URL: http://efrceilanders.nl/fke/OneDrive_Message.htm
Submission Tags: phishing spamreports malicious Search All
Submission: On October 08 via api from CO

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 2 HTTP transactions. The main IP is 185.10.99.2, located in Netherlands and belongs to IKOULA, FR. The main domain is efrceilanders.nl.
This is the only time efrceilanders.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 185.10.99.2 21409 (IKOULA)
1 213.186.33.3 16276 (OVH)
2 3
Apex Domain
Subdomains
Transfer
1 quentinmorel.fr
labo.quentinmorel.fr
7 KB
1 efrceilanders.nl
efrceilanders.nl
14 KB
2 2
Domain Requested by
1 labo.quentinmorel.fr efrceilanders.nl
1 efrceilanders.nl
2 2

This site contains links to these domains. Also see Links.

Domain
kimballequipment-my.sharepoint.com
funkids.in
eastusr-notifyp.svc.ms
Subject Issuer Validity Valid
quentinmorel.fr
Let's Encrypt Authority X3
2020-10-07 -
2021-01-05
3 months crt.sh

This page contains 1 frames:

Primary Page: http://efrceilanders.nl/fke/OneDrive_Message.htm
Frame ID: B7B229F18C14D9520FFF429674E0AF98
Requests: 4 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

21 kB
Transfer

63 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request OneDrive_Message.htm
efrceilanders.nl/fke/
52 KB
14 KB
Document
General
Full URL
http://efrceilanders.nl/fke/OneDrive_Message.htm
Protocol
HTTP/1.1
Server
185.10.99.2 , Netherlands, ASN21409 (IKOULA, FR),
Reverse DNS
ikdirectadmin01.ikoula.com
Software
nginx /
Resource Hash
470dc4daf7f816c249396f2368739b20f0ea62c47ae710549aa49e633cfa5455

Request headers

Host
efrceilanders.nl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Thu, 08 Oct 2020 04:26:59 GMT
Content-Type
text/html
Content-Length
13684
Connection
keep-alive
Upgrade
h2,h2c
Last-Modified
Thu, 08 Oct 2020 02:20:48 GMT
ETag
"ce98-5b11f7afb3626-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
8.png
labo.quentinmorel.fr/
7 KB
7 KB
Image
General
Full URL
https://labo.quentinmorel.fr/8.png
Requested by
Host: efrceilanders.nl
URL: http://efrceilanders.nl/fke/OneDrive_Message.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.3 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster015.ovh.net
Software
Apache /
Resource Hash
f03e22bdad85479d2e6127d3365afcb351924307773953648c90934b16520e8f

Request headers

Referer
http://efrceilanders.nl/fke/OneDrive_Message.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 04:26:59 GMT
last-modified
Sun, 05 Apr 2020 23:53:43 GMT
server
Apache
content-type
image/png
status
200
cache-control
max-age=900
accept-ranges
bytes
content-length
6881
expires
Thu, 08 Oct 2020 04:41:59 GMT
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ace3cd8a177c8b516e79620963e13197dc5c0797c281f9a3cc8eac548d8bf10

Request headers

Origin
http://efrceilanders.nl
Referer
http://efrceilanders.nl/fke/OneDrive_Message.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
37fd2121d88cb0220f9fbc077bbd8d995a397c2683f8cc890e0f6ca9f309b1c0

Request headers

Origin
http://efrceilanders.nl
Referer
http://efrceilanders.nl/fke/OneDrive_Message.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes

0 Cookies