web-2745.web-interface.eu Open in urlscan Pro
45.142.114.254 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://web-2745.web-interface.eu/
Submission: On September 06 via api (September 6th 2024, 12:19:21 am UTC) from BY — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 45.142.114.254, located in Germany and belongs to LUMASERV LUMASERV GmbH, DE. The main domain is web-2745.web-interface.eu.
TLS certificate: Issued by R11 on August 7th 2024. Valid for: 3 months.

This is the only time web-2745.web-interface.eu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Kamer van Koophandel (Government) NL Government (Government)

Domain & IP information

	IP Address		AS Autonomous System
9	45.142.114.254 45.142.114.254		200303 (LUMASERV ...) (LUMASERV LUMASERV GmbH)
9	1

9 45.142.114.254 (Germany)

ASN200303 (LUMASERV LUMASERV GmbH, DE)
PTR: web-interface.eu

web-2745.web-interface.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	web-interface.eu web-2745.web-interface.eu	143 KB
9	1

	Domain	Requested by
9	web-2745.web-interface.eu	web-2745.web-interface.eu
9	1

This site contains no links.

Subject Issuer	Validity	Valid
web-2745.web-interface.eu R11	`2024-08-07` - `2024-11-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://web-2745.web-interface.eu/
Frame ID: 11040CB915A3E896DC709AD34FBC6424
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Inloggen

