ics-mijnomgeving.info Open in urlscan Pro
198.252.108.5 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ics-mijnomgeving.info/enrollment.html
Submission: On April 29 via automatic, source openphish (April 29th 2019, 3:08:23 pm UTC)

Summary HTTP 41 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 41 HTTP transactions. The main IP is 198.252.108.5, located in Fergus, Canada and belongs to HAWKHOST - Hawk Host Inc., CA. The main domain is ics-mijnomgeving.info.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 28th 2019. Valid for: 3 months.

This is the only time ics-mijnomgeving.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: International Card Services (Financial)

Domain & IP information

	IP Address	AS Autonomous System
35	198.252.108.5 198.252.108.5	20068 (HAWKHOST) (HAWKHOST - Hawk Host Inc.)
1 2	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 3	2.18.162.235 2.18.162.235	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a0::2db0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
41	6

35 198.252.108.5 (Fergus, Canada)

ASN20068 (HAWKHOST - Hawk Host Inc., CA)
PTR: 198.252.108.5-static.reverse.arandomserver.com

ics-mijnomgeving.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.162.235 (European Union) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-162-235.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a0::2db0 (European Union)

ASN20940 (AKAMAI-ASN1, US)

cdnssl.clicktale.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	ics-mijnomgeving.info ics-mijnomgeving.info	1 MB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	1 KB
2	google-analytics.com 1 redirects www.google-analytics.com	17 KB
1	doubleclick.net stats.g.doubleclick.net	102 B
1	clicktale.net cdnssl.clicktale.net	10 KB
0	sitestat.com Failed nl.sitestat.com Failed
41	6

	Domain	Requested by
35	ics-mijnomgeving.info	ics-mijnomgeving.info
3	sb.scorecardresearch.com	1 redirects ics-mijnomgeving.info
2	www.google-analytics.com	1 redirects ics-mijnomgeving.info
1	stats.g.doubleclick.net
1	cdnssl.clicktale.net	ics-mijnomgeving.info
0	nl.sitestat.com Failed
41	6

This site contains links to these domains. Also see Links.

Domain
www.icscards.nl
www.icsbusiness.nl

Subject Issuer	Validity	Valid
ics-mijnomgeving.info Let's Encrypt Authority X3	`2019-04-28` - `2019-07-27`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
*.scorecardresearch.com COMODO RSA Organization Validation Secure Server CA	`2018-11-28` - `2019-12-26`	a year	crt.sh
*.clicktale.net DigiCert SHA2 Secure Server CA	`2018-07-15` - `2019-10-14`	a year	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ics-mijnomgeving.info/enrollment.html
Frame ID: B252D1860817B39BC63D9143429D9232
Requests: 41 HTTP requests in this frame