URL: https://login-v2.fotoprotools.nl/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On April 28 via api from IT — Scanned from NL

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 149.210.163.70, located in Breda, Netherlands and belongs to TRANSIP-AS Amsterdam, the Netherlands, NL. The main domain is login-v2.fotoprotools.nl.
TLS certificate: Issued by R3 on April 25th 2024. Valid for: 3 months.
This is the only time login-v2.fotoprotools.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 149.210.163.70 20857 (TRANSIP-A...)
9 1
Apex Domain
Subdomains
Transfer
9 fotoprotools.nl
login-v2.fotoprotools.nl
244 KB
9 1
Domain Requested by
9 login-v2.fotoprotools.nl login-v2.fotoprotools.nl
9 1

This site contains no links.

Subject Issuer Validity Valid
login-v2.fotoprotools.nl
R3
2024-04-25 -
2024-07-24
3 months crt.sh

This page contains 1 frames:

Primary Page: https://login-v2.fotoprotools.nl/
Frame ID: 67517A6033640AA8141AA39E7F1097C0
Requests: 9 HTTP requests in this frame

Screenshot

Page Title

FotoProTools - Inloggen

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

244 kB
Transfer

242 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
login-v2.fotoprotools.nl/
2 KB
3 KB
Document
General
Full URL
https://login-v2.fotoprotools.nl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.210.163.70 Breda, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
fotoprotools-server-2
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d0773559aea9d3d9be584f4a24efaf937d5d2053777f345cb8393f2f12c28972

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
2502
content-type
text/html; charset=UTF-8
date
Sun, 28 Apr 2024 23:58:04 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
login.css
login-v2.fotoprotools.nl/application/modules/login/styles/
2 KB
2 KB
Stylesheet
General
Full URL
https://login-v2.fotoprotools.nl/application/modules/login/styles/login.css
Requested by
Host: login-v2.fotoprotools.nl
URL: https://login-v2.fotoprotools.nl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.210.163.70 Breda, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
fotoprotools-server-2
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1b340c8aa791e53cabdef1f9429caf58d3a0ca5931d6d028981e8aaf76a54773

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login-v2.fotoprotools.nl/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 28 Apr 2024 23:58:04 GMT
last-modified
Wed, 20 Nov 2019 11:03:16 GMT
server
Microsoft-IIS/10.0
etag
"d7f771c929fd51:0"
x-powered-by
ASP.NET
content-type
text/css
accept-ranges
bytes
content-length
1814
jquery-1.4.2.min.js
login-v2.fotoprotools.nl/application/js/plugins/jquery/
118 KB
118 KB
Script
General
Full URL
https://login-v2.fotoprotools.nl/application/js/plugins/jquery/jquery-1.4.2.min.js
Requested by
Host: login-v2.fotoprotools.nl
URL: https://login-v2.fotoprotools.nl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.210.163.70 Breda, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
fotoprotools-server-2
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a035adc3a8319ee78f7526fc2da9a4ef6a84531b9596f5cae3b41fea095c3acc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login-v2.fotoprotools.nl/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 28 Apr 2024 23:58:04 GMT
last-modified
Wed, 20 Nov 2019 11:03:11 GMT
server
Microsoft-IIS/10.0
etag
"a0d66b19929fd51:0"
x-powered-by
ASP.NET
content-type
application/javascript
accept-ranges
bytes
content-length
121026
interface-1.2.js
login-v2.fotoprotools.nl/application/js/plugins/jquery/
78 KB
78 KB
Script
General
Full URL
https://login-v2.fotoprotools.nl/application/js/plugins/jquery/interface-1.2.js
Requested by
Host: login-v2.fotoprotools.nl
URL: https://login-v2.fotoprotools.nl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.210.163.70 Breda, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
fotoprotools-server-2
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d5c3386e995fa4d87a0159f3a915f39bfa96edc71ec1ac4b96a279d978abcb00

