urlscan.io logo urlscan.io
SecurityTrails logo

bs10553918.com Open in urlscan Pro
2606:4700:3031::6815:d34  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bs10553918.com/
Effective URL: https://bs10553918.com/Be/Home/?index=27167&feeder=add056ee9ca0af910289b5a3ca47f5746c16457f
Submission: On March 05 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 4 HTTP transactions. The main IP is 2606:4700:3031::6815:d34, located in United States and belongs to CLOUDFLARENET, US. The main domain is bs10553918.com.
TLS certificate: Issued by GTS CA 1P5 on February 19th 2024. Valid for: 3 months.
This is the only time bs10553918.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Belgian Government (Government)

Domain & IP information

IP Address AS Autonomous System
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
3 7 2606:4700:303... 13335 (CLOUDFLAR...)
4 2
Apex Domain
Subdomains		 Transfer
9 bs10553918.com
bs10553918.com
325 KB
4 1
Domain Requested by
9 bs10553918.com 5 redirects bs10553918.com
4 1
Subject Issuer Validity Valid
bs10553918.com
GTS CA 1P5		 2024-02-19 -
2024-05-19		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://bs10553918.com/Be/Home/?index=27167&feeder=add056ee9ca0af910289b5a3ca47f5746c16457f
Frame ID: C3C771E8A7B1D58DCD11DD4FF203DCC9
Requests: 12 HTTP requests in this frame

Frame: https://bs10553918.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
Frame ID: A9D10AEEDA510DB5BC96D4684BF41E9F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FOD Financiƫn |

Page URL History Show full URLs

  1. http://bs10553918.com/ HTTP 301
    https://bs10553918.com/ HTTP 302
    https://bs10553918.com/Be/Home?index=27167&feeder=add056ee9ca0af910289b5a3ca47f5746c16457f HTTP 301
    http://bs10553918.com/Be/Home/?index=27167&feeder=add056ee9ca0af910289b5a3ca47f5746c16457f HTTP 301
    https://bs10553918.com/Be/Home/?index=27167&feeder=add056ee9ca0af910289b5a3ca47f5746c16457f Page URL

Page Statistics

4
Requests

75 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

433 kB
Transfer

820 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bs10553918.com/ HTTP 301
    https://bs10553918.com/ HTTP 302
    https://bs10553918.com/Be/Home?index=27167&feeder=add056ee9ca0af910289b5a3ca47f5746c16457f HTTP 301
    http://bs10553918.com/Be/Home/?index=27167&feeder=add056ee9ca0af910289b5a3ca47f5746c16457f HTTP 301
    https://bs10553918.com/Be/Home/?index=27167&feeder=add056ee9ca0af910289b5a3ca47f5746c16457f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://bs10553918.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://bs10553918.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bs10553918.com/Be/Home/
Redirect Chain
  • http://bs10553918.com/
  • https://bs10553918.com/
  • https://bs10553918.com/Be/Home?index=27167&feeder=add056ee9ca0af910289b5a3ca47f5746c16457f
  • http://bs10553918.com/Be/Home/?index=27167&feeder=add056ee9ca0af910289b5a3ca47f5746c16457f
  • https://bs10553918.com/Be/Home/?index=27167&feeder=add056ee9ca0af910289b5a3ca47f5746c16457f
664 KB
317 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bs10553918.com/Be/Home/?index=27167&feeder=add056ee9ca0af910289b5a3ca47f5746c16457f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:d34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea039eab2e0d2dd88800dffb6482f8cfe2559a219a50a9ae14ad9b9f56d49f58

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85fc32e9df3665a4-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 05 Mar 2024 18:34:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFSoUZlckxognNrKui91hvZresg0HngPnLfpXrI9tlxFnkrO5DI%2Fwr9DHjTuIXZqw5N29Vb87yCo120U51BhMRPQB%2BsjUk5a8v9s5mLXCFe1AEEKV7iZx852GLAPLfR4r03z5If678DSgUxoog%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
85fc32e9ada571d7-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 05 Mar 2024 18:34:13 GMT
Expires
Tue, 05 Mar 2024 19:34:13 GMT
Location
https://bs10553918.com/Be/Home/?index=27167&feeder=add056ee9ca0af910289b5a3ca47f5746c16457f
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6KGNMVAb8ibIA5kayz4L%2Fnu32FiOae1mzr4sGC7uPWQ3A%2BfU%2F0fXDN124VQV3V%2FWmjYhNOJgNm%2BGT4ImyKRjQXqRkpc%2Bien90bmKmmg1k7K5x7P6FUP8xShd%2Fx13H27cCOLQJTpmEn52mXr0dg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eec4ddc2f0495ada45849e96fa6ade552674a9235ee809b9c0972fbe79c54ae8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		28 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a606db6e740bc39e538759c37b1d1e745187c87cc7a5089da2c0bd4b6d847c69

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/png
download.png
bs10553918.com/Be/Home/ 		687 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bs10553918.com/Be/Home/download.png
Requested by
Host: bs10553918.com
URL: https://bs10553918.com/Be/Home/?index=27167&feeder=add056ee9ca0af910289b5a3ca47f5746c16457f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:d34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0978941e0ea2f1f18b7cb49d07725dfa894d601ee13ef617e699a286b6a6bcc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bs10553918.com/Be/Home/?index=27167&feeder=add056ee9ca0af910289b5a3ca47f5746c16457f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 18:34:13 GMT
cf-cache-status
MISS
last-modified
Mon, 26 Feb 2024 18:18:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2af-6124cf0bd0d80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhmLMUrybDBVvVCF1eH3rnTvDU5uQKDUl5aJv3n6I68RT3Y%2Frsn3G2PBdIaGrrlJ41Y2iDpCVkcWqnLekkweXlNRIwIetSL0kK7%2F2MxdLyNuKHMh%2B7ydrN34%2FPpOyRpbYPR%2Bpmyp3g%2BFcXUZmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85fc32eb9a2365a4-FRA
alt-svc
h3=":443"; ma=86400
content-length
687
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14460d5a4721b5fbed88dcd352c1da40319ceff6b1564c3d26dd15ac65ee1d84

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		153 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36e06adf8ae9795e359eee78d24e09452454d9b960b88e40a0695b0181270247

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		602 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bce6e11a010b164be9a8e73103a3bc6bd76ed96f0c193cfd1990da6dc4844462

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb3774cd774072d44c613de53ba5b08f7ce7f9fde55db0f8d0a0eff6985a5b10

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b698407285ef8fb2871c5a26ebaec3dc974f9ff2dea034ed2a7ba3f78dd63fe

Request headers

Referer
Origin
https://bs10553918.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
74048eb074a46e6d72738535563ed48e7ea08fd46fff17018b76027e1f0eec80

Request headers

Referer
Origin
https://bs10553918.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
Origin
https://bs10553918.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
application/octet-stream
truncated
/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a6afbd6afc9c1b8edf7390c1b2b13130ef1b96a61aefdd5d3860e05da6cedea

Request headers

Referer
Origin
https://bs10553918.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
font/woff2
main.js
bs10553918.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/ Frame A9D1
Redirect Chain
  • https://bs10553918.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://bs10553918.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs10553918.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
Requested by
Host: bs10553918.com
URL: https://bs10553918.com/Be/Home/?index=27167&feeder=add056ee9ca0af910289b5a3ca47f5746c16457f
Protocol
H3
Server
2606:4700:3031::6815:d34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f1bbc566b03b8765a77143b1535734dc9120229dac9ecad8230626c79e12cca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 18:34:13 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y28WNjs9Fo7ZjjyodWbPESsqTijm%2F9UAHgxaGFDbyWbH4HfXttpRH6UakKEXWU6jxfwbkTDNHVZYuo0eYuLwa1j18IAVGC7E6%2Bcp%2Bz3TG1b6HTqbFNkeP4wRIeAF4zdHas1TSt5a%2BRPupA%2B9aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
85fc32ec1af865a4-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 05 Mar 2024 18:34:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPrrrxnWARQj2gv9LJubOH0wvW%2BendmvrWPQbXXKUVjLAM0UL2ahjkchyp31oZt01MmYNXD3VnspS2gpqMqyubCPJ5%2B6%2BbglEFLmEr0yUabfdeDhXbfqDAI2lFDYydgC8gY%2BBZ5yBH4jj1w6TA%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
85fc32ebeaa665a4-FRA
alt-svc
h3=":443"; ma=86400
85fc32e9df3665a4
bs10553918.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame A9D1 		0
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs10553918.com/cdn-cgi/challenge-platform/h/b/jsd/r/85fc32e9df3665a4
Requested by
Host: bs10553918.com
URL: https://bs10553918.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:d34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 05 Mar 2024 18:34:13 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sD7zRZNk4qPvluXpAh79uQDHZq4tMGq%2BxdftWcIKZNZbcJj1If3%2Fb2r2W87sKqzUkQF0DVb97q0cdDfUhYDmY27vO2yXjqM4WpstQofxHP6U4wqEj6gN%2BFKMjRD8lhU1h%2Fe6BBFPRp91t15%2B2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
85fc32ecabdc65a4-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Belgian Government (Government)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| savepage_ShadowLoader

1 Cookies

Domain/Path Name / Value
.bs10553918.com/ Name: cf_clearance
Value: chmdThTiiUK1.OpO9bMmOFWGRd6ePo4wZnDmrcXunco-1709663653-1.0.1.1-Z2UJAbqtVKKYo9YheQGeqZtKdmX.qm7P82k9szHl2uPr0zFaoH82OL4RkxNLXDKJCdkpfBKGugQUpIDaHtiiLQ