urlscan.io logo urlscan.io
SecurityTrails logo

vlpps-tjeneste.zapto.org Open in urlscan Pro
46.23.108.128  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cl.gy/RWGYU
Effective URL: http://vlpps-tjeneste.zapto.org/index.php
Submission: On September 18 via manual from NO — Scanned from NO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 46.23.108.128, located in Kota Bharu, Malaysia and belongs to BULLETGROUP, BG. The main domain is vlpps-tjeneste.zapto.org.
This is the only time vlpps-tjeneste.zapto.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BankID (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 35.212.63.232 15169 (GOOGLE)
13 46.23.108.128 215762 (BULLETGROUP)
13 1
Apex Domain
Subdomains		 Transfer
13 zapto.org
vlpps-tjeneste.zapto.org
116 KB
1 cl.gy
cl.gy
414 B
13 2
Domain Requested by
13 vlpps-tjeneste.zapto.org vlpps-tjeneste.zapto.org
1 cl.gy 1 redirects
13 2

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://vlpps-tjeneste.zapto.org/index.php
Frame ID: 15F02B361C2B693814A98BE6C4807ABD
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://cl.gy/RWGYU HTTP 301
    http://vlpps-tjeneste.zapto.org/index.php HTTP 307
    https://vlpps-tjeneste.zapto.org/index.php HTTP 307
    http://vlpps-tjeneste.zapto.org/index.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

116 kB
Transfer

407 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cl.gy/RWGYU HTTP 301
    http://vlpps-tjeneste.zapto.org/index.php HTTP 307
    https://vlpps-tjeneste.zapto.org/index.php HTTP 307
    http://vlpps-tjeneste.zapto.org/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
vlpps-tjeneste.zapto.org/
Redirect Chain
  • https://cl.gy/RWGYU
  • http://vlpps-tjeneste.zapto.org/index.php
  • https://vlpps-tjeneste.zapto.org/index.php
  • http://vlpps-tjeneste.zapto.org/index.php
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://vlpps-tjeneste.zapto.org/index.php
Protocol
HTTP/1.1
Server
46.23.108.128 Kota Bharu, Malaysia, ASN215762 (BULLETGROUP, BG),
Reverse DNS
Software
nginx /
Resource Hash
bbc602ae227241efa8806e1c610e4b23c921d9df835dcda76e878603727f053d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
2255
Content-Type
text/html; charset=UTF-8
Date
Wed, 18 Sep 2024 12:17:11 GMT
Server
nginx
Vary
Accept-Encoding

Redirect headers

Location
http://vlpps-tjeneste.zapto.org/index.php
Non-Authoritative-Reason
HttpsUpgrades
base.css
vlpps-tjeneste.zapto.org/assets/css/ 		1 KB
1009 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://vlpps-tjeneste.zapto.org/assets/css/base.css
Requested by
Host: vlpps-tjeneste.zapto.org
URL: http://vlpps-tjeneste.zapto.org/index.php
Protocol
HTTP/1.1
Server
46.23.108.128 Kota Bharu, Malaysia, ASN215762 (BULLETGROUP, BG),
Reverse DNS
Software
nginx /
Resource Hash
8df5843326cbb863e1aa22c35ac28f63d1c8c3c832e53c81ceebd1b93ea55bb9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://vlpps-tjeneste.zapto.org/index.php

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"66e90fe5-563"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Date
Wed, 18 Sep 2024 12:17:11 GMT
Content-Type
text/css
Last-Modified
Tue, 17 Sep 2024 05:13:09 GMT
Server
nginx
Vary
Accept-Encoding
bid_202201130932.css
vlpps-tjeneste.zapto.org/assets/css/ 		129 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://vlpps-tjeneste.zapto.org/assets/css/bid_202201130932.css
Requested by
Host: vlpps-tjeneste.zapto.org
URL: http://vlpps-tjeneste.zapto.org/index.php
Protocol
HTTP/1.1
Server
46.23.108.128 Kota Bharu, Malaysia, ASN215762 (BULLETGROUP, BG),
Reverse DNS
Software
nginx /
Resource Hash
68865208ac1cc3b9a6a8bf2e7a8c6e95d90be33bbfd73bb9c682034199f176a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://vlpps-tjeneste.zapto.org/index.php

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"66e90fe5-20297"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Date
Wed, 18 Sep 2024 12:17:11 GMT
Content-Type
text/css
Last-Modified
Tue, 17 Sep 2024 05:13:09 GMT
Server
nginx
Vary
Accept-Encoding
bidtools.css
vlpps-tjeneste.zapto.org/assets/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://vlpps-tjeneste.zapto.org/assets/css/bidtools.css
Requested by
Host: vlpps-tjeneste.zapto.org
URL: http://vlpps-tjeneste.zapto.org/index.php
Protocol
HTTP/1.1
Server
46.23.108.128 Kota Bharu, Malaysia, ASN215762 (BULLETGROUP, BG),
Reverse DNS
Software
nginx /
Resource Hash
4e76b2ab23fff0a37d67349a0bbfb4a0ddd56702bbdde245910ec4ff29da0f00

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://vlpps-tjeneste.zapto.org/index.php

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"66e90fe5-cea"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Date
Wed, 18 Sep 2024 12:17:11 GMT
Content-Type
text/css
Last-Modified
Tue, 17 Sep 2024 05:13:09 GMT
Server
nginx
Vary
Accept-Encoding
oidc-client.min.css
vlpps-tjeneste.zapto.org/assets/css/ 		54 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://vlpps-tjeneste.zapto.org/assets/css/oidc-client.min.css
Requested by
Host: vlpps-tjeneste.zapto.org
URL: http://vlpps-tjeneste.zapto.org/index.php
Protocol
HTTP/1.1
Server
46.23.108.128 Kota Bharu, Malaysia, ASN215762 (BULLETGROUP, BG),
Reverse DNS
Software
nginx /
Resource Hash
bb1f2e4bbac40e08bcc5c46fe7875d5f780bf8351cd69736596316a40bb775a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://vlpps-tjeneste.zapto.org/index.php

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"66e90fe5-d773"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Date
Wed, 18 Sep 2024 12:17:11 GMT
Content-Type
text/css
Last-Modified
Tue, 17 Sep 2024 05:13:09 GMT
Server
nginx
Vary
Accept-Encoding
bid-browser-test.js
vlpps-tjeneste.zapto.org/assets/js/ 		31 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vlpps-tjeneste.zapto.org/assets/js/bid-browser-test.js
Requested by
Host: vlpps-tjeneste.zapto.org
URL: http://vlpps-tjeneste.zapto.org/index.php
Protocol
HTTP/1.1
Server
46.23.108.128 Kota Bharu, Malaysia, ASN215762 (BULLETGROUP, BG),
Reverse DNS
Software
nginx /
Resource Hash
39381ba5b010a9692b21305b2beb3907dfd3659f8313c48591cc8c5e160e4ec0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://vlpps-tjeneste.zapto.org/index.php

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"66e90fe6-7dd6"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Date
Wed, 18 Sep 2024 12:17:11 GMT
Content-Type
application/javascript
Last-Modified
Tue, 17 Sep 2024 05:13:10 GMT
Server
nginx
Vary
Accept-Encoding
bid-client-test.js
vlpps-tjeneste.zapto.org/assets/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vlpps-tjeneste.zapto.org/assets/js/bid-client-test.js
Requested by
Host: vlpps-tjeneste.zapto.org
URL: http://vlpps-tjeneste.zapto.org/index.php
Protocol
HTTP/1.1
Server
46.23.108.128 Kota Bharu, Malaysia, ASN215762 (BULLETGROUP, BG),
Reverse DNS
Software
nginx /
Resource Hash
58073f65138e969cd72ffac48ab1c60152f60787cfc731db74fc650551068baf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://vlpps-tjeneste.zapto.org/index.php

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"66e90fe6-2cb4"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Date
Wed, 18 Sep 2024 12:17:11 GMT
Content-Type
application/javascript
Last-Modified
Tue, 17 Sep 2024 05:13:10 GMT
Server
nginx
Vary
Accept-Encoding
ga.js
vlpps-tjeneste.zapto.org/assets/js/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vlpps-tjeneste.zapto.org/assets/js/ga.js
Requested by
Host: vlpps-tjeneste.zapto.org
URL: http://vlpps-tjeneste.zapto.org/index.php
Protocol
HTTP/1.1
Server
46.23.108.128 Kota Bharu, Malaysia, ASN215762 (BULLETGROUP, BG),
Reverse DNS
Software
nginx /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://vlpps-tjeneste.zapto.org/index.php

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"66e90fe7-b4c2"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Date
Wed, 18 Sep 2024 12:17:11 GMT
Content-Type
application/javascript
Last-Modified
Tue, 17 Sep 2024 05:13:11 GMT
Server
nginx
Vary
Accept-Encoding
helper21.js
vlpps-tjeneste.zapto.org/assets/js/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vlpps-tjeneste.zapto.org/assets/js/helper21.js
Requested by
Host: vlpps-tjeneste.zapto.org
URL: http://vlpps-tjeneste.zapto.org/index.php
Protocol
HTTP/1.1
Server
46.23.108.128 Kota Bharu, Malaysia, ASN215762 (BULLETGROUP, BG),
Reverse DNS
Software
nginx /
Resource Hash
632b66a7ac9ea99e8541b0cc5da49c7a1ec76b7edbfe7a5fd32cf35df87382e0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://vlpps-tjeneste.zapto.org/index.php

