urlscan.io logo urlscan.io
SecurityTrails logo

argratias.info Open in urlscan Pro
81.169.145.88  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://doorstuurtlings.info/fresh
Effective URL: http://argratias.info/updates/klantomgeving/
Submission: On June 04 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 5 domains to perform 13 HTTP transactions. The main IP is 81.169.145.88, located in Berlin, Germany and belongs to STRATO STRATO AG, DE. The main domain is argratias.info.
This is the only time argratias.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Argenta (Banking)

Domain & IP information

IP Address AS Autonomous System
1 2 46.30.213.33 51468 (ONECOM)
2 81.169.145.88 6724 (STRATO ST...)
6 194.7.66.80 702 (UUNET)
1 216.58.207.74 15169 (GOOGLE)
1 216.58.207.67 15169 (GOOGLE)
13 6
2    46.30.213.33 (Copenhagen, Denmark)

ASN51468 (ONECOM, DK)
PTR: webcluster34.webpod1-cph3.one.com
doorstuurtlings.info
2    81.169.145.88 (Berlin, Germany)

ASN6724 (STRATO STRATO AG, DE)
PTR: w88.rzone.de
argratias.info
6    194.7.66.80 (Belgium)

ASN702 (UUNET - MCI Communications Services, Inc. d/b/a Verizon Business, US)
PTR: uu194-7-66-80.unknown.uunet.be
www.argenta.be
1    216.58.207.74 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f10.1e100.net
fonts.googleapis.com
1    216.58.207.67 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f3.1e100.net
fonts.gstatic.com
Domain Requested by
6 www.argenta.be argratias.info
2 argratias.info doorstuurtlings.info
argratias.info
2 doorstuurtlings.info 1 redirects
1 fonts.gstatic.com argratias.info
1 fonts.googleapis.com argratias.info
13 5

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://argratias.info/updates/klantomgeving/
Frame ID: C4522057B503094384C5C18F2541DF04
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://doorstuurtlings.info/fresh HTTP 301
    http://doorstuurtlings.info/fresh/ Page URL
  2. http://argratias.info/updates/klantomgeving/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /.*Varnish/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

13
Requests

0 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

6
IPs

4
Countries

129 kB
Transfer

417 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://doorstuurtlings.info/fresh HTTP 301
    http://doorstuurtlings.info/fresh/ Page URL
  2. http://argratias.info/updates/klantomgeving/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://doorstuurtlings.info/fresh HTTP 301
  • http://doorstuurtlings.info/fresh/

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
doorstuurtlings.info/fresh/
Redirect Chain
  • http://doorstuurtlings.info/fresh
  • http://doorstuurtlings.info/fresh/
7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://doorstuurtlings.info/fresh/
Protocol
HTTP/1.1
Server
46.30.213.33 Copenhagen, Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
webcluster34.webpod1-cph3.one.com
Software
Apache / PHP/7.1.16
Resource Hash

Request headers

Host
doorstuurtlings.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
C4522057B503094384C5C18F2541DF04

Response headers

Date
Mon, 04 Jun 2018 08:48:04 GMT
Server
Apache
X-Powered-By
PHP/7.1.16
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
3490
Content-Type
text/html; charset=UTF-8
X-Varnish
893420670
Age
0
Via
1.1 varnish (Varnish/6.0)
Accept-Ranges
bytes
Connection
keep-alive

Redirect headers

Date
Mon, 04 Jun 2018 08:48:04 GMT
Server
Apache
Location
http://doorstuurtlings.info/fresh/
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
198
Content-Type
text/html; charset=iso-8859-1
X-Varnish
893420668
Age
0
Via
1.1 varnish (Varnish/6.0)
Connection
keep-alive
Primary Request /
argratias.info/updates/klantomgeving/ 		14 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://argratias.info/updates/klantomgeving/
Requested by
Host: doorstuurtlings.info
URL: http://doorstuurtlings.info/fresh/
Protocol
HTTP/1.1
Server
81.169.145.88 Berlin, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
w88.rzone.de
Software
Apache/2.4.33 (Unix) / PHP/7.1.17
Resource Hash
8e6a6be5fcbe311e529aa1ddd7eed1bc6a29a635581427c99a46e8fb290f8e23

Request headers

Host
argratias.info
Connection
keep-alive
Content-Length
5571
Pragma
no-cache
Cache-Control
no-cache
Origin
http://doorstuurtlings.info
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://doorstuurtlings.info/fresh/
Accept-Encoding
gzip, deflate
Origin
http://doorstuurtlings.info
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
C4522057B503094384C5C18F2541DF04
Referer
http://doorstuurtlings.info/fresh/

Response headers

Date
Mon, 04 Jun 2018 08:48:04 GMT
Server
Apache/2.4.33 (Unix)
X-Powered-By
PHP/7.1.17
Keep-Alive
timeout=3, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html
reset.css
www.argenta.be/portalserver/static/portalclient/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.argenta.be/portalserver/static/portalclient/css/reset.css
Requested by
Host: argratias.info
URL: http://argratias.info/updates/klantomgeving/
Protocol
HTTP/1.1
Server
194.7.66.80 , Belgium, ASN702 (UUNET - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
uu194-7-66-80.unknown.uunet.be
Software
/
Resource Hash
3c268c23de2cdc03399f28e51ad14dbf933052ba513f9d85d466e38a67e7ebb1

Request headers

Referer
http://argratias.info/updates/klantomgeving/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 04 Jun 2018 08:48:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Apr 2016 14:06:18 GMT
Age
2918
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=3600, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1085
Expires
Mon, 04 Jun 2018 08:59:27 GMT
backbase-portal.css
www.argenta.be/portalserver/static/portalclient/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.argenta.be/portalserver/static/portalclient/css/backbase-portal.css
Requested by
Host: argratias.info
URL: http://argratias.info/updates/klantomgeving/
Protocol
HTTP/1.1
Server
194.7.66.80 , Belgium, ASN702 (UUNET - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
uu194-7-66-80.unknown.uunet.be
Software
/
Resource Hash
51e435489303e8558d8e5bdbabe33989c217de46c824e33fea951747182c9a25

Request headers

Referer
http://argratias.info/updates/klantomgeving/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 04 Jun 2018 08:48:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Apr 2016 14:06:18 GMT
Age
2889
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=3600, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1597
Expires
Mon, 04 Jun 2018 08:59:56 GMT
all.css
www.argenta.be/portalserver/static/portalclient/xml-lang/backbase.com.2012.view/css/ 		11 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.argenta.be/portalserver/static/portalclient/xml-lang/backbase.com.2012.view/css/all.css
Requested by
Host: argratias.info
URL: http://argratias.info/updates/klantomgeving/
Protocol
HTTP/1.1
Server
194.7.66.80 , Belgium, ASN702 (UUNET - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
uu194-7-66-80.unknown.uunet.be
Software
/
Resource Hash
db6e0fbbbdac6a2591ec96b371fb2e82ac36ff29112aa46bda34eb24ff6ae3d6

Request headers

Referer
http://argratias.info/updates/klantomgeving/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 04 Jun 2018 08:48:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Apr 2016 14:07:34 GMT
Age
2903
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=3600, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3427
Expires
Mon, 04 Jun 2018 08:59:42 GMT
aurora.min.css
www.argenta.be/portalserver/static/backbase.com.2012.aurora/build/ 		22 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.argenta.be/portalserver/static/backbase.com.2012.aurora/build/aurora.min.css?v=5.5.1.6-2016-04-1915:41
Requested by
Host: argratias.info
URL: http://argratias.info/updates/klantomgeving/
Protocol
HTTP/1.1
Server
194.7.66.80 , Belgium, ASN702 (UUNET - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
uu194-7-66-80.unknown.uunet.be
Software
/
Resource Hash
53251e2c0b80f8ba2c100aa19200b3ee26189b9b0720a5d7287fb34858189cb0

Request headers

Referer
http://argratias.info/updates/klantomgeving/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 04 Jun 2018 08:48:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Apr 2016 12:15:58 GMT
Age
2901
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=3600, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
6493
Expires
Mon, 04 Jun 2018 08:59:44 GMT
footer.css
www.argenta.be/portalserver/static/argenta/containers/footer/css/ 		0
678 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.argenta.be/portalserver/static/argenta/containers/footer/css/footer.css
Requested by
Host: argratias.info
URL: http://argratias.info/updates/klantomgeving/
Protocol
HTTP/1.1
Server
194.7.66.80 , Belgium, ASN702 (UUNET - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
uu194-7-66-80.unknown.uunet.be
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://argratias.info/updates/klantomgeving/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 04 Jun 2018 08:48:05 GMT
Cache-Control
max-age=3600, must-revalidate
Last-Modified
Mon, 05 Mar 2018 09:15:28 GMT
Connection
keep-alive
Content-Type
text/css;charset=UTF-8
Content-Length
0
Expires
Mon, 04 Jun 2018 09:48:05 GMT
base.css
www.argenta.be/portalserver/static/themes/argenta/css/ 		315 KB
70 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.argenta.be/portalserver/static/themes/argenta/css/base.css
Requested by
Host: argratias.info
URL: http://argratias.info/updates/klantomgeving/
Protocol
HTTP/1.1
Server
194.7.66.80 , Belgium, ASN702 (UUNET - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
uu194-7-66-80.unknown.uunet.be
Software
/
Resource Hash
9e827f8aae4ca7a15386f91016015029ddc49f7d19808c907fcd7142069d60e0

Request headers

Referer
http://argratias.info/updates/klantomgeving/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 04 Jun 2018 08:48:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Mar 2018 09:17:48 GMT
Age
2894
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=3600, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
71128
Expires
Mon, 04 Jun 2018 08:59:51 GMT
bs.js
argratias.info/updates/klantomgeving/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://argratias.info/updates/klantomgeving/bs.js
Requested by
Host: argratias.info
URL: http://argratias.info/updates/klantomgeving/
Protocol
HTTP/1.1
Server
81.169.145.88 Berlin, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
w88.rzone.de
Software
Apache/2.4.33 (Unix) /
Resource Hash
f68fa59ccbd91bed833330121daa4e22fb7d31236b1fb85224592134cb04911a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
argratias.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
http://argratias.info/updates/klantomgeving/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://argratias.info/updates/klantomgeving/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 04 Jun 2018 08:48:04 GMT
Last-Modified
Sun, 03 Jun 2018 14:16:12 GMT
Server
Apache/2.4.33 (Unix)
ETag
"e06-56dbd75949cc0"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=99
Content-Length
3590
css
fonts.googleapis.com/ 		494 B
372 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab:300|Open+Sans:300
Requested by
Host: argratias.info
URL: http://argratias.info/updates/klantomgeving/
Protocol
SPDY
Server
216.58.207.74 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f10.1e100.net
Software
ESF /
Resource Hash
b4be1df402a8136bdb8b41914860ed3d1bc28dc68df47e2eaadb67243886b665
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://argratias.info/updates/klantomgeving/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 04 Jun 2018 08:48:04 GMT
content-encoding
gzip
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection
1; mode=block
expires
Mon, 04 Jun 2018 08:48:04 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a34c2fb641940e02df310374b0aebde105a6852d8044d25fe6f2af7ed754ad14

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
BngRUXZYTXPIvIBgJJSb6u9mxLCGwRg.ttf
fonts.gstatic.com/s/robotoslab/v7/ 		37 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v7/BngRUXZYTXPIvIBgJJSb6u9mxLCGwRg.ttf
Requested by
Host: argratias.info
URL: http://argratias.info/updates/klantomgeving/
Protocol
SPDY
Server
216.58.207.67 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f3.1e100.net
Software
sffe /
Resource Hash
1151377f83d3572e1193c9ed6ddcfb5b9aafc63d18792c0430dc7a359c0c1547
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto+Slab:300|Open+Sans:300
Origin
http://argratias.info

Response headers

date
Thu, 24 May 2018 20:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
908691
status
200
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
22821
x-xss-protection
1; mode=block
last-modified
Wed, 11 Oct 2017 18:32:06 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 May 2019 20:23:15 GMT
OpenSans-Regular-webfont.woff
www.argenta.be/portalserver/static/themes/argenta/fonts/open_sans/ 		0
0
OpenSans-Regular-webfont.ttf
www.argenta.be/portalserver/static/themes/argenta/fonts/open_sans/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.argenta.be
URL
https://www.argenta.be/portalserver/static/themes/argenta/fonts/open_sans/OpenSans-Regular-webfont.woff
Domain
www.argenta.be
URL
https://www.argenta.be/portalserver/static/themes/argenta/fonts/open_sans/OpenSans-Regular-webfont.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Argenta (Banking)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| interLude function| senderLude function| interLudez function| interLud function| senderLudez function| finterLude function| isNumber

0 Cookies