inlog-abn.xyz
Open in
urlscan Pro
199.192.21.240
Malicious Activity!
Public Scan
Effective URL: https://inlog-abn.xyz/
Submission: On April 15 via manual from NL — Scanned from NL
Summary
TLS certificate: Issued by R3 on April 12th 2022. Valid for: 3 months.
This is the only time inlog-abn.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ABN Amro (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 17 | 199.192.21.240 199.192.21.240 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 1 | 2a02:26f0:6a:... 2a02:26f0:6a::210:da32 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
3 | 2a02:26f0:350... 2a02:26f0:3500:14::1724:a24b | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
5 | 66.29.155.212 66.29.155.212 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 | 104.18.114.97 104.18.114.97 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
26 | 5 |
ASN22612 (NAMECHEAP-NET, US)
PTR: server1.fireblastr.com
inlog-abn.xyz |
ASN20940 (AKAMAI-ASN1, NL)
www.abnamro.nl |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
inlog-abn.xyz
1 redirects
inlog-abn.xyz |
1 MB |
5 |
nieuwpanelaus.xyz
nieuwpanelaus.xyz |
1 KB |
4 |
abnamro.nl
1 redirects
abnamro.nl — Cisco Umbrella Rank: 69912 www.abnamro.nl — Cisco Umbrella Rank: 73827 |
42 KB |
1 |
icanhazip.com
ipv4.icanhazip.com — Cisco Umbrella Rank: 12592 |
472 B |
26 | 4 |
Domain | Requested by | |
---|---|---|
17 | inlog-abn.xyz |
1 redirects
inlog-abn.xyz
|
5 | nieuwpanelaus.xyz |
inlog-abn.xyz
|
3 | www.abnamro.nl |
inlog-abn.xyz
|
1 | ipv4.icanhazip.com |
inlog-abn.xyz
|
1 | abnamro.nl | 1 redirects |
26 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
inlog-abn.xyz R3 |
2022-04-12 - 2022-07-11 |
3 months | crt.sh |
www.abnamro.nl Entrust Certification Authority - L1M |
2021-09-13 - 2022-09-13 |
a year | crt.sh |
nieuwpanelaus.xyz R3 |
2022-03-23 - 2022-06-21 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-06-07 - 2022-06-06 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://inlog-abn.xyz/
Frame ID: 480CAB30D123E0DB1D6728E610528092
Requests: 29 HTTP requests in this frame
Screenshot
Page Title
Internet Bankieren - ABN AMROPage URL History Show full URLs
-
http://inlog-abn.xyz/
HTTP 301
https://inlog-abn.xyz/ Page URL
Detected technologies
Zip (Payment processors) ExpandDetected patterns
- zip\.co
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://inlog-abn.xyz/
HTTP 301
https://inlog-abn.xyz/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- https://abnamro.nl/portal/resources/vendor/lit-element/lit-element-2.2.1/lit-element.js HTTP 301
- https://www.abnamro.nl/portal/resources/vendor/lit-element/lit-element-2.2.1/lit-element.js
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
inlog-abn.xyz/ Redirect Chain
|
7 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
inlog-abn.xyz/portal/resources/aab/emerald-global/emerald-global-1.1.0/ |
391 KB 391 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
myabnamro-compatability.css
inlog-abn.xyz/nl/widgetdelivery/unauthenticated/oca/style/css/themes/emerald/ |
35 KB 36 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
inlog-abn.xyz/portal/resources/vendor/jquery/jquery-3.4.1/ |
165 KB 166 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0.d6b3217f.css
inlog-abn.xyz/ |
7 KB 2 KB |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header-panel.js
inlog-abn.xyz/portal/resources/aab/header-panel/header-panel-1/nl/ |
309 KB 309 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer-panel.js
inlog-abn.xyz/portal/resources/aab/footer-panel/footer-panel-0/nl/ |
16 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lit-element.js
inlog-abn.xyz/portal/resources/vendor/lit-element/lit-element-2.2.1/ |
67 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lit-element.js
inlog-abn.xyz/portal/resources/vendor/lit-element/lit-element-2.2.0/ |
134 KB 134 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lit-element.js
www.abnamro.nl/portal/resources/vendor/lit-element/lit-element-2.2.1/ Redirect Chain
|
68 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.21806950.chunk.css
inlog-abn.xyz/static/css/ |
541 B 783 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2.90c2785d.chunk.js
