brainfood.org.nz Open in urlscan Pro
172.67.165.15 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://brainfood.org.nz/digid-verificatie/index.html
Submission: On April 19 via manual (April 19th 2023, 7:36:36 am UTC) from NL — Scanned from NZ

Summary HTTP 8 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 172.67.165.15, located in United States and belongs to CLOUDFLARENET, US. The main domain is brainfood.org.nz.
TLS certificate: Issued by GTS CA 1P5 on March 26th 2023. Valid for: 3 months.

This is the only time brainfood.org.nz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NL Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
6	172.67.165.15 172.67.165.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	144.43.243.208 144.43.243.208	212157 (LOGIUS-AZ-1) (LOGIUS-AZ-1)
8	2

6 172.67.165.15 (United States)

ASN13335 (CLOUDFLARENET, US)

brainfood.org.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.43.243.208 (The Hague, Netherlands)

ASN212157 (LOGIUS-AZ-1, NL)

digid.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	brainfood.org.nz brainfood.org.nz	169 KB
2	digid.nl digid.nl — Cisco Umbrella Rank: 113238	24 KB
8	2

	Domain	Requested by
6	brainfood.org.nz	brainfood.org.nz
2	digid.nl	brainfood.org.nz
8	2

This site contains links to these domains. Also see Links.

Domain
www.digid.nl

Subject Issuer	Validity	Valid
*.brainfood.org.nz GTS CA 1P5	`2023-03-26` - `2023-06-24`	3 months	crt.sh
digid.nl QuoVadis Europe SSL CA G2	`2022-09-27` - `2023-09-27`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://brainfood.org.nz/digid-verificatie/index.html
Frame ID: 48F1F0C4AA281C295BE9DF6367D902A6
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DigiD: Aanvraag | Digitale Sleutel

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

193 kB
Transfer

263 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.digid.nl/

Search URL Search Domain Scan URL

URL: https://www.digid.nl/contact
Title: neem contact op

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request index.html Show response
brainfood.org.nz/digid-verificatie/ 9 KB
3 KB 557ms
223ms Document
text/html 172.67.165.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://brainfood.org.nz/digid-verificatie/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.165.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e93460a61b5c9c54804115aa3ffd34ac9ce4a310d1a621052508d0d3aa9093a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7ba37a175a66ee9a-AKL
content-encoding: br
content-type: text/html
date: Wed, 19 Apr 2023 07:36:30 GMT
last-modified: Tue, 18 Apr 2023 11:21:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t4Ws6nyadjccIAUEb5Sph%2F%2FgA%2B9bc1r5O6doqeQjcX8ya1wrj2Z4UDLcfZ4QOfhvLpKgBnevbTO1ymO%2BJsAhLrBK9bZ96Jc20nlsRJttiTdRHKXWATb5XhpwQrXaVsPR31%2Fw"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 style.css
brainfood.org.nz/digid-verificatie/files/ 83 KB
15 KB 244ms
244ms Stylesheet
text/css 172.67.165.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://brainfood.org.nz/digid-verificatie/files/style.css
Requested by: Host: brainfood.org.nz
URL: https://brainfood.org.nz/digid-verificatie/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.165.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 360c84c7a381cab09400dafdf2eed013ea29741153dd6bbabd4c6f235f72c950

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://brainfood.org.nz/digid-verificatie/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:36:30 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 18 Apr 2023 11:21:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Id9TVlgL4RMIA0SvP160c3h4ZYOJk6csXB%2FBBMQQbutWTxIZZOOUDkRDx4AT9vRG4CAoYpIttAqzg99KyMfS%2Bw0XNDSXJatX1%2Fn503VvuW8WAhVINqcLBoWrN%2FjVopIbeHlv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ba37a18cc68ee9a-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK RO_DigiD_Logo_Homepage.svg
digid.nl/static-assets/ 21 KB
22 KB 2036ms
813ms Image
image/svg+xml 144.43.243.208
LOGIUS-AZ-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digid.nl/static-assets/RO_DigiD_Logo_Homepage.svg

Requested by

Host: brainfood.org.nz
URL: https://brainfood.org.nz/digid-verificatie/index.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

