kvk-gegevens.cde-197.ru
Open in
urlscan Pro
176.124.221.122
Malicious Activity!
Public Scan
Submitted URL: https://spacesit.cde-198.ru/contact/send/kv5.php
Effective URL: https://kvk-gegevens.cde-197.ru/modiforce/kvk/gegevens.php
Submission: On September 29 via manual from NL — Scanned from NL