inlog-abn.xyz/static/js/ |
248 KB 249 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.bf63c961.chunk.js
inlog-abn.xyz/static/js/ |
29 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sc-aab-search.js
www.abnamro.nl/nl/retail/pr/static/shared/sc-aab-search/0.0.44/ |
70 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aab-analytics-event-handler.js
www.abnamro.nl/nl/retail/pr/static/aab-analytics-event-handler/1.0.11/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
session
inlog-abn.xyz/ |
7 KB 2 KB |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
160 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
319 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
nieuwpanelaus.xyz/socket.io/ |
97 B 301 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
em-header-gradient.668ea565.svg
inlog-abn.xyz/portal/resources/aab/emerald-global/images/ |
7 KB 7 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ipv4.icanhazip.com/ |
15 B 472 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
nieuwpanelaus.xyz/socket.io/ |
2 B 189 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
nieuwpanelaus.xyz/socket.io/ |
32 B 236 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
nieuwpanelaus.xyz/socket.io/ |
2 B 189 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
nieuwpanelaus.xyz/socket.io/ |
315 B 520 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
nieuwpanelaus.xyz/socket.io/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pr-devices-mobile-qr.f4e6050a.svg
inlog-abn.xyz/portal/resources/aab/emerald-global/images/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pr-authentication-ed.svg
inlog-abn.xyz/nl/widgetdelivery/unauthenticated/oca/style/css/themes/abnamro/login/images/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- nieuwpanelaus.xyz
- URL
- https://nieuwpanelaus.xyz/socket.io/?EIO=4&transport=polling&t=O0i8BAe&sid=VZiTEE8NCyTAJXreAAH6
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ABN Amro (Banking)16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| $ function| jQuery object| script object| searchScript object| analyticsScript object| litElement_221 object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions object| litElement_220 object| webpackJsonpbank object| regeneratorRuntime0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
abnamro.nl
inlog-abn.xyz
ipv4.icanhazip.com
nieuwpanelaus.xyz
www.abnamro.nl
nieuwpanelaus.xyz
104.18.114.97
199.192.21.240
2a02:26f0:3500:14::1724:a24b
2a02:26f0:6a::210:da32
66.29.155.212
039f9d83fd5475d82dad2f7dbf3eb8af58a3a755e81f6965b5c15ebee9e9e8eb
18f4f0f34d81613ed818663e6f0ef7b0b497a822721fb899dc956d3ab73ca2f0
19b8754316fd70fb410955b59893e4276a1f55e8475947f5fc7b8603cd658834
1b8cf2617a66efcd04b61eccccc918becb4925c0578cf3be48d53a9251c874b1
2082894ef3ec68a2121a298d4eafa7961c8a491d3a740dfc9f9fa8f63171ac00
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
293680a5c9b05ee7c9c775597a78a96e2326217111b9d8d46689349877dc497c
37c401cbb61d54f66d7fff242795ab707c9226cc3f210a6f0df64b9ccbcc8c54
39f19fee724f749e3104de39730722022de13caee7f6d88c53f59068ee82c1e1
3e407fdef3f47346c9d0951d03f3bb6b906714283fd77a34add48aeb3cb5231b
4e762887b5172d93e9bf48d9e9a2e63de4e7841b1458dd26749123f332e19289
5a7155890a53866ee9dbe8dbcc6fbb991cd8f7214e395d145dfaaefb4993063e
66223f4561bd5c1329479dbd819eab811df3f6e001fd04c29b6f2f6a41154e4d
6880c50ff2877882f3fe4e9229ee31a0feb2bb4e6930ba34a5c8c435b2dbaeee
76218ee52f7c39ece35e654da6d0f9d0f845e22bbf86c954953f9666d965e759
76aedf62893b0d56997a236cdc0d9eb75b9226aadc00c1a6ae708aa4936b4288
b439a0f58bd6711d9f130858ade16609c7da0bd8f6cf09b7d7daf139c22a816b
ba8c1d664ffe156dcbb7547da298691a10fcafaec8a0f0e8d572f67092595cc4
bcc8c28f584b78656cfcbae44972a314b9ba295209d7a7bf4cba577f8567ce7a
bf332eed72e6ad9836df7da36add949786cd700449fd2ac0a9efb20b88cb8578
cc415517aa38b6486894686f9bc8d977f4759c424787c820b2d7e8de8efe286e
dac2f941a2883390fa646bdacf02227c48d823dbca9bda0e0f355068d1e64e44
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
febb2e716fe83cf001f13f581824f10fcdb25a85117e5d86b03e573fba45f9e2
ffdaa5f4c91165e01be143e47f4e511cd0f6827192be05aa61f4c5ffc4588f65