fietsen.testing-page.nl Open in urlscan Pro
185.114.157.173 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fietsen.testing-page.nl/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On November 24 via api (November 24th 2024, 7:14:52 pm UTC) from IT — Scanned from NL

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 10 HTTP transactions. The main IP is 185.114.157.173, located in Rotterdam, Netherlands and belongs to stackip Arno de Groot Trading As StackIP, NL. The main domain is fietsen.testing-page.nl.
TLS certificate: Issued by E6 on November 24th 2024. Valid for: 3 months.

This is the only time fietsen.testing-page.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	185.114.157.173 185.114.157.173	216279 (stackip A...) (stackip Arno de Groot Trading As StackIP)
4	108.138.7.76 108.138.7.76	16509 (AMAZON-02) (AMAZON-02)
1	94.130.142.35 94.130.142.35	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
10	3

5 185.114.157.173 (Rotterdam, Netherlands)

ASN216279 (stackip Arno de Groot Trading As StackIP, NL)
PTR: web3.64ip.net

fietsen.testing-page.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.7.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-76.fra56.r.cloudfront.net

www.strava.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.142.35 (Bendorf, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: customer-api-eu03.open-meteo.com

api.open-meteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	testing-page.nl fietsen.testing-page.nl	3 MB
4	strava.com www.strava.com — Cisco Umbrella Rank: 44830	2 KB
1	open-meteo.com api.open-meteo.com — Cisco Umbrella Rank: 67200	2 KB
10	3

	Domain	Requested by
5	fietsen.testing-page.nl	fietsen.testing-page.nl
4	www.strava.com	fietsen.testing-page.nl
1	api.open-meteo.com	fietsen.testing-page.nl
10	3

This site contains no links.

Subject Issuer	Validity	Valid
testing-page.nl E6	`2024-11-24` - `2025-02-22`	3 months	crt.sh
*.strava.com Go Daddy Secure Certificate Authority - G2	`2024-08-21` - `2025-09-22`	a year	crt.sh
open-meteo.com E6	`2024-10-31` - `2025-01-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://fietsen.testing-page.nl/
Frame ID: 2FAB23044E627C4507317A2226E658B3
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

React App

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

2786 kB
Transfer

2933 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
fietsen.testing-page.nl/ 644 B
522 B 60ms
13ms Document
text/html 185.114.157.173
stackip Arno de G...

General

Check archive.org

Show headers Download Go to

Full URL: https://fietsen.testing-page.nl/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.114.157.173 Rotterdam, Netherlands, ASN216279 (stackip Arno de Groot Trading As StackIP, NL),
Reverse DNS: web3.64ip.net
Software: Apache/2 /
Resource Hash: 2afe80260e3af5c7ae7a2233568f2916d005d1e50e589a9859f820a925c07d6c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 374
content-type: text/html
date: Sun, 24 Nov 2024 19:14:45 GMT
etag: "284-627a91182b940-gzip"
last-modified: Sun, 24 Nov 2024 14:02:37 GMT
server: Apache/2
vary: Accept-Encoding,User-Agent

GET
H2 200 main.e559b7c6.js Show response
fietsen.testing-page.nl/static/js/ 204 KB
60 KB 40ms
36ms Script
application/javascript 185.114.157.173
stackip Arno de G...

General

Check archive.org

Show headers Download Go to

Full URL: https://fietsen.testing-page.nl/static/js/main.e559b7c6.js
Requested by: Host: fietsen.testing-page.nl
URL: https://fietsen.testing-page.nl/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.114.157.173 Rotterdam, Netherlands, ASN216279 (stackip Arno de Groot Trading As StackIP, NL),
Reverse DNS: web3.64ip.net
Software: Apache/2 /
Resource Hash: 1be494afdf30119085bfb0b3d242b38e0f99b133a2014b92a7babf82a03ff944

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fietsen.testing-page.nl/

Response headers

content-encoding: gzip
etag: "33175-627a90c80fc40-gzip"
accept-ranges: bytes
date: Sun, 24 Nov 2024 19:14:46 GMT
last-modified: Sun, 24 Nov 2024 14:01:13 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: application/javascript

GET
H2 200 main.f855e6bc.css
fietsen.testing-page.nl/static/css/ 779 B
623 B 18ms
14ms Stylesheet
text/css 185.114.157.173
stackip Arno de G...

General

Check archive.org

Show headers Download Go to

Full URL: https://fietsen.testing-page.nl/static/css/main.f855e6bc.css
Requested by: Host: fietsen.testing-page.nl
URL: https://fietsen.testing-page.nl/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.114.157.173 Rotterdam, Netherlands, ASN216279 (stackip Arno de Groot Trading As StackIP, NL),
Reverse DNS: web3.64ip.net
Software: Apache/2 /
Resource Hash: 7be7946b4e6f8eecf089c3855fde7e6f9d7ac5daafa53b714064fbd5d01fe1b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fietsen.testing-page.nl/

Response headers

content-encoding: gzip
etag: "30b-627a90b8cd840-gzip"
accept-ranges: bytes
content-length: 515
date: Sun, 24 Nov 2024 19:14:46 GMT
last-modified: Sun, 24 Nov 2024 14:00:57 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: text/css

GET
H2 200 achtergrondlogin.jpg
fietsen.testing-page.nl/images/login/ 3 MB
3 MB 17ms
17ms Image
image/jpeg 185.114.157.173
stackip Arno de G...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fietsen.testing-page.nl/images/login/achtergrondlogin.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.114.157.173 Rotterdam, Netherlands, ASN216279 (stackip Arno de Groot Trading As StackIP, NL),
Reverse DNS: web3.64ip.net
Software: Apache/2 /
Resource Hash: e2e1383161ee9aaddbd51e5aa3d4c23294f052cfef898dad7c433ec7f373d51d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fietsen.testing-page.nl/

Response headers

accept-ranges: bytes
content-length: 2781485
etag: "2a712d-627a910424a00"
date: Sun, 24 Nov 2024 19:14:46 GMT
last-modified: Sun, 24 Nov 2024 14:02:16 GMT
content-type: image/jpeg
server: Apache/2

POST
H2 200 token Show response
www.strava.com/oauth/ 183 B
817 B 146ms
145ms Fetch
application/json 108.138.7.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.strava.com/oauth/token

Requested by

Host: fietsen.testing-page.nl
URL: https://fietsen.testing-page.nl/static/js/main.e559b7c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-76.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

565281f12da875580c28457f560117a9bf02e7198863ae061f96df4644d08ca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://fietsen.testing-page.nl/

Response headers

x-request-id: a1a0c374-ff11-4790-bf8a-63893161ed89
access-control-max-age: 600
content-encoding: gzip
etag: W/"565281f12da875580c28457f560117a9"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
access-control-allow-methods: POST
status: 200 OK
x-cache: Miss from cloudfront
x-amz-cf-id: 3Wootcy1oFyCTTpAvh3Q484jp3EbdCsITTBcdk4t91zBv2e4QU0FWg==
date: Sun, 24 Nov 2024 19:14:47 GMT
content-type: application/json; charset=utf-8
vary: Accept, Origin
x-frame-options: DENY
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 28
referrer-policy: strict-origin-when-cross-origin
via: 1.1 linkerd, 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P6
server: istio-envoy

GET
H/1.1 200
OK forecast Show response
api.open-meteo.com/v1/ 6 KB
2 KB 975ms
25ms Fetch
application/json 94.130.142.35
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.open-meteo.com/v1/forecast?latitude=52.37&longitude=4.9&current_weather=true&hourly=temperature_2m,windspeed_10m,precipitation_probability,relativehumidity_2m&timezone=auto
Requested by: Host: fietsen.testing-page.nl
URL: https://fietsen.testing-page.nl/static/js/main.e559b7c6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 94.130.142.35 Bendorf, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: customer-api-eu03.open-meteo.com
Software: /
Resource Hash: 030c03dc23d6bcb1dbe9b8d069af1ff35a718afc1304605dd759dc2185d66355

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fietsen.testing-page.nl/

Response headers

Transfer-Encoding: chunked
access-control-max-age: 600
Content-Encoding: deflate
Connection: keep-alive
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
Date: Sun, 24 Nov 2024 19:14:47 GMT
Content-Type: application/json; charset=utf-8
access-control-allow-headers: accept, authorization, content-type, origin, x-requested-with, user-agent, access-control-allow-origin

OPTIONS
H2 200 token
www.strava.com/oauth/ 0
0 1049ms
129ms Preflight 108.138.7.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.strava.com/oauth/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-76.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fietsen.testing-page.nl
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 600
content-length: 0
date: Sun, 24 Nov 2024 19:14:47 GMT
server: istio-envoy
status: 200 OK
via: 1.1 linkerd, 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-id: JHqM1lHKjrFi6gBNrCyxliGASEDElIm4YIOGBBn6EywuRz7ycRgl5w==
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 7

GET
H2 200 favicon.ico
fietsen.testing-page.nl/ 4 KB
3 KB 17ms
17ms Other
image/x-icon 185.114.157.173
stackip Arno de G...

General

Check archive.org

Show headers Download Go to

Full URL: https://fietsen.testing-page.nl/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.114.157.173 Rotterdam, Netherlands, ASN216279 (stackip Arno de Groot Trading As StackIP, NL),
Reverse DNS: web3.64ip.net
Software: Apache/2 /
Resource Hash: 3d10f7da6c603178340081668c4ac5b3ae9743ca9a262ab0fcd312fbb9f48bdd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fietsen.testing-page.nl/

Response headers

content-encoding: gzip
etag: "f1e-627a91182b940-gzip"
accept-ranges: bytes
content-length: 3461
date: Sun, 24 Nov 2024 19:14:47 GMT
last-modified: Sun, 24 Nov 2024 14:02:37 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: image/x-icon

GET
H2 200 stats Show response
www.strava.com/api/v3/athletes/2602414/ 1 KB
1 KB 718ms
718ms Fetch
application/json 108.138.7.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.strava.com/api/v3/athletes/2602414/stats

Requested by

Host: fietsen.testing-page.nl
URL: https://fietsen.testing-page.nl/static/js/main.e559b7c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-76.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

a5a7dbc8f88e04f5e3846439b4e611091bd9bedbc1b6931b3d414c76a197a819

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Authorization: Bearer a998469b49ce5717c9617035cc6780041c1720d1
Referer: https://fietsen.testing-page.nl/

Response headers

x-request-id: 67d92a59-3ea6-4dfa-9517-63098683013f
access-control-max-age: 600
content-encoding: gzip
etag: W/"a5a7dbc8f88e04f5e3846439b4e61109"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, PUT, DELETE
status: 200 OK
x-cache: Miss from cloudfront
x-readratelimit-usage: 1,45
x-amz-cf-id: gtj0_OPGMo0YuSnEwrHG0te3iCxq2pjHvXlb17pGmS83j9qqRn2bwA==
date: Sun, 24 Nov 2024 19:14:48 GMT
content-type: application/json; charset=utf-8
vary: Accept, Origin
x-frame-options: DENY
cache-control: max-age=0, private, must-revalidate
x-readratelimit-limit: 100,1000
x-envoy-upstream-service-time: 586
referrer-policy: strict-origin-when-cross-origin
via: 1.1 linkerd, 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-download-options: noopen
x-ratelimit-usage: 1,45
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-ratelimit-limit: 200,2000
x-amz-cf-pop: FRA56-P6
server: istio-envoy

OPTIONS
H2 200 stats
www.strava.com/api/v3/athletes/2602414/ 0
0 308ms
307ms Preflight 108.138.7.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.strava.com/api/v3/athletes/2602414/stats
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-76.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://fietsen.testing-page.nl
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-origin: *
access-control-max-age: 600
content-length: 0
date: Sun, 24 Nov 2024 19:14:48 GMT
server: istio-envoy
status: 200 OK
via: 1.1 linkerd, 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-id: 6NCaYDTX00SbLGMyy4VppMMj3bjKtryNkKvfVMkgpEwCo_TmDd-ShA==
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 7

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunksite

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://fietsen.testing-page.nl/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.open-meteo.com
fietsen.testing-page.nl
www.strava.com
108.138.7.76
185.114.157.173
94.130.142.35
030c03dc23d6bcb1dbe9b8d069af1ff35a718afc1304605dd759dc2185d66355
1be494afdf30119085bfb0b3d242b38e0f99b133a2014b92a7babf82a03ff944
2afe80260e3af5c7ae7a2233568f2916d005d1e50e589a9859f820a925c07d6c
3d10f7da6c603178340081668c4ac5b3ae9743ca9a262ab0fcd312fbb9f48bdd
565281f12da875580c28457f560117a9bf02e7198863ae061f96df4644d08ca9
7be7946b4e6f8eecf089c3855fde7e6f9d7ac5daafa53b714064fbd5d01fe1b3
a5a7dbc8f88e04f5e3846439b4e611091bd9bedbc1b6931b3d414c76a197a819
e2e1383161ee9aaddbd51e5aa3d4c23294f052cfef898dad7c433ec7f373d51d

fietsen.testing-page.nl Open in urlscan Pro 185.114.157.173 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

2786 kBTransfer

2933 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

fietsen.testing-page.nl Open in urlscan Pro
185.114.157.173 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

2786 kB
Transfer

2933 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions