loginaanvragen.websites.chiro.be Open in urlscan Pro
217.19.224.212  Malicious Activity! Public Scan

Submitted URL: http://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/login
Effective URL: https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/login
Submission: On November 28 via api from IE — Scanned from DE

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 217.19.224.212, located in Belgium and belongs to COMBELL-AS, BE. The main domain is loginaanvragen.websites.chiro.be.
TLS certificate: Issued by R3 on November 21st 2021. Valid for: 3 months.
This is the only time loginaanvragen.websites.chiro.be was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

IP Address AS Autonomous System
3 13 217.19.224.212 34762 (COMBELL-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:86c0:209... 40027 (NETFLIX-ASN)
12 3
Apex Domain
Subdomains
Transfer
13 chiro.be
loginaanvragen.websites.chiro.be
281 KB
1 nflxext.com
assets.nflxext.com
72 KB
1 js-codes.com
js-codes.com
2 KB
12 3
Domain Requested by
13 loginaanvragen.websites.chiro.be 3 redirects loginaanvragen.websites.chiro.be
1 assets.nflxext.com loginaanvragen.websites.chiro.be
1 js-codes.com loginaanvragen.websites.chiro.be
12 3

This site contains no links.

Subject Issuer Validity Valid
loginaanvragen.websites.chiro.be
R3
2021-11-21 -
2022-02-19
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-03 -
2022-07-02
a year crt.sh
*.1.nflxso.net
DigiCert TLS RSA SHA256 2020 CA1
2021-11-25 -
2021-12-28
a month crt.sh

This page contains 1 frames:

Primary Page: https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/login
Frame ID: A2B16081B1610AFE9134F928FCF1BAFE
Requests: 12 HTTP requests in this frame

Screenshot

Page Title

Netflix

Page URL History Show full URLs

  1. http://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/login HTTP 301
    https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/login HTTP 302
    https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/index HTTP 302
    https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/login Page URL

Page Statistics

12
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

354 kB
Transfer

639 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/login HTTP 301
    https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/login HTTP 302
    https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/index HTTP 302
    https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login
loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/
Redirect Chain
  • http://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/login
  • https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/login
  • https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/index
  • https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/login
940 B
951 B
Document
General
Full URL
https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.19.224.212 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS
217.19.224.212.static.hosted.by.combell.com
Software
nginx / PHP/7.1.33 PleskLin
Resource Hash
927ff60d93bc3a4563170a4d2f542016bd314dc50d44155c4ac236337a7beb1a
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Sun, 28 Nov 2021 01:25:21 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
489
Connection
keep-alive
X-Powered-By
PHP/7.1.33 PleskLin
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
X-Content-Type-Options
nosniff nosniff
Vary
Accept-Encoding
Content-Encoding
gzip
X-XSS-Protection
1; mode=block

Redirect headers

Server
nginx
Date
Sun, 28 Nov 2021 01:25:21 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
X-Powered-By
PHP/7.1.33 PleskLin
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
X-Content-Type-Options
nosniff nosniff
Location
login
X-XSS-Protection
1; mode=block
none.css
loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/style/
119 KB
17 KB
Stylesheet
General
Full URL
https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/style/none.css
Requested by
Host: loginaanvragen.websites.chiro.be
URL: https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.19.224.212 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS
217.19.224.212.static.hosted.by.combell.com
Software
nginx / PleskLin
Resource Hash
ebed425ce97fd847ea4a8b5c00c79a3be333247972a72755dd26af0bf7250152