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"66e90fe7-7e29"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Date
Wed, 18 Sep 2024 12:17:11 GMT
Content-Type
application/javascript
Last-Modified
Tue, 17 Sep 2024 05:13:11 GMT
Server
nginx
Vary
Accept-Encoding
jquery-1.11.1.min.js
vlpps-tjeneste.zapto.org/assets/js/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vlpps-tjeneste.zapto.org/assets/js/jquery-1.11.1.min.js
Requested by
Host: vlpps-tjeneste.zapto.org
URL: http://vlpps-tjeneste.zapto.org/index.php
Protocol
HTTP/1.1
Server
46.23.108.128 Kota Bharu, Malaysia, ASN215762 (BULLETGROUP, BG),
Reverse DNS
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://vlpps-tjeneste.zapto.org/index.php

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"66e90fe7-1762a"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Date
Wed, 18 Sep 2024 12:17:11 GMT
Content-Type
application/javascript
Last-Modified
Tue, 17 Sep 2024 05:13:11 GMT
Server
nginx
Vary
Accept-Encoding
error.js
vlpps-tjeneste.zapto.org/assets/js/ 		305 B
623 B 		Script
General
Check archive.org
Download Go to
Full URL
http://vlpps-tjeneste.zapto.org/assets/js/error.js
Requested by
Host: vlpps-tjeneste.zapto.org
URL: http://vlpps-tjeneste.zapto.org/index.php
Protocol
HTTP/1.1
Server
46.23.108.128 Kota Bharu, Malaysia, ASN215762 (BULLETGROUP, BG),
Reverse DNS
Software
nginx /
Resource Hash
a63fb9da878b0ec21899ca5a9a208a28514577810e581a72643cdd4762113e39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://vlpps-tjeneste.zapto.org/index.php

Response headers

Cache-Control
max-age=315360000
ETag
"66e90fe7-131"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges
bytes
Content-Length
305
Date
Wed, 18 Sep 2024 12:17:11 GMT
Content-Type
application/javascript
Last-Modified
Tue, 17 Sep 2024 05:13:11 GMT
Server
nginx
oidc-client.min.js
vlpps-tjeneste.zapto.org/assets/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://vlpps-tjeneste.zapto.org/assets/js/oidc-client.min.js
Requested by
Host: vlpps-tjeneste.zapto.org
URL: http://vlpps-tjeneste.zapto.org/index.php
Protocol
HTTP/1.1
Server
46.23.108.128 Kota Bharu, Malaysia, ASN215762 (BULLETGROUP, BG),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://vlpps-tjeneste.zapto.org/index.php

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"5a7-622493856929d"
Connection
keep-alive
Date
Wed, 18 Sep 2024 12:17:11 GMT
Last-Modified
Tue, 17 Sep 2024 04:35:33 GMT
Content-Type
text/html
Vary
Accept-Encoding
Server
nginx
favicon.ico
vlpps-tjeneste.zapto.org/ 		1 KB
1016 B 		Other
General
Check archive.org
Download Go to
Full URL
http://vlpps-tjeneste.zapto.org/favicon.ico
Protocol
HTTP/1.1
Server
46.23.108.128 Kota Bharu, Malaysia, ASN215762 (BULLETGROUP, BG),
Reverse DNS
Software
nginx /
Resource Hash
3db3e045bef9eaf0968fafde505e50b7c5e6baf939167de18fe998f5e3b414ca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://vlpps-tjeneste.zapto.org/index.php

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"5a7-622493856929d"
Connection
keep-alive
Date
Wed, 18 Sep 2024 12:17:11 GMT
Last-Modified
Tue, 17 Sep 2024 04:35:33 GMT
Content-Type
text/html
Vary
Accept-Encoding
Server
nginx

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BankID (Banking)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| bidBrowserTest object| bidClientTest object| _gat object| _gaq object| bankidhelper function| $ function| jQuery function| eb

2 Cookies

Domain/Path Name / Value
cl.gy/ Name: PHPSESSID
Value: 847114ea4a42dc5102e169aaff81a5a0
cl.gy/ Name: short_114597
Value: 1

4 Console Messages

Source Level URL
Text
rendering warning URL: http://vlpps-tjeneste.zapto.org/index.php(Line 12)
Message:
The key "width-device-width" is not recognized and ignored.
rendering warning URL: http://vlpps-tjeneste.zapto.org/index.php(Line 12)
Message:
The key "initial-scale-1.8" is not recognized and ignored.
network error URL: http://vlpps-tjeneste.zapto.org/assets/js/oidc-client.min.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://vlpps-tjeneste.zapto.org/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)