bosmansbaan.top Open in urlscan Pro
2606:4700:30::681b:bb5d Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bosmansbaan.top/hsbc/sky.htm
Submission: On December 11 via automatic, source phishtank (December 11th 2019, 2:15:55 pm UTC)

Summary HTTP 16 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 3 IPs in 4 countries across 4 domains to perform 16 HTTP transactions. The main IP is 2606:4700:30::681b:bb5d, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is bosmansbaan.top.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on December 10th 2019. Valid for: 10 months.

This is the only time bosmansbaan.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sky (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
14	2606:4700:30:... 2606:4700:30::681b:bb5d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2 2	15.188.105.205 15.188.105.205	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	23.45.99.242 23.45.99.242	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2.16.186.8 2.16.186.8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	3

14 2606:4700:30::681b:bb5d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

bosmansbaan.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.188.105.205 (Paris, France) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-15-188-105-205.eu-west-3.compute.amazonaws.com

smetrics.sky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.45.99.242 (Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-99-242.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-8.deploy.static.akamaitechnologies.com

skyidassets-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	bosmansbaan.top bosmansbaan.top	60 KB
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com	958 B
2	sky.com 2 redirects smetrics.sky.com	1 KB
1	akamaihd.net skyidassets-a.akamaihd.net
16	4

	Domain	Requested by
14	bosmansbaan.top	bosmansbaan.top
2	sb.scorecardresearch.com	1 redirects bosmansbaan.top
2	smetrics.sky.com	2 redirects
1	skyidassets-a.akamaihd.net	bosmansbaan.top
16	4

This site contains links to these domains. Also see Links.

Domain
www.sky.com
skyid.sky.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-12-10` - `2020-10-09`	10 months	crt.sh
*.scorecardresearch.com COMODO RSA Organization Validation Secure Server CA	`2018-11-28` - `2019-12-26`	a year	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2019-08-13` - `2020-08-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://bosmansbaan.top/hsbc/sky.htm
Frame ID: 9EDB18DF585EBDE3C39B9CA895891E16
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

16
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

4
Countries

60 kB
Transfer

143 kB
Size

1
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sky.com/
Title: Sky.com Home

Search URL Search Domain Scan URL

URL: https://www.sky.com/findandwatch/
Title: Find & Watch TV

Search URL Search Domain Scan URL

URL: http://www.sky.com/products/
Title: Sky Products

Search URL Search Domain Scan URL

URL: http://www.sky.com/shop/
Title: Shop

Search URL Search Domain Scan URL

URL: http://www.sky.com/mysky/
Title: My Sky

Search URL Search Domain Scan URL

URL: http://www.sky.com/helpcentre/
Title: Help & Support

Search URL Search Domain Scan URL

URL: https://skyid.sky.com/forgotusername/7b613a2768747470733a2f2f736b7969642e736b792e636f6d2f7369676e696e272c623a2768747470733a2f2f736b7969642e736b792e636f6d2f7369676e696e277d
Title: username

Search URL Search Domain Scan URL

URL: https://skyid.sky.com/resetpassword/7b613a2768747470733a2f2f736b7969642e736b792e636f6d2f7369676e696e272c623a2768747470733a2f2f736b7969642e736b792e636f6d2f7369676e696e277d
Title: password

Search URL Search Domain Scan URL

URL: https://skyid.sky.com/privacynotice
Title: Privacy & Cookies Notice

Search URL Search Domain Scan URL

URL: http://www.sky.com/helpcentre/account-and-billing/sky-id/what-is-sky-id/index.html
Title: Sky iD

Search URL Search Domain Scan URL

URL: https://skyid.sky.com/signup
Title: Sign up

Search URL Search Domain Scan URL

URL: https://skyid.sky.com/termsandconditions
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: http://www.sky.com/accessibility
Title: Accessibility Information

Search URL Search Domain Scan URL

URL: http://www.sky.com/helpcentre/contact-us/index.html
Title: Feedback

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://smetrics.sky.com/b/ss/bskybsiskyid,bskybnetworkglobal/1/H.22.1/s21482807212603?AQB=1&ndh=1&t=11%2F11%2F2019%2015%3A15%3A30%203%20-60&ce=UTF-8&ns=bskyb&pageName=sky%2Fportal%2Fskyid%2Fsignin%2Fskycom&g=D%3DReferer&ch=sky%2Fportal%2Fskyid%2Fsignin%2Fskycom&server=bosmansbaan.top&events=event1%2Cevent7&h1=D%3Dch&c9=https%3A%2F%2Fbosmansbaan.top%2Fhsbc%2Fsky.htm&v9=D%3Dc9&v11=not%20logged-in&v14=D%3Dc23&v19=signin%2Fskycom&c20=generic&v20=D%3Dc20&c23=sky%2Fportal%2Fskyid&c24=web&v24=D%3Dch&c25=sky%2Fportal%2Fskyid%2Fsignin&v26=D%3Dc25&c27=sky%2Fportal%2Fskyid%2Fsignin%2Fskycom&v29=D%3Dc27&v30=D%3Dc31&c31=sky%2Fportal%2Fskyid%2Fsignin%2Fskycom&c35=Wednesday_14_00&v35=D%3Dc35&c45=Direct%20Load&v45=D%3Dc45&c55=sky%2Fportal%2Fskyid%2Fsignin%2Fskycom&v55=sky%2Fportal%2Fskyid%2Fsignin%2Fskycom&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
https://smetrics.sky.com/b/ss/bskybsiskyid,bskybnetworkglobal/1/H.22.1/s21482807212603?AQB=1&pccr=true&vidn=2EF87D010515B81A-400009D953B1B66E&ndh=1&t=11%2F11%2F2019%2015%3A15%3A30%203%20-60&ce=UTF-8&ns=bskyb&pageName=sky%2Fportal%2Fskyid%2Fsignin%2Fskycom&g=D%3DReferer&ch=sky%2Fportal%2Fskyid%2Fsignin%2Fskycom&server=bosmansbaan.top&events=event1%2Cevent7&h1=D%3Dch&c9=https%3A%2F%2Fbosmansbaan.top%2Fhsbc%2Fsky.htm&v9=D%3Dc9&v11=not%20logged-in&v14=D%3Dc23&v19=signin%2Fskycom&c20=generic&v20=D%3Dc20&c23=sky%2Fportal%2Fskyid&c24=web&v24=D%3Dch&c25=sky%2Fportal%2Fskyid%2Fsignin&v26=D%3Dc25&c27=sky%2Fportal%2Fskyid%2Fsignin%2Fskycom&v29=D%3Dc27&v30=D%3Dc31&c31=sky%2Fportal%2Fskyid%2Fsignin%2Fskycom&c35=Wednesday_14_00&v35=D%3Dc35&c45=Direct%20Load&v45=D%3Dc45&c55=sky%2Fportal%2Fskyid%2Fsignin%2Fskycom&v55=sky%2Fportal%2Fskyid%2Fsignin%2Fskycom&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
https://sb.scorecardresearch.com/r?c2=6035677&d.c=gif&d.o=bskybsiskyid&d.x=7972757760&d.t=page&d.u=https%3A%2F%2Fbosmansbaan.top%2Fhsbc%2Fsky.htm HTTP 302
https://sb.scorecardresearch.com/r2?c2=6035677&d.c=gif&d.o=bskybsiskyid&d.x=7972757760&d.t=page&d.u=https%3A%2F%2Fbosmansbaan.top%2Fhsbc%2Fsky.htm

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request sky.htm Show response bosmansbaan.top/hsbc/	12 KB 4 KB	504ms 245ms	Document text/html	2606:4700:30::681b:bb5d Cloudflare
General Check archive.org Show headers Download Go to Full URL https://bosmansbaan.top/hsbc/sky.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:bb5d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `b343c784c4041ad99afa30767e48dad3e2f19fccec43539cd70f8049e99f125a` Request headers :method GET :authority bosmansbaan.top :scheme https :path /hsbc/sky.htm pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-user ?1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none sec-fetch-mode navigate accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-User ?1 Response headers status 200 date Wed, 11 Dec 2019 14:15:30 GMT content-type text/html set-cookie __cfduid=da63234544b7bb0d34104674f6010343e1576073729; expires=Fri, 10-Jan-20 14:15:29 GMT; path=/; domain=.bosmansbaan.top; HttpOnly; Secure last-modified Thu, 19 Dec 2013 16:59:20 GMT cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5438122bbdfccbc8-VIE content-encoding br
GET H2	200	i9pZJNIoLggAPd9e6eD08SqKTO2m6cd5YHxwI4FCSs1.css bosmansbaan.top/hsbc/sky_files/	45 KB 9 KB	23ms 22ms	Stylesheet text/css	2606:4700:30::681b:bb5d Cloudflare
General Check archive.org Show headers Download Go to Full URL https://bosmansbaan.top/hsbc/sky_files/i9pZJNIoLggAPd9e6eD08SqKTO2m6cd5YHxwI4FCSs1.css Requested by Host: bosmansbaan.top URL: https://bosmansbaan.top/hsbc/sky.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:bb5d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `c62a64b1042c1129c8efc5bf5364fd151f969b7329f49b9e60071dc24c8055ef` Request headers Referer https://bosmansbaan.top/hsbc/sky.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 11 Dec 2019 14:15:30 GMT content-encoding br cf-cache-status HIT last-modified Thu, 19 Dec 2013 16:45:38 GMT server cloudflare age 4371 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=14400 cf-ray 5438122d4d09cbc8-VIE
GET H2	200	yg3sZ9k7lcWkCv778tqKdRWQQJmLMdzoP2CgSPJfaDe.jpg bosmansbaan.top/hsbc/sky_files/	8 KB 8 KB	17ms 16ms	Image image/jpeg	2606:4700:30::681b:bb5d Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://bosmansbaan.top/hsbc/sky_files/yg3sZ9k7lcWkCv778tqKdRWQQJmLMdzoP2CgSPJfaDe.jpg Requested by Host: bosmansbaan.top URL: https://bosmansbaan.top/hsbc/sky.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:bb5d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `65adc1ff0cf1cd86e2cc081dddc32ec255a024dabc44d33b69bf920bc292caf2` Request headers Referer https://bosmansbaan.top/hsbc/sky.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 11 Dec 2019 14:15:30 GMT cf-cache-status HIT last-modified Thu, 19 Dec 2013 16:45:38 GMT server cloudflare age 4371 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5438122d4d0ccbc8-VIE content-length 8309
GET H2	200	reiRD0j1Bvao1uLjhDI5Ld9HOZ7whHz3NRCnUxN3py0.jpg bosmansbaan.top/hsbc/sky_files/	9 KB 9 KB	17ms 17ms	Image image/jpeg	2606:4700:30::681b:bb5d Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://bosmansbaan.top/hsbc/sky_files/reiRD0j1Bvao1uLjhDI5Ld9HOZ7whHz3NRCnUxN3py0.jpg Requested by Host: bosmansbaan.top URL: https://bosmansbaan.top/hsbc/sky.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:bb5d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `47f8d57f53f4cc2c7f2bce9e898ae39509f698b1f859919f61d712e06d68ad18` Request headers Referer https://bosmansbaan.top/hsbc/sky.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 11 Dec 2019 14:15:30 GMT cf-cache-status HIT last-modified Thu, 19 Dec 2013 16:45:38 GMT server cloudflare age 4371 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5438122d4d0fcbc8-VIE content-length 9072
GET H2	200	0Dvy4U3kls2YCU8b1nqIpMnXcKKvsAqEX6wQYkVwWnr.jpg bosmansbaan.top/hsbc/sky_files/	8 KB 8 KB	17ms 17ms	Image image/jpeg	2606:4700:30::681b:bb5d Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://bosmansbaan.top/hsbc/sky_files/0Dvy4U3kls2YCU8b1nqIpMnXcKKvsAqEX6wQYkVwWnr.jpg Requested by Host: bosmansbaan.top URL: https://bosmansbaan.top/hsbc/sky.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:bb5d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `d389f8bf28a07e1a87c076f9c47d98a8b25c8675cbbd7f706dcd812ceed2eb8d` Request headers Referer https://bosmansbaan.top/hsbc/sky.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 11 Dec 2019 14:15:30 GMT cf-cache-status HIT last-modified Thu, 19 Dec 2013 16:45:38 GMT server cloudflare age 4371 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5438122d4d21cbc8-VIE content-length 7998
GET H2	200	NXIoomMiuxKeR3lkaRpVfIrovhynaXKQCP1yJCSByFD.js Show response bosmansbaan.top/hsbc/sky_files/	2 KB 831 B	26ms 25ms	Script application/javascript	2606:4700:30::681b:bb5d Cloudflare