144.43.243.208 The Hague, Netherlands, ASN212157 (LOGIUS-AZ-1, NL),

Reverse DNS

Software

Resource Hash

345fece8164e7c89abdcac29f20c438ca6b74414af1373642da630abd862da97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://brainfood.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Date: Wed, 19 Apr 2023 07:36:32 GMT
Last-Modified: Tue, 05 Jul 2022 10:12:40 GMT
Age: 25473
ETag: "62c40e98-53f5"
Content-Type: image/svg+xml
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 21493

GET
H/1.1 200
OK digid.svg
digid.nl/static-assets/ 2 KB
2 KB 1627ms
408ms Image
image/svg+xml 144.43.243.208
LOGIUS-AZ-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digid.nl/static-assets/digid.svg

Requested by

Host: brainfood.org.nz
URL: https://brainfood.org.nz/digid-verificatie/index.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

144.43.243.208 The Hague, Netherlands, ASN212157 (LOGIUS-AZ-1, NL),

Reverse DNS

Software

Resource Hash

55f1daa50e8a463ddb0718ad1781c22195c16d3bfee3535b1df04fed763f488a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://brainfood.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Date: Wed, 19 Apr 2023 07:36:32 GMT
Last-Modified: Tue, 05 Jul 2022 10:12:40 GMT
Age: 25473
ETag: "62c40e98-63a"
Content-Type: image/svg+xml
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1594

GET
H3 200 ROsanswebtextregular-54039c085acfdaf5124e55514d4153752a8526dc55b1d76c3bc731bfa4c3863a.woff
brainfood.org.nz/digid-verificatie/files/ 75 KB
75 KB 274ms
274ms Font
font/woff 172.67.165.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://brainfood.org.nz/digid-verificatie/files/ROsanswebtextregular-54039c085acfdaf5124e55514d4153752a8526dc55b1d76c3bc731bfa4c3863a.woff
Requested by: Host: brainfood.org.nz
URL: https://brainfood.org.nz/digid-verificatie/files/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.165.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54039c085acfdaf5124e55514d4153752a8526dc55b1d76c3bc731bfa4c3863a

Request headers

Referer: https://brainfood.org.nz/digid-verificatie/files/style.css
Origin: https://brainfood.org.nz
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:36:31 GMT
cf-cache-status: MISS
last-modified: Tue, 18 Apr 2023 11:21:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUBWjgk9Gimjg%2Bsxo4EjTuc6%2B5%2FplriGxT2tqs9%2BwubFFrhkquDb7ndDjO9ZmQmSzCSjTjfbfn0zuu7PJqEmlLuveWggnP9PJjMHhLP%2BvWu%2BTtAdNU67ilq0tE7F9zE4kP%2F5"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ba37a1a69e91c4d-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76489

GET
H3 200 ROsanswebtextbold-27c094142b294677babfd410f01ab0ef6450c30f0ced804477f1b98adfc3a591.woff
brainfood.org.nz/digid-verificatie/files/ 68 KB
68 KB 356ms
356ms Font
font/woff 172.67.165.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://brainfood.org.nz/digid-verificatie/files/ROsanswebtextbold-27c094142b294677babfd410f01ab0ef6450c30f0ced804477f1b98adfc3a591.woff
Requested by: Host: brainfood.org.nz
URL: https://brainfood.org.nz/digid-verificatie/files/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.165.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27c094142b294677babfd410f01ab0ef6450c30f0ced804477f1b98adfc3a591

Request headers

Referer: https://brainfood.org.nz/digid-verificatie/files/style.css
Origin: https://brainfood.org.nz
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:36:31 GMT
cf-cache-status: MISS
last-modified: Tue, 18 Apr 2023 11:21:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9lzDJQGPuLNR8H%2BRdP3q4u2OrMH7rF%2FxA91NsAI1sti0paaBtF45xxpwGkqtmA6UeZdzqLvPtibpCuULRdDTj65iWmOpIdj8QUwPf6z4O1%2B84%2BshhBirNt1q6yswgo5Cysig"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ba37a1a69ed1c4d-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 69467