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

143 kB
Transfer

420 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response web-2745.web-interface.eu/	23 KB 6 KB	71ms 21ms	Document text/html	45.142.114.254 LUMASERV LUMASERV...
General Check archive.org Show headers Download Go to Full URL https://web-2745.web-interface.eu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.142.114.254 , Germany, ASN200303 (LUMASERV LUMASERV GmbH, DE), Reverse DNS web-interface.eu Software nginx / PHP/8.3.11 PleskLin Resource Hash `c07b31b6bb937bb8a336b9a7fd577122cbb45bc49fef35687474c5cecd6df108` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-length 5676 content-type text/html; charset=UTF-8 date Fri, 06 Sep 2024 00:19:16 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx vary Accept-Encoding x-powered-by PHP/8.3.11 PleskLin
GET H2	200	main.css web-2745.web-interface.eu/kvk_assetz/css/	213 KB 15 KB	18ms 17ms	Stylesheet text/css	45.142.114.254 LUMASERV LUMASERV...
General Check archive.org Show headers Download Go to Full URL https://web-2745.web-interface.eu/kvk_assetz/css/main.css Requested by Host: web-2745.web-interface.eu URL: https://web-2745.web-interface.eu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.142.114.254 , Germany, ASN200303 (LUMASERV LUMASERV GmbH, DE), Reverse DNS web-interface.eu Software nginx / PleskLin Resource Hash `7a4b921b2cbe79e46447628543b813097b8e29735d05f3f3daba94a23249ca7e` Request headers Referer https://web-2745.web-interface.eu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 06 Sep 2024 00:19:16 GMT content-encoding br last-modified Sat, 09 Jul 2022 15:28:30 GMT server nginx etag W/"62c99e9e-3540b" x-powered-by PleskLin content-type text/css
GET H2	200	jquery.js Show response web-2745.web-interface.eu/kvk_assetz/js/	87 KB 30 KB	21ms 21ms	Script application/javascript	45.142.114.254 LUMASERV LUMASERV...
General Check archive.org Show headers Download Go to Full URL https://web-2745.web-interface.eu/kvk_assetz/js/jquery.js Requested by Host: web-2745.web-interface.eu URL: https://web-2745.web-interface.eu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.142.114.254 , Germany, ASN200303 (LUMASERV LUMASERV GmbH, DE), Reverse DNS web-interface.eu Software nginx / PleskLin Resource Hash `ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b` Request headers Referer https://web-2745.web-interface.eu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 06 Sep 2024 00:19:16 GMT content-encoding br last-modified Fri, 08 Jul 2022 09:54:40 GMT server nginx etag W/"62c7fee0-15d9f" x-powered-by PleskLin content-type application/javascript
GET H2	200	misc.js Show response web-2745.web-interface.eu/kvk_assetz/js/	8 KB 3 KB	11ms 11ms	Script application/javascript	45.142.114.254 LUMASERV LUMASERV...
General Check archive.org Show headers Download Go to Full URL https://web-2745.web-interface.eu/kvk_assetz/js/misc.js Requested by Host: web-2745.web-interface.eu URL: https://web-2745.web-interface.eu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.142.114.254 , Germany, ASN200303 (LUMASERV LUMASERV GmbH, DE), Reverse DNS web-interface.eu Software nginx / PleskLin Resource Hash `d76519645ff1cb534fb5bacf5f1554d4e39c38d27ac639965ae5ae31568fad9e` Request headers Referer https://web-2745.web-interface.eu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 06 Sep 2024 00:19:16 GMT content-encoding br last-modified Sat, 09 Jul 2022 15:29:54 GMT server nginx etag W/"62c99ef2-209a" x-powered-by PleskLin content-type application/javascript
GET H2	200	CiutadellaRounded-SmBd.woff2 web-2745.web-interface.eu/kvk_assetz/fonts/	35 KB 36 KB	19ms 16ms	Font font/woff2	45.142.114.254 LUMASERV LUMASERV...
General Check archive.org Show headers Download Go to Full URL https://web-2745.web-interface.eu/kvk_assetz/fonts/CiutadellaRounded-SmBd.woff2 Requested by Host: web-2745.web-interface.eu URL: https://web-2745.web-interface.eu/kvk_assetz/css/main.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.142.114.254 , Germany, ASN200303 (LUMASERV LUMASERV GmbH, DE), Reverse DNS web-interface.eu Software nginx / PleskLin Resource Hash `2ee14c678486082c694e73bbd1553ed2c6198800bb5ca2ef348305dda8f2861c` Request headers Referer https://web-2745.web-interface.eu/kvk_assetz/css/main.css Origin https://web-2745.web-interface.eu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 06 Sep 2024 00:19:16 GMT last-modified Sat, 09 Jul 2022 14:18:24 GMT server nginx etag "62c98e30-8dc0" x-powered-by PleskLin content-type font/woff2 accept-ranges bytes content-length 36288
GET H2	200	roboto-v18-latin-regular.woff2 web-2745.web-interface.eu/kvk_assetz/fonts/	15 KB 15 KB	18ms 15ms	Font font/woff2	45.142.114.254 LUMASERV LUMASERV...
General Check archive.org Show headers Download Go to Full URL https://web-2745.web-interface.eu/kvk_assetz/fonts/roboto-v18-latin-regular.woff2 Requested by Host: web-2745.web-interface.eu URL: https://web-2745.web-interface.eu/kvk_assetz/css/main.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.142.114.254 , Germany, ASN200303 (LUMASERV LUMASERV GmbH, DE), Reverse DNS web-interface.eu Software nginx / PleskLin Resource Hash `3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc` Request headers Referer https://web-2745.web-interface.eu/kvk_assetz/css/main.css Origin https://web-2745.web-interface.eu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 06 Sep 2024 00:19:16 GMT last-modified Sat, 09 Jul 2022 14:18:34 GMT server nginx etag "62c98e3a-3bf0" x-powered-by PleskLin content-type font/woff2 accept-ranges bytes content-length 15344
GET H2	200	roboto-v18-latin-500.woff2 web-2745.web-interface.eu/kvk_assetz/fonts/	15 KB 15 KB	23ms 21ms	Font font/woff2	45.142.114.254 LUMASERV LUMASERV...
General Check archive.org Show headers Download Go to Full URL https://web-2745.web-interface.eu/kvk_assetz/fonts/roboto-v18-latin-500.woff2 Requested by Host: web-2745.web-interface.eu URL: https://web-2745.web-interface.eu/kvk_assetz/css/main.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.142.114.254 , Germany, ASN200303 (LUMASERV LUMASERV GmbH, DE), Reverse DNS web-interface.eu Software nginx / PleskLin Resource Hash `5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7` Request headers Referer https://web-2745.web-interface.eu/kvk_assetz/css/main.css Origin https://web-2745.web-interface.eu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 06 Sep 2024 00:19:16 GMT last-modified Sat, 09 Jul 2022 14:18:44 GMT server nginx etag "62c98e44-3cc0" x-powered-by PleskLin content-type font/woff2 accept-ranges bytes content-length 15552
GET H2	200	roboto-v18-latin-300.woff2 web-2745.web-interface.eu/kvk_assetz/fonts/	15 KB 15 KB	24ms 22ms	Font font/woff2	45.142.114.254 LUMASERV LUMASERV...
General Check archive.org Show headers Download Go to Full URL https://web-2745.web-interface.eu/kvk_assetz/fonts/roboto-v18-latin-300.woff2 Requested by Host: web-2745.web-interface.eu URL: https://web-2745.web-interface.eu/kvk_assetz/css/main.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.142.114.254 , Germany, ASN200303 (LUMASERV LUMASERV GmbH, DE), Reverse DNS web-interface.eu Software nginx / PleskLin Resource Hash `eca8ffa764a66cd084800e2e71c4176ef089ebd805515664a6cb8d4fb3b598bf` Request headers Referer https://web-2745.web-interface.eu/kvk_assetz/css/main.css Origin https://web-2745.web-interface.eu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 06 Sep 2024 00:19:16 GMT last-modified Sat, 09 Jul 2022 14:18:30 GMT server nginx etag "62c98e36-3c50" x-powered-by PleskLin content-type font/woff2 accept-ranges bytes content-length 15440
GET H2	200	favicon.ico web-2745.web-interface.eu/kvk_assetz/img/	7 KB 7 KB	11ms 10ms	Other image/vnd.microsoft.icon	45.142.114.254 LUMASERV LUMASERV...
General Check archive.org Show headers Download Go to Full URL https://web-2745.web-interface.eu/kvk_assetz/img/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.142.114.254 , Germany, ASN200303 (LUMASERV LUMASERV GmbH, DE), Reverse DNS web-interface.eu Software nginx / PleskLin Resource Hash `54adb934946dbff509cf6535064388bbf46d6951aee164a225e41e279d100142` Request headers Referer https://web-2745.web-interface.eu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 06 Sep 2024 00:19:16 GMT last-modified Sat, 09 Jul 2022 15:14:44 GMT server nginx etag "62c99b64-1cee" x-powered-by PleskLin content-type image/vnd.microsoft.icon accept-ranges bytes content-length 7406

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Kamer van Koophandel (Government) NL Government (Government)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| $jscomp

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			web-2745.web-interface.eu/	1969-12-31 23:59:59	Name: PHPSESSID Value: hqarf50m36lenod30qfmvaf42g

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

web-2745.web-interface.eu
45.142.114.254
2ee14c678486082c694e73bbd1553ed2c6198800bb5ca2ef348305dda8f2861c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
54adb934946dbff509cf6535064388bbf46d6951aee164a225e41e279d100142
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
7a4b921b2cbe79e46447628543b813097b8e29735d05f3f3daba94a23249ca7e
c07b31b6bb937bb8a336b9a7fd577122cbb45bc49fef35687474c5cecd6df108
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
d76519645ff1cb534fb5bacf5f1554d4e39c38d27ac639965ae5ae31568fad9e
eca8ffa764a66cd084800e2e71c4176ef089ebd805515664a6cb8d4fb3b598bf

web-2745.web-interface.eu Open in urlscan Pro 45.142.114.254 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

143 kBTransfer

420 kBSize

1 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

1 Cookies

Indicators

web-2745.web-interface.eu Open in urlscan Pro
45.142.114.254 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

143 kB
Transfer

420 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!