ns3060454.ip-193-70-34.eu
Open in
urlscan Pro
193.70.34.238
Public Scan
URL:
https://ns3060454.ip-193-70-34.eu/app/webroot/upload/files/abnamrobanksupportteamforsecureupdatesandsecurebanking/abn/confirm.php?...
Submission: On August 25 via automatic, source openphish
Submission: On August 25 via automatic, source openphish
Summary
This website contacted 3 IPs
in 2 countries
across 3 domains to perform 20 HTTP transactions.
The main IP is 193.70.34.238, located in
France and
belongs to OVH, FR.
The main domain is ns3060454.ip-193-70-34.eu.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 21st 2019. Valid for: 3 months.
This is the only time ns3060454.ip-193-70-34.eu was scanned on urlscan.io!
TLS certificate: Issued by Let's Encrypt Authority X3 on June 21st 2019. Valid for: 3 months.
This is the only time ns3060454.ip-193-70-34.eu was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 18 | 193.70.34.238 193.70.34.238 | 16276 (OVH) (OVH) | |
| 1 | 2606:4700::68... 2606:4700::6813:c497 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
| 20 | 3 |
18
193.70.34.238
(France)
ASN16276 (OVH, FR)
PTR: ns3060454.ip-193-70-34.eu
ASN16276 (OVH, FR)
PTR: ns3060454.ip-193-70-34.eu
| ns3060454.ip-193-70-34.eu |
1
2606:4700::6813:c497
(United States)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
| cdnjs.cloudflare.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 18 |
ip-193-70-34.eu
ns3060454.ip-193-70-34.eu |
446 KB |
| 1 |
cloudflare.com
cdnjs.cloudflare.com |
3 KB |
| 0 |
abnamro.nl
Failed
www.abnamro.nl Failed |
|
| 20 | 3 |
| Domain | Requested by | |
|---|---|---|
| 18 | ns3060454.ip-193-70-34.eu |
ns3060454.ip-193-70-34.eu
|
| 1 | cdnjs.cloudflare.com |
ns3060454.ip-193-70-34.eu
|
| 0 | www.abnamro.nl Failed |
ns3060454.ip-193-70-34.eu
|
| 20 | 3 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.hazotte.fr Let's Encrypt Authority X3 |
2019-06-21 - 2019-09-19 |
3 months | crt.sh |
| ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-08-10 - 2020-02-16 |
6 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://ns3060454.ip-193-70-34.eu/app/webroot/upload/files/abnamrobanksupportteamforsecureupdatesandsecurebanking/abn/confirm.php?SERVID=Service_Login_&_Authentication=
Frame ID: 7EDA10963E82A658BF60971C54D09331
Requests: 20 HTTP requests in this frame
Screenshot
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- url /\.php(?:$|\?)/i
Apache
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
confirm.php
ns3060454.ip-193-70-34.eu/app/webroot/upload/files/abnamrobanksupportteamforsecureupdatesandsecurebanking/abn/ |
32 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
roboto-condensed-regular.woff2
www.abnamro.nl/nl/widgetdelivery/unauthenticated/oca/style/css/themes/abnamro/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap-3.3.6.min.css
ns3060454.ip-193-70-34.eu/app/webroot/upload/files/abnamrobanksupportteamforsecureupdatesandsecurebanking/abn/templates/css/ |
145 KB 146 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
autentification.css
ns3060454.ip-193-70-34.eu/app/webroot/upload/files/abnamrobanksupportteamforsecureupdatesandsecurebanking/abn/templates/css/ |
17 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
imp.css
ns3060454.ip-193-70-34.eu/app/webroot/upload/files/abnamrobanksupportteamforsecureupdatesandsecurebanking/abn/templates/css/ |
36 KB 37 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
header.png
ns3060454.ip-193-70-34.eu/app/webroot/upload/files/abnamrobanksupportteamforsecureupdatesandsecurebanking/abn/ |
24 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-3.1.0.min.js
ns3060454.ip-193-70-34.eu/app/webroot/upload/files/abnamrobanksupportteamforsecureupdatesandsecurebanking/abn/templates/ |
84 KB 85 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.maskedinput.js
cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
info.png
ns3060454.ip-193-70-34.eu/app/webroot/upload/files/abnamrobanksupportteamforsecureupdatesandsecurebanking/abn/templates/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
N_logo.png
ns3060454.ip-193-70-34.eu/app/webroot/upload/files/abnamrobanksupportteamforsecureupdatesandsecurebanking/abn/images/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
footer.png
ns3060454.ip-193-70-34.eu/app/webroot/upload/files/abnamrobanksupportteamforsecureupdatesandsecurebanking/abn/ |
69 KB 69 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-1.11.3.min.js
ns3060454.ip-193-70-34.eu/templates/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.min.js
ns3060454.ip-193-70-34.eu/templates/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
auth.js
ns3060454.ip-193-70-34.eu/templates/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
urls.js
ns3060454.ip-193-70-34.eu/templates/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cccc.png
ns3060454.ip-193-70-34.eu/app/webroot/upload/files/abnamrobanksupportteamforsecureupdatesandsecurebanking/abn/templates/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
picto-cb.png
ns3060454.ip-193-70-34.eu/app/webroot/upload/files/abnamrobanksupportteamforsecureupdatesandsecurebanking/abn/templates/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.min.js
ns3060454.ip-193-70-34.eu/templates/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
auth.js
ns3060454.ip-193-70-34.eu/templates/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
urls.js
ns3060454.ip-193-70-34.eu/templates/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.abnamro.nl
- URL
- https://www.abnamro.nl/nl/widgetdelivery/unauthenticated/oca/style/css/themes/abnamro/fonts/roboto-condensed-regular.woff2
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| type_carte string| urlLoginMotDePasse string| urlLogin3S1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| ns3060454.ip-193-70-34.eu/ | Name: CAKEPHP Value: mokjou4efqdeg1fagrdoe055j6 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
ns3060454.ip-193-70-34.eu
www.abnamro.nl
www.abnamro.nl
193.70.34.238
2606:4700::6813:c497
02f13cdb844ba65156c470cadd2ecd47a577402bf66dd011a2a2e1762b74e7f4
1d3087c7058a555c75bf860ef1c3263453a8ea9d393875c7af1164b46dbae467
20dd75a3eb86468e574776b15838aeff007db2cfecb39cb34eb2d22b29241daa
2761c0c775120ff4c7c9f831f6f80774caeee8aac8782af284c6b35ea7c6cc72
470715f624482fd014accad6b8f77227795b6f394f54574abe0d9832bd56282e
4bc84d72ddd5f02fe04613d1f1f7d5ee028eb9d108ba363808c9ee3aaf8c2d44
6b648bc8370e8a0eed69fdb7fca8a39e90830b6815752b82338e5ac4ae90cf45
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
7ef14a1e070a6a2ec9ff44ccf5e923cb2a460c5861a3db8a9ae1e21557d27020
b16fbbc475f7128aa28ed91bc59e48517a580ca486ef5a4836e240e62224cc61
b91d0d591798a7b349b465aa7bf8b5d540300e3ff36927807b378f1f458461b3
ff6f22d67aa5b0061443d2b7ad38a792aff0bf804b9c4d9c61e963217efd4f7e