products.vab.be
Open in
urlscan Pro
84.199.66.5
Malicious Activity!
Public Scan
Submission: On February 03 via api from BE — Scanned from DE
Summary
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on January 18th 2023. Valid for: a year.
This is the only time products.vab.be was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Transportation (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 84.199.66.5 84.199.66.5 | 6848 (TELENET-AS) (TELENET-AS) | |
10 | 185.8.54.21 185.8.54.21 | 47957 (ING-AS) (ING-AS) | |
22 | 2 |
ASN6848 (TELENET-AS, BE)
PTR: 84-199-66-5.iFiber.telenet-ops.be
products.vab.be |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
vab.be
products.vab.be |
29 KB |
10 |
paypage.be
secure.paypage.be |
17 KB |
22 | 2 |
Domain | Requested by | |
---|---|---|
12 | products.vab.be |
products.vab.be
|
10 | secure.paypage.be |
products.vab.be
|
22 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
secure.paypage.be |
www.visaeurope.com |
www.mastercard.us |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.vab.be GlobalSign GCC R3 DV TLS CA 2020 |
2023-01-18 - 2024-02-19 |
a year | crt.sh |
secure.paypage.be DigiCert SHA2 Extended Validation Server CA |
2023-08-23 - 2024-08-21 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://products.vab.be/IndirectProductSalePayment/KbcPayPage.aspx?id=9fc91df6-58b0-4ee6-a9d9-eaa8e08a5c87
Frame ID: 6E428119C5F20E9008B660B2127F53ED
Requests: 22 HTTP requests in this frame
Screenshot
Page Title
Payment confirmationDetected technologies
Microsoft ASP.NET (Web Frameworks) ExpandDetected patterns
- \.aspx?(?:$|\?)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: Kan ik daadwerkelijk betalen met mijn Maestro kaart?
Search URL Search Domain Scan URL
Title: Privacy verklaring: Welke persoonsgegevens worden verzameld en hoe worden deze gebruikt?
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Wettelijke informatie
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
KbcPayPage.aspx
products.vab.be/IndirectProductSalePayment/ |
14 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ingenicoResponsivePaymentPageTemplate_reset.css
products.vab.be/IndirectProductSalePayment/cdn/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ingenicoResponsivePaymentPageTemplate_template.css
products.vab.be/IndirectProductSalePayment/cdn/ |
67 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LogoVAB.png
products.vab.be/IndirectProductSalePayment/cdn/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
VISA_choice.gif
secure.paypage.be/images/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Eurocard_choice.gif
secure.paypage.be/images/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BCMC_choice.gif
secure.paypage.be/images/ |
1011 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Maestro_choice.gif
secure.paypage.be/images/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
KBC%20Online_choice.gif
secure.paypage.be/images/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CBC%20Online_choice.gif
secure.paypage.be/images/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
form_validation.js
products.vab.be/IndirectProductSalePayment/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.3.1.min.js
products.vab.be/IndirectProductSalePayment/js/jquery.core/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-migrate-1.4.1.min.js
products.vab.be/IndirectProductSalePayment/js/jquery.plugins/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Fp_inc.1.2.js
products.vab.be/IndirectProductSalePayment/js/fp/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base64_inc.js
products.vab.be/IndirectProductSalePayment/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
VISA_brand3D.gif
secure.paypage.be/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Eurocard_brand3D.gif
secure.paypage.be/images/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pp_paypage.gif
secure.paypage.be/images/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wait_turn.gif
secure.paypage.be/images/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Roboto-Regular.ttf
products.vab.be/IndirectProductSalePayment/cdn/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Roboto-Light.ttf
products.vab.be/IndirectProductSalePayment/cdn/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Roboto-Bold.ttf
products.vab.be/IndirectProductSalePayment/cdn/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Transportation (Transportation)17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| ncolwaitwindow number| ncolwaitwindowopen function| ShowWaitMsg function| my_submitAndWait function| justWait function| close_ncol_wait function| openPOPUP number| js_version string| AlertMSG_109 string| AlertMSG_110 string| AlertMSG_173 string| AlertMSG_1205 string| AlertMSG_111 string| AlertERR_907 string| AlertERR_95 string| AlertERR_96 object| OGONE4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
products.vab.be/ | Name: ASP.NET_SessionId Value: bjocupmwdzgoi0mag35lok2o |
|
products.vab.be/ | Name: osVisitor Value: 323dbf12-2070-427b-a93a-6a3e6feb2984 |
|
products.vab.be/ | Name: osVisit Value: 9a3b440e-9a3d-443e-a6c6-908b17e55ad3 |
|
products.vab.be/ | Name: cookiesession1 Value: 678A3E42FD712F183F30C74EE3E0DCFF |
13 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'none' |
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
products.vab.be
secure.paypage.be
185.8.54.21
84.199.66.5
008086eb50541976bb7694c544370ba2f1823352c090dd59db1bbc3159eaffbe
0e9de1a574651d77360a041b9cdb9479e4779e690fc01f03c89a626d2cbfa196
1b67e9cfcde946b7bffea54756f250fe82de2920108c9cb758f95cee7cdc0a97
1fb6f4716a542fe80afcbde4af9e9ff034ed3cd432c5fe05aa5d94c148f34ae3
25d0495d0cabd8f2aaea3d96a8de857845b3086d2187bf1c48aad1bbd7dc682f
57a0832cc2cf9867af4262c000dec2c77be2051c24713429cbe7fbc6a81903c1
59b66845812b0f601bd3212774a8982a9aaf6d82074e258ea951e2465fad5407
c9650d5ccf8c9d0ece248e5c1476dc2af9506023ea837eea901db3213366e182
cef434a3b03235f477420b86de1d0ccd91f0f76ea9653f3da99d147660fc4308
cf788f14421f7b5a94bdc2b635a98145ef4ea7d3cd943aedfd42c96a6dd539c8
d565b49dc9d43a64de44911e1693ebedfa0718c6dbf3b15580b2318d245653a4
e5abfb0cfde36fa4f5cfe03519c2df99c0a8ec87dbd32ab464615b75d780b7b0
f565e915a925778a5caa9279a8916b68656ab111c353acdebd3a4c2a9b840ce3
fa5b7ea31576281faefe8afb115aa1ac2a46c0e74590e8031a6161b54c9c8db0