www.framinggroup.nl Open in urlscan Pro
51.77.91.161 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.framinggroup.nl/
Submission: On August 23 via automatic, source certstream-suspicious (August 23rd 2024, 4:01:12 am UTC) — Scanned from NL

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 11 HTTP transactions. The main IP is 51.77.91.161, located in France and belongs to OVH, FR. The main domain is www.framinggroup.nl.
TLS certificate: Issued by R10 on July 11th 2024. Valid for: 3 months.

This is the only time www.framinggroup.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	51.77.91.161 51.77.91.161	16276 (OVH) (OVH)
1	51.89.6.141 51.89.6.141	16276 (OVH) (OVH)
11	3

9 51.77.91.161 (France)

ASN16276 (OVH, FR)
PTR: liveweb.swiftysite.com

www.framinggroup.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.6.141 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: leo.swiftysite.com

admsrv.swiftysite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	framinggroup.nl www.framinggroup.nl	1 MB
1	swiftysite.com admsrv.swiftysite.com
11	2

	Domain	Requested by
9	www.framinggroup.nl	www.framinggroup.nl
1	admsrv.swiftysite.com
11	2

This site contains no links.

Subject Issuer	Validity	Valid
admin.swiftysite.com R10	`2024-07-11` - `2024-10-09`	3 months	crt.sh
admsrv.swiftysite.com R11	`2024-07-11` - `2024-10-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.framinggroup.nl/
Frame ID: 631A4D7E71F804C04D4980264740F180
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