General Check archive.org Show headers Download Go to Full URL https://bosmansbaan.top/hsbc/sky_files/NXIoomMiuxKeR3lkaRpVfIrovhynaXKQCP1yJCSByFD.js Requested by Host: bosmansbaan.top URL: https://bosmansbaan.top/hsbc/sky.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:bb5d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `9e17600564e23df27ead6402aa77097233002991c4044ce35bbaeddc4b27563d` Request headers Referer https://bosmansbaan.top/hsbc/sky.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 11 Dec 2019 14:15:30 GMT content-encoding br cf-cache-status HIT last-modified Thu, 19 Dec 2013 16:45:38 GMT server cloudflare age 4371 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 5438122d4d19cbc8-VIE
GET H2	200	UOFeE9Nx6Y6nSOSdGtFsRBu7Npjb519Q77STobAYvsL.js Show response bosmansbaan.top/hsbc/sky_files/	57 KB 20 KB	32ms 32ms	Script application/javascript	2606:4700:30::681b:bb5d Cloudflare
General Check archive.org Show headers Download Go to Full URL https://bosmansbaan.top/hsbc/sky_files/UOFeE9Nx6Y6nSOSdGtFsRBu7Npjb519Q77STobAYvsL.js Requested by Host: bosmansbaan.top URL: https://bosmansbaan.top/hsbc/sky.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:bb5d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `bafec9798a0887516301289aa54ee3a9c1096fb4872d9f9fcfc524811f3aefdb` Request headers Referer https://bosmansbaan.top/hsbc/sky.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 11 Dec 2019 14:15:30 GMT content-encoding br cf-cache-status HIT last-modified Thu, 19 Dec 2013 16:45:38 GMT server cloudflare age 4371 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 5438122d4d20cbc8-VIE
GET H2	404	34iIVY3z3K3W7uySeXt1R2SysKWmVo1U6w0f6AiHj5g.png bosmansbaan.top/hsbc/sky_files/	315 B 315 B	251ms 251ms	Image text/html	2606:4700:30::681b:bb5d Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://bosmansbaan.top/hsbc/sky_files/34iIVY3z3K3W7uySeXt1R2SysKWmVo1U6w0f6AiHj5g.png Requested by Host: bosmansbaan.top URL: https://bosmansbaan.top/hsbc/sky.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:bb5d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers Referer https://bosmansbaan.top/hsbc/sky_files/i9pZJNIoLggAPd9e6eD08SqKTO2m6cd5YHxwI4FCSs1.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 11 Dec 2019 14:15:30 GMT content-encoding br cf-cache-status EXPIRED server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=iso-8859-1 status 404 cache-control max-age=14400 cf-ray 5438122d7df4cbc8-VIE
GET H2	404	HPllq1vv8AsuCJwr5ezgsYljUhmEbdekGpgj48DEVo7.gif bosmansbaan.top/hsbc/sky_files/	315 B 315 B	253ms 253ms	Image text/html	2606:4700:30::681b:bb5d Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://bosmansbaan.top/hsbc/sky_files/HPllq1vv8AsuCJwr5ezgsYljUhmEbdekGpgj48DEVo7.gif Requested by Host: bosmansbaan.top URL: https://bosmansbaan.top/hsbc/sky.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:bb5d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers Referer https://bosmansbaan.top/hsbc/sky_files/i9pZJNIoLggAPd9e6eD08SqKTO2m6cd5YHxwI4FCSs1.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 11 Dec 2019 14:15:30 GMT content-encoding br cf-cache-status EXPIRED server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=iso-8859-1 status 404 cache-control max-age=14400 cf-ray 5438122d7dfccbc8-VIE
GET H2	404	cW2nZACmUCcbAe28OZ5GElwF2V5EImQ8E8LQhohW5Or.gif bosmansbaan.top/hsbc/sky_files/	315 B 315 B	244ms 244ms	Image text/html	2606:4700:30::681b:bb5d Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://bosmansbaan.top/hsbc/sky_files/cW2nZACmUCcbAe28OZ5GElwF2V5EImQ8E8LQhohW5Or.gif Requested by Host: bosmansbaan.top URL: https://bosmansbaan.top/hsbc/sky.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:bb5d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers Referer https://bosmansbaan.top/hsbc/sky_files/i9pZJNIoLggAPd9e6eD08SqKTO2m6cd5YHxwI4FCSs1.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 11 Dec 2019 14:15:30 GMT content-encoding br cf-cache-status EXPIRED server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=iso-8859-1 status 404 cache-control max-age=14400 cf-ray 5438122d7dfdcbc8-VIE
GET H2	404	REkKelj2D2GvZY4MaUR6fTkbGvBN7kwvTAnTStBBugV.woff bosmansbaan.top/hsbc/sky_files/	0 0	237ms 237ms	Font text/html	2606:4700:30::681b:bb5d Cloudflare
General Check archive.org Show headers Download Go to Full URL https://bosmansbaan.top/hsbc/sky_files/REkKelj2D2GvZY4MaUR6fTkbGvBN7kwvTAnTStBBugV.woff Requested by Host: bosmansbaan.top URL: https://bosmansbaan.top/hsbc/sky.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:bb5d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://bosmansbaan.top/hsbc/sky_files/i9pZJNIoLggAPd9e6eD08SqKTO2m6cd5YHxwI4FCSs1.css Origin https://bosmansbaan.top Response headers date Wed, 11 Dec 2019 14:15:30 GMT content-encoding br cf-cache-status EXPIRED server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=iso-8859-1 status 404 cache-control max-age=14400 cf-ray 5438122d7e01cbc8-VIE
GET H2	404	Kl19rKAxTpqVT6864M1WJ3tt1cfX05KvbebLTrenuJQ.woff bosmansbaan.top/hsbc/sky_files/	0 0	254ms 254ms	Font text/html	2606:4700:30::681b:bb5d Cloudflare
General Check archive.org Show headers Download Go to Full URL https://bosmansbaan.top/hsbc/sky_files/Kl19rKAxTpqVT6864M1WJ3tt1cfX05KvbebLTrenuJQ.woff Requested by Host: bosmansbaan.top URL: https://bosmansbaan.top/hsbc/sky.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:bb5d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://bosmansbaan.top/hsbc/sky_files/i9pZJNIoLggAPd9e6eD08SqKTO2m6cd5YHxwI4FCSs1.css Origin https://bosmansbaan.top Response headers date Wed, 11 Dec 2019 14:15:30 GMT content-encoding br cf-cache-status EXPIRED server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=iso-8859-1 status 404 cache-control max-age=14400 cf-ray 5438122d7e04cbc8-VIE
GET H/1.1	200 OK	r2 sb.scorecardresearch.com/ Redirect Chain https://smetrics.sky.com/b/ss/bskybsiskyid,bskybnetworkglobal/1/H.22.1/s21482807212603?AQB=1&ndh=1&t=11%2F11%2F2019%2015%3A15%3A30%203%20-60&ce=UTF-8&ns=bskyb&pageName=sky%2Fportal%2Fskyid%2Fsignin... https://smetrics.sky.com/b/ss/bskybsiskyid,bskybnetworkglobal/1/H.22.1/s21482807212603?AQB=1&pccr=true&vidn=2EF87D010515B81A-400009D953B1B66E&ndh=1&t=11%2F11%2F2019%2015%3A15%3A30%203%20-60&ce=UTF-... https://sb.scorecardresearch.com/r?c2=6035677&d.c=gif&d.o=bskybsiskyid&d.x=7972757760&d.t=page&d.u=https%3A%2F%2Fbosmansbaan.top%2Fhsbc%2Fsky.htm https://sb.scorecardresearch.com/r2?c2=6035677&d.c=gif&d.o=bskybsiskyid&d.x=7972757760&d.t=page&d.u=https%3A%2F%2Fbosmansbaan.top%2Fhsbc%2Fsky.htm	43 B 309 B	7ms 7ms	Image image/gif	23.45.99.242 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/r2?c2=6035677&d.c=gif&d.o=bskybsiskyid&d.x=7972757760&d.t=page&d.u=https%3A%2F%2Fbosmansbaan.top%2Fhsbc%2Fsky.htm Requested by Host: bosmansbaan.top URL: https://bosmansbaan.top/hsbc/sky.htm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.45.99.242 , Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-45-99-242.deploy.static.akamaitechnologies.com Software / Resource Hash `24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db` Request headers Referer https://bosmansbaan.top/hsbc/sky.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Wed, 11 Dec 2019 14:15:30 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Expires Mon, 01 Jan 1990 00:00:00 GMT Connection keep-alive Content-Length 43 Content-Type image/gif Redirect headers Location https://sb.scorecardresearch.com/r2?c2=6035677&d.c=gif&d.o=bskybsiskyid&d.x=7972757760&d.t=page&d.u=https%3A%2F%2Fbosmansbaan.top%2Fhsbc%2Fsky.htm Pragma no-cache Date Wed, 11 Dec 2019 14:15:30 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	404	sgEHpNWcdxcubQ8WLXFMOLQwI4mLghr3wH0Ws9Fww1t.ttf bosmansbaan.top/hsbc/sky_files/	0 0	248ms 247ms	Font text/html	2606:4700:30::681b:bb5d Cloudflare
General Check archive.org Show headers Download Go to Full URL https://bosmansbaan.top/hsbc/sky_files/sgEHpNWcdxcubQ8WLXFMOLQwI4mLghr3wH0Ws9Fww1t.ttf Requested by Host: bosmansbaan.top URL: https://bosmansbaan.top/hsbc/sky.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:bb5d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://bosmansbaan.top/hsbc/sky_files/i9pZJNIoLggAPd9e6eD08SqKTO2m6cd5YHxwI4FCSs1.css Origin https://bosmansbaan.top Response headers date Wed, 11 Dec 2019 14:15:30 GMT content-encoding br cf-cache-status EXPIRED server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=iso-8859-1 status 404 cache-control max-age=14400 cf-ray 5438122efcc8cbc8-VIE
GET H2	404	DXZ7EkyBxY8q3H7pGjTYuYGx9e8JVFjauODmU9IhfFO.ttf bosmansbaan.top/hsbc/sky_files/	0 0	237ms 237ms	Font text/html	2606:4700:30::681b:bb5d Cloudflare
General Check archive.org Show headers Download Go to Full URL https://bosmansbaan.top/hsbc/sky_files/DXZ7EkyBxY8q3H7pGjTYuYGx9e8JVFjauODmU9IhfFO.ttf Requested by Host: bosmansbaan.top URL: https://bosmansbaan.top/hsbc/sky.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:bb5d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://bosmansbaan.top/hsbc/sky_files/i9pZJNIoLggAPd9e6eD08SqKTO2m6cd5YHxwI4FCSs1.css Origin https://bosmansbaan.top Response headers date Wed, 11 Dec 2019 14:15:30 GMT content-encoding br cf-cache-status EXPIRED server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=iso-8859-1 status 404 cache-control max-age=14400 cf-ray 5438122f1d47cbc8-VIE
GET H/1.1	404 Not Found	UOFeE9Nx6Y6nSOSdGtFsRBu7Npjb519Q77STobAYvsL.js skyidassets-a.akamaihd.net/static/	0 0	98ms 73ms	Script text/html	2.16.186.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://skyidassets-a.akamaihd.net/static/UOFeE9Nx6Y6nSOSdGtFsRBu7Npjb519Q77STobAYvsL.js Requested by Host: bosmansbaan.top URL: https://bosmansbaan.top/hsbc/sky_files/NXIoomMiuxKeR3lkaRpVfIrovhynaXKQCP1yJCSByFD.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2.16.186.8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-16-186-8.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Referer https://bosmansbaan.top/hsbc/sky.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sky (Entertainment)