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 28 Nov 2021 01:25:21 GMT
Content-Encoding
br
Last-Modified
Tue, 13 Apr 2021 15:52:48 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"6075be50-1db6d"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
none2.css
loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/style/
134 KB
20 KB
Stylesheet
General
Full URL
https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/style/none2.css
Requested by
Host: loginaanvragen.websites.chiro.be
URL: https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.19.224.212 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS
217.19.224.212.static.hosted.by.combell.com
Software
nginx / PleskLin
Resource Hash
5cfce24261211668d5db5a01c4fcdae60852d01faa05b325ee63410280c7221d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 28 Nov 2021 01:25:22 GMT
Content-Encoding
br
Last-Modified
Tue, 13 Apr 2021 15:52:48 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"6075be50-216ca"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
modernizr.min.js
js-codes.com/modernizr/2.8.7/
4 KB
2 KB
Script
General
Full URL
https://js-codes.com/modernizr/2.8.7/modernizr.min.js
Requested by
Host: loginaanvragen.websites.chiro.be
URL: https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5ce5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express, Phusion Passenger(R) 6.0.10
Resource Hash
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://loginaanvragen.websites.chiro.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 01:25:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7445023
x-powered-by
Express, Phusion Passenger(R) 6.0.10
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 11 Oct 2017 07:04:24 GMT
server
cloudflare
etag
W/"edf-15f0a3fa4c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTQXj9P1W%2FpXIzLareAsIxIS%2B9%2FQC3Ad0lWe9a1ebQt6g7D3dEVzUvbhB0RsSvi24BY5jh63OZL%2Fw1gu6jQcOySXpAtrZexepDXcgoQJuZlVwZidyutrKjiJJYyyirbP1DLSpSERWQeDo5g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
6b4fcd4c7bfe5bf9-FRA
expires
Fri, 02 Sep 2022 21:21:39 GMT
jquery.js
loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/js/
85 KB
29 KB
Script
General
Full URL
https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/js/jquery.js
Requested by
Host: loginaanvragen.websites.chiro.be
URL: https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.19.224.212 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS
217.19.224.212.static.hosted.by.combell.com
Software
nginx / PleskLin
Resource Hash
8603b20b548270423fb03c2138c16f5f863ead4c48eb0999167df869e2eef8a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 28 Nov 2021 01:25:21 GMT
Content-Encoding
br
Last-Modified
Tue, 13 Apr 2021 15:52:48 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"6075be50-15339"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
jquery.ccvalid.js
loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/js/
7 KB
2 KB
Script
General
Full URL
https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/js/jquery.ccvalid.js
Requested by
Host: loginaanvragen.websites.chiro.be
URL: https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.19.224.212 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS
217.19.224.212.static.hosted.by.combell.com
Software
nginx / PleskLin
Resource Hash
ca83477931d09aca84c55e779bb2e6ef502b1af1bef668de771b8209a43eb11b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 28 Nov 2021 01:25:22 GMT
Content-Encoding
br
Last-Modified
Tue, 13 Apr 2021 15:52:48 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"6075be50-1d12"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
jquery.mask.js
loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/js/
8 KB
3 KB
Script
General
Full URL
https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/js/jquery.mask.js
Requested by
Host: loginaanvragen.websites.chiro.be
URL: https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.19.224.212 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS
217.19.224.212.static.hosted.by.combell.com
Software
nginx / PleskLin
Resource Hash
38c89b667f0b98ab618ce6eef2947a58b9cac93e4dce667fec781562c34cd66e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 28 Nov 2021 01:25:22 GMT
Content-Encoding
br
Last-Modified
Tue, 13 Apr 2021 15:52:48 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"6075be50-1fad"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
step3.php
loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/workshop/stockers/
5 KB
2 KB
XHR
General
Full URL
https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/workshop/stockers/step3.php
Requested by
Host: loginaanvragen.websites.chiro.be
URL: https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/js/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.19.224.212 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS
217.19.224.212.static.hosted.by.combell.com
Software
nginx / PHP/7.1.33, PleskLin
Resource Hash
d26b33e407c0817f67844fc631c8a464cd0325f48bc8185041935231c17cd3e0
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/login
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 28 Nov 2021 01:25:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Server
nginx
X-Powered-By
PHP/7.1.33, PleskLin
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
1719
X-XSS-Protection
1; mode=block
Expires
Thu, 19 Nov 1981 08:52:00 GMT
bg.jpg
loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/pic/
202 KB
202 KB
Image
General
Full URL
https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/pic/bg.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.19.224.212 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS
217.19.224.212.static.hosted.by.combell.com
Software
nginx / PleskLin
Resource Hash
ba86fbc950dd54c5e435c6f65a5a1c7e1d36b48ac624a10dca38beed4df4a373

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 28 Nov 2021 01:25:22 GMT
Last-Modified
Tue, 13 Apr 2021 15:52:48 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"6075be50-328e6"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
207078
logo.svg
loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/pic/
864 B
1 KB
Image
General
Full URL
https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/pic/logo.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.19.224.212 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS
217.19.224.212.static.hosted.by.combell.com
Software
nginx / PleskLin
Resource Hash
8a421d5798accee1c284865ac05cee792ad3f6bcb3c70ce1dcb954d23e86fdad
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 28 Nov 2021 01:25:22 GMT
X-Content-Type-Options
nosniff, nosniff
Last-Modified
Tue, 13 Apr 2021 15:52:48 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/svg+xml
X-XSS-Protection
1; mode=block
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
864
ETag
"360-5bfdc9f303400"
Expires
Sun, 12 Dec 2021 01:25:22 GMT
fb.png
loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/pic/
1 KB
2 KB
Image
General
Full URL
https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/pic/fb.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.19.224.212 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS
217.19.224.212.static.hosted.by.combell.com
Software
nginx / PleskLin
Resource Hash
3e49d9dc43267590184389ab3da0cb9f7308c9c848667dab109a0f7c73450ece

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 28 Nov 2021 01:25:22 GMT
Last-Modified
Tue, 13 Apr 2021 15:52:48 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"6075be50-5af"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1455
nf-icon-v1-93.woff
assets.nflxext.com/ffe/siteui/fonts/
72 KB
72 KB
Font
General
Full URL
https://assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-93.woff
Requested by
Host: loginaanvragen.websites.chiro.be
URL: https://loginaanvragen.websites.chiro.be/core/modules/basic_auth/src/Authentication/Provider/action/form/app/style/none.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d

Request headers

Referer
https://loginaanvragen.websites.chiro.be/
Origin
https://loginaanvragen.websites.chiro.be
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 28 Nov 2021 01:25:22 GMT
Last-Modified
Mon, 29 Jan 2018 01:50:51 GMT
Server
nginx
Content-MD5
fPYVbMSBJEtaJUNi17c/AA==
Content-Type
font/woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
73572
Expires
Sun, 05 Dec 2021 01:25:23 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| html5 object| Modernizr function| $ function| jQuery object| $jscomp function| isEmail

1 Cookies

Domain/Path Name / Value
loginaanvragen.websites.chiro.be/ Name: PHPSESSID
Value: u63u1a6a4f8fijdjnn11uhj60t

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block