16276 (OVH, FR),
Reverse DNS
plesk02.nitro-host.de
Software
nginx / PHP/7.4.5, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://axabank.be.service-handeling.web.nitro-host.space/login
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 May 2020 13:46:27 GMT
server
nginx
x-powered-by
PHP/7.4.5, PleskLin
content-type
text/html; charset=UTF-8
status
200
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 19 Nov 1981 08:52:00 GMT
heartbeat
axabank.be.service-handeling.web.nitro-host.space/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://axabank.be.service-handeling.web.nitro-host.space/heartbeat
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.11.203 , France, ASN16276 (OVH, FR),
Reverse DNS
plesk02.nitro-host.de
Software
nginx / PHP/7.4.5, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://axabank.be.service-handeling.web.nitro-host.space/login
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 May 2020 13:46:28 GMT
server
nginx
x-powered-by
PHP/7.4.5, PleskLin
content-type
text/html; charset=UTF-8
status
200
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 19 Nov 1981 08:52:00 GMT
heartbeat
axabank.be.service-handeling.web.nitro-host.space/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://axabank.be.service-handeling.web.nitro-host.space/heartbeat
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.11.203 , France, ASN16276 (OVH, FR),
Reverse DNS
plesk02.nitro-host.de
Software
nginx / PHP/7.4.5, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://axabank.be.service-handeling.web.nitro-host.space/login
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 May 2020 13:46:29 GMT
server
nginx
x-powered-by
PHP/7.4.5, PleskLin
content-type
text/html; charset=UTF-8
status
200
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 19 Nov 1981 08:52:00 GMT
heartbeat
axabank.be.service-handeling.web.nitro-host.space/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
axabank.be.service-handeling.web.nitro-host.space
URL
https://axabank.be.service-handeling.web.nitro-host.space/heartbeat

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Axa (Insurance)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery number| interval function| doAjax

5 Cookies

Domain/Path Name / Value
.www.axabank.be/ Name: TS0154f53f
Value: 01f064368a205bf9237e1509aa00ad27c3e08844f3c0cc05f513e64b9181072436bab6e71c306024d85fed0bf996e970f5b4c22dee
www.axabank.be/ Name: tls_notification_exp
Value: exp=11/05/2020 16:10:20
.axabank.be/ Name: dtCookie
Value: v_4_srv_1_sn_3BD3D89A39DE68576925FE6B2AFDF778_perc_100000_ol_0_mul_1
www.axabank.be/ Name: axa#lang
Value: nl
axabank.be.service-handeling.web.nitro-host.space/ Name: PHPSESSID
Value: 3a80tcbe1nvdh7m7jv6hqotnek