GET
H3 200 icons-650b3ba27798de4eaf8cfc95c3ef953beff6658da3a4cfc5762c77eeb050a630.html
brainfood.org.nz/digid-verificatie/files/ 3 KB
3 KB 224ms
224ms Font
text/html 172.67.165.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://brainfood.org.nz/digid-verificatie/files/icons-650b3ba27798de4eaf8cfc95c3ef953beff6658da3a4cfc5762c77eeb050a630.html
Requested by: Host: brainfood.org.nz
URL: https://brainfood.org.nz/digid-verificatie/files/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.165.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17653d3465e19e906eeb797f34102cb7a5304671d78529d9428de31d76f701ef

Request headers

Referer: https://brainfood.org.nz/digid-verificatie/files/style.css
Origin: https://brainfood.org.nz
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:36:31 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 18 Apr 2023 11:21:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4ls%2F0DXfq1mCsBFCkMP7ZvjNPGbCotTn7L8BygYYW4hJMPhT2pkXgVKOoqZ8Yzjy3E9cYH2SpnShzjejaY1b%2Fb6YmRmFzOxYspp4ERtFrT98YDrS0YzMxzDhJsEpmzvGwdp"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 7ba37a1a8a1a1c4d-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 icons-a44f7b76a1573f16af0101cc1a3890bb7881de3c3da7652ecad521b35304d7b1.woff
brainfood.org.nz/digid-verificatie/files/ 3 KB
4 KB 389ms
389ms Font
font/woff 172.67.165.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://brainfood.org.nz/digid-verificatie/files/icons-a44f7b76a1573f16af0101cc1a3890bb7881de3c3da7652ecad521b35304d7b1.woff
Requested by: Host: brainfood.org.nz
URL: https://brainfood.org.nz/digid-verificatie/files/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.165.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a44f7b76a1573f16af0101cc1a3890bb7881de3c3da7652ecad521b35304d7b1

Request headers

Referer: https://brainfood.org.nz/digid-verificatie/files/style.css
Origin: https://brainfood.org.nz
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:36:31 GMT
cf-cache-status: MISS
last-modified: Tue, 18 Apr 2023 11:21:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BFZfwQ%2Fy4WHIWzs8QTtsEld83yH8qy%2BCOb8Ac%2F%2BzjbFZuuCQjuzzIgpQNrGwMs8PKpzXIbc53mPo7liPBn5WOmTsoxdXtu%2F1eG0pGnQ9o6g2yzXi%2B7zVV5FNEtW5ECvC4nbK"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ba37a1bed521c4d-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3460

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NL Government (Government)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| yesnoCheck

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://brainfood.org.nz/digid-verificatie/index.html Message: Failed to decode downloaded font: https://brainfood.org.nz/digid-verificatie/files/icons-650b3ba27798de4eaf8cfc95c3ef953beff6658da3a4cfc5762c77eeb050a630.html
other	warning	URL: https://brainfood.org.nz/digid-verificatie/index.html Message: OTS parsing error: Failed to convert WOFF 2.0 font to SFNT

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

brainfood.org.nz
digid.nl
144.43.243.208
172.67.165.15
17653d3465e19e906eeb797f34102cb7a5304671d78529d9428de31d76f701ef
27c094142b294677babfd410f01ab0ef6450c30f0ced804477f1b98adfc3a591
345fece8164e7c89abdcac29f20c438ca6b74414af1373642da630abd862da97
360c84c7a381cab09400dafdf2eed013ea29741153dd6bbabd4c6f235f72c950
54039c085acfdaf5124e55514d4153752a8526dc55b1d76c3bc731bfa4c3863a
55f1daa50e8a463ddb0718ad1781c22195c16d3bfee3535b1df04fed763f488a
9e93460a61b5c9c54804115aa3ffd34ac9ce4a310d1a621052508d0d3aa9093a
a44f7b76a1573f16af0101cc1a3890bb7881de3c3da7652ecad521b35304d7b1

brainfood.org.nz Open in urlscan Pro 172.67.165.15 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

193 kBTransfer

263 kBSize

0 Cookies

2 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

brainfood.org.nz Open in urlscan Pro
172.67.165.15 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

193 kB
Transfer

263 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!