swifty_adm

Page Statistics

11
Requests

9 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1423 kB
Transfer

6495 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.framinggroup.nl/	802 B 575 B	92ms 27ms	Document text/html	51.77.91.161 OVH
General Check archive.org Show headers Download Go to Full URL https://www.framinggroup.nl/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.77.91.161 , France, ASN16276 (OVH, FR), Reverse DNS liveweb.swiftysite.com Software nginx / Express Resource Hash `6e85ae813595035bc7913ef63563ab3954c21008a4229387d72339dd32bd2b7a` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Fri, 23 Aug 2024 04:01:07 GMT etag W/"322-msZ9WeYZTDN/fUk9NaFzbwHfSZQ" server nginx vary Accept-Encoding Accept-Encoding x-powered-by Express
GET H2	200	app.js Show response www.framinggroup.nl/	6 MB 1 MB	36ms 35ms	Script application/javascript	51.77.91.161 OVH
General Check archive.org Show headers Download Go to Full URL https://www.framinggroup.nl/app.js Requested by Host: www.framinggroup.nl URL: https://www.framinggroup.nl/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.77.91.161 , France, ASN16276 (OVH, FR), Reverse DNS liveweb.swiftysite.com Software nginx / Express Resource Hash `c5f43cdd9a521430c62e4540fe52abd7c2bc655dc36affdce2b5d91bb126de37` Request headers Referer https://www.framinggroup.nl/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 04:01:07 GMT content-encoding gzip server nginx x-powered-by Express etag W/"5ade33-5EdHqH+3a9+ms888o21LKeOBw0U" vary Accept-Encoding content-type application/javascript; charset=UTF-8 accept-ranges bytes
GET H2	200	0.js Show response www.framinggroup.nl/	201 KB 52 KB	39ms 38ms	Script application/javascript	51.77.91.161 OVH
General Check archive.org Show headers Download Go to Full URL https://www.framinggroup.nl/0.js Requested by Host: www.framinggroup.nl URL: https://www.framinggroup.nl/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.77.91.161 , France, ASN16276 (OVH, FR), Reverse DNS liveweb.swiftysite.com Software nginx / Express Resource Hash `f0bcc272038af574ff2b7ac9e5a3da6e469bec85d6a12e6eb3e76f71b32149c8` Request headers Referer https://www.framinggroup.nl/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 04:01:07 GMT content-encoding gzip server nginx x-powered-by Express etag W/"32228-0lH259o4pW1I+V1rwOpHDVan060" vary Accept-Encoding content-type application/javascript; charset=UTF-8 accept-ranges bytes
GET H2	200	1.js Show response www.framinggroup.nl/	370 KB 54 KB	41ms 40ms	Script application/javascript	51.77.91.161 OVH
General Check archive.org Show headers Download Go to Full URL https://www.framinggroup.nl/1.js Requested by Host: www.framinggroup.nl URL: https://www.framinggroup.nl/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.77.91.161 , France, ASN16276 (OVH, FR), Reverse DNS liveweb.swiftysite.com Software nginx / Express Resource Hash `39713384ad4c4ff95de19b1314b388fcabe8d30ea180df9abca3ed6a310e61ab` Request headers Referer https://www.framinggroup.nl/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 04:01:07 GMT content-encoding gzip server nginx x-powered-by Express etag W/"5c7d1-gbe7wl8szSOrkJNsCzaKAe4YcK0" vary Accept-Encoding content-type application/javascript; charset=UTF-8 accept-ranges bytes
GET H2	200	5.js Show response www.framinggroup.nl/	77 KB 15 KB	40ms 40ms	Script application/javascript	51.77.91.161 OVH
General Check archive.org Show headers Download Go to Full URL https://www.framinggroup.nl/5.js Requested by Host: www.framinggroup.nl URL: https://www.framinggroup.nl/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.77.91.161 , France, ASN16276 (OVH, FR), Reverse DNS liveweb.swiftysite.com Software nginx / Express Resource Hash `c30a1d431f54d6b1babc72d4ba1ec4f8b4ec93e770f09ded4ff6aa0d5a84d34e` Request headers Referer https://www.framinggroup.nl/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 04:01:07 GMT content-encoding gzip server nginx x-powered-by Express etag W/"1359d-ZY23k/QrDoj6GmhuUcGiVCjU3ik" vary Accept-Encoding content-type application/javascript; charset=UTF-8 accept-ranges bytes
GET H2	200	11.js Show response www.framinggroup.nl/	21 KB 7 KB	39ms 39ms	Script application/javascript	51.77.91.161 OVH
General Check archive.org Show headers Download Go to Full URL https://www.framinggroup.nl/11.js Requested by Host: www.framinggroup.nl URL: https://www.framinggroup.nl/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.77.91.161 , France, ASN16276 (OVH, FR), Reverse DNS liveweb.swiftysite.com Software nginx / Express Resource Hash `e168e13f0f4ceb84b709e56318e21a84edba8782b49d0914e6a40692ede5079f` Request headers Referer https://www.framinggroup.nl/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 04:01:07 GMT content-encoding gzip server nginx x-powered-by Express etag W/"524d-+2B2p8N+QRHSXRiJR53tdt8VnIg" vary Accept-Encoding content-type application/javascript; charset=UTF-8 accept-ranges bytes
GET H2	200	info Show response www.framinggroup.nl/sockjs-node/	79 B 243 B	28ms 28ms	XHR application/json	51.77.91.161 OVH
General Check archive.org Show headers Download Go to Full URL https://www.framinggroup.nl/sockjs-node/info?t=1724385667981 Requested by Host: URL: webpack-internal:///./node_modules/sockjs-client/dist/sockjs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.77.91.161 , France, ASN16276 (OVH, FR), Reverse DNS liveweb.swiftysite.com Software nginx / Resource Hash `150dc657690be0469311d6f70e397070c4ffab64c03e1d826a3b13a2cac480ee` Request headers Referer https://www.framinggroup.nl/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers access-control-allow-origin * date Fri, 23 Aug 2024 04:01:07 GMT cache-control no-store, no-cache, no-transform, must-revalidate, max-age=0 server nginx vary Origin content-type application/json; charset=UTF-8
OPTIONS H2	204	checklogin admsrv.swiftysite.com/	0 0	110ms 26ms	Preflight	51.89.6.141 OVH
General Check archive.org Show headers Download Go to Full URL https://admsrv.swiftysite.com/checklogin Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.6.141 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS leo.swiftysite.com Software nginx / Express Resource Hash Request headers Accept / Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://www.framinggroup.nl Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin https://admin.swiftysite.com date Fri, 23 Aug 2024 04:01:08 GMT server nginx vary Origin, Access-Control-Request-Headers x-powered-by Express
GET		checklogin admsrv.swiftysite.com/	0 0