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login-v2.fotoprotools.nl/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 28 Apr 2024 23:58:04 GMT
last-modified
Sat, 08 Aug 2020 07:31:47 GMT
server
Microsoft-IIS/10.0
etag
"80f3edf8556dd61:0"
x-powered-by
ASP.NET
content-type
application/javascript
accept-ranges
bytes
content-length
79404
default.js
login-v2.fotoprotools.nl/application/js/
3 KB
3 KB
Script
General
Full URL
https://login-v2.fotoprotools.nl/application/js/default.js
Requested by
Host: login-v2.fotoprotools.nl
URL: https://login-v2.fotoprotools.nl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.210.163.70 Breda, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
fotoprotools-server-2
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4db79e68b4f67aa5aef6697bf612d95b3e239b89f108839c2e70b65bf80ab69d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login-v2.fotoprotools.nl/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 28 Apr 2024 23:58:04 GMT
last-modified
Wed, 20 Nov 2019 11:02:55 GMT
server
Microsoft-IIS/10.0
etag
"588772f929fd51:0"
x-powered-by
ASP.NET
content-type
application/javascript
accept-ranges
bytes
content-length
3053
login.js
login-v2.fotoprotools.nl/application/modules/login/js/
0
0
Script
General
Full URL
https://login-v2.fotoprotools.nl/application/modules/login/js/login.js
Requested by
Host: login-v2.fotoprotools.nl
URL: https://login-v2.fotoprotools.nl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.210.163.70 Breda, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
fotoprotools-server-2
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login-v2.fotoprotools.nl/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 28 Apr 2024 23:58:04 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
539
content-type
text/html; charset=UTF-8
logo.png
login-v2.fotoprotools.nl/application/modules/login/images/
35 KB
35 KB
Image
General
Full URL
https://login-v2.fotoprotools.nl/application/modules/login/images/logo.png
Requested by
Host: login-v2.fotoprotools.nl
URL: https://login-v2.fotoprotools.nl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.210.163.70 Breda, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
fotoprotools-server-2
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c264abe23ab1242bdedf62d2fa13d1a4a996add2b9e3b7b294836c0973df6974

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login-v2.fotoprotools.nl/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 28 Apr 2024 23:58:04 GMT
last-modified
Wed, 20 Nov 2019 11:03:16 GMT
server
Microsoft-IIS/10.0
etag
"9d45721c929fd51:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
35585
kader.png
login-v2.fotoprotools.nl/application/modules/login/images/
4 KB
4 KB
Image
General
Full URL
https://login-v2.fotoprotools.nl/application/modules/login/images/kader.png
Requested by
Host: login-v2.fotoprotools.nl
URL: https://login-v2.fotoprotools.nl/application/modules/login/styles/login.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.210.163.70 Breda, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
fotoprotools-server-2
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bbda6399fd27b5d10eaf19a7cbb9cd5b286de2a43947b96b4213aa865283135c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login-v2.fotoprotools.nl/application/modules/login/styles/login.css
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 28 Apr 2024 23:58:04 GMT
last-modified
Wed, 20 Nov 2019 11:03:16 GMT
server
Microsoft-IIS/10.0
etag
"628b6d1c929fd51:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
3661
favicon.ico
login-v2.fotoprotools.nl/
894 B
983 B
Other
General
Full URL
https://login-v2.fotoprotools.nl/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.210.163.70 Breda, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
fotoprotools-server-2
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
50199a76ed8a159351efa5429563ef33cf91a2debbfea92a6a415ab1265ac191

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login-v2.fotoprotools.nl/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 28 Apr 2024 23:58:04 GMT
last-modified
Wed, 20 Nov 2019 11:02:53 GMT
server
Microsoft-IIS/10.0
etag
"6bedcfe929fd51:0"
x-powered-by
ASP.NET
content-type
image/x-icon
accept-ranges
bytes
content-length
894

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery undefined| unloadMessage function| changecss function| deleteChilds function| is_numeric function| open_url function| global_ban_ip function| startLoading function| stopLoading

1 Cookies

Domain/Path Name / Value
login-v2.fotoprotools.nl/ Name: fotoprotools30
Value: YlVFFnK9b9duWuARHR0jg417Whs0XTofxTTpjG952MI9auKIl8hfOTppmDuKYzl6LaZdis4YrwMJcgPxaC9Q9PqmKpUfW7Q3V0zDEoYYSGQXEaCrQ6SW7u6ZXgkZwGF2j5aAnagF2uKrhYu1DjBrnOtbsopQCchexSm5cW35UnlISJ0v3yRjJOnxeIbIJuBafP8LIdpofa1bEz6RiKj32Y5YPgjTM0IBq5wq%2BMDZhtuRT82KZ%2BkqxLpccVAH8fM2jiiR%2B2wffYiM4nvI13USgLh%2BhkLZlzibNiryzx6LqipIn9BgoDLnziFNF7xy5ibghL2j4IdBLUqQradpJrZPrQ%3D%3D

2 Console Messages

Source Level URL
Text
network error URL: https://login-v2.fotoprotools.nl/application/modules/login/js/login.js
Message:
Failed to load resource: the server responded with a status of 404 ()
recommendation verbose URL: https://login-v2.fotoprotools.nl/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o