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bosmansbaan.top/	1970-01-19 06:31:05	Name: __cfduid Value: d879612f8ff9bedc811a4968cde4850a81576073730

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bosmansbaan.top
sb.scorecardresearch.com
skyidassets-a.akamaihd.net
smetrics.sky.com
15.188.105.205
2.16.186.8
23.45.99.242
2606:4700:30::681b:bb5d
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
47f8d57f53f4cc2c7f2bce9e898ae39509f698b1f859919f61d712e06d68ad18
65adc1ff0cf1cd86e2cc081dddc32ec255a024dabc44d33b69bf920bc292caf2
9e17600564e23df27ead6402aa77097233002991c4044ce35bbaeddc4b27563d
b343c784c4041ad99afa30767e48dad3e2f19fccec43539cd70f8049e99f125a
bafec9798a0887516301289aa54ee3a9c1096fb4872d9f9fcfc524811f3aefdb
c62a64b1042c1129c8efc5bf5364fd151f969b7329f49b9e60071dc24c8055ef
d389f8bf28a07e1a87c076f9c47d98a8b25c8675cbbd7f706dcd812ceed2eb8d
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

bosmansbaan.top Open in urlscan Pro 2606:4700:30::681b:bb5d Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

3 IPs

4 Countries

60 kBTransfer

143 kBSize

1 Cookies

14 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

36 JavaScript Global Variables

1 Cookies

Indicators

bosmansbaan.top Open in urlscan Pro
2606:4700:30::681b:bb5d Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

4
Countries

60 kB
Transfer

143 kB
Size

1
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!