GET H2	200	quasar-logo.png www.framinggroup.nl/statics/	8 KB 8 KB	28ms 28ms	Other image/png	51.77.91.161 OVH
General Check archive.org Show headers Download Go to Full URL https://www.framinggroup.nl/statics/quasar-logo.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.77.91.161 , France, ASN16276 (OVH, FR), Reverse DNS liveweb.swiftysite.com Software nginx / Express Resource Hash `9e86002347f0116b169f03a6f55856d26f75172e1aba93df9a1e47cd648af9fd` Request headers Referer https://www.framinggroup.nl/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 04:01:08 GMT last-modified Thu, 15 Nov 2018 17:35:15 GMT server nginx x-powered-by Express etag W/"20cc-1671870f438" content-type image/png cache-control public, max-age=0 accept-ranges bytes content-length 8396
GET H2	200	favicon-32x32.png www.framinggroup.nl/statics/icons/	2 KB 2 KB	28ms 28ms	Other image/png	51.77.91.161 OVH
General Check archive.org Show headers Download Go to Full URL https://www.framinggroup.nl/statics/icons/favicon-32x32.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.77.91.161 , France, ASN16276 (OVH, FR), Reverse DNS liveweb.swiftysite.com Software nginx / Express Resource Hash `02b7ba01631a07c52360711c4a051cd4ffa7932757a0caa77d128e41238dbbbf` Request headers Referer https://www.framinggroup.nl/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 04:01:08 GMT last-modified Thu, 15 Nov 2018 17:32:56 GMT server nginx x-powered-by Express etag W/"737-167186ed540" content-type image/png cache-control public, max-age=0 accept-ranges bytes content-length 1847

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: admsrv.swiftysite.com
URL: https://admsrv.swiftysite.com/checklogin

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://www.framinggroup.nl/#/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
javascript	error	URL: https://www.framinggroup.nl/#/ Message: Access to fetch at 'https://admsrv.swiftysite.com/checklogin' from origin 'https://www.framinggroup.nl' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'https://admin.swiftysite.com' that is not equal to the supplied origin. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://admsrv.swiftysite.com/checklogin Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admsrv.swiftysite.com
www.framinggroup.nl
admsrv.swiftysite.com
51.77.91.161
51.89.6.141
02b7ba01631a07c52360711c4a051cd4ffa7932757a0caa77d128e41238dbbbf
150dc657690be0469311d6f70e397070c4ffab64c03e1d826a3b13a2cac480ee
39713384ad4c4ff95de19b1314b388fcabe8d30ea180df9abca3ed6a310e61ab
6e85ae813595035bc7913ef63563ab3954c21008a4229387d72339dd32bd2b7a
9e86002347f0116b169f03a6f55856d26f75172e1aba93df9a1e47cd648af9fd
c30a1d431f54d6b1babc72d4ba1ec4f8b4ec93e770f09ded4ff6aa0d5a84d34e
c5f43cdd9a521430c62e4540fe52abd7c2bc655dc36affdce2b5d91bb126de37
e168e13f0f4ceb84b709e56318e21a84edba8782b49d0914e6a40692ede5079f
f0bcc272038af574ff2b7ac9e5a3da6e469bec85d6a12e6eb3e76f71b32149c8

www.framinggroup.nl Open in urlscan Pro 51.77.91.161 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

11 Requests

9 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

1423 kBTransfer

6495 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

0 Cookies

3 Console Messages

Indicators

www.framinggroup.nl Open in urlscan Pro
51.77.91.161 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

9 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1423 kB
Transfer

6495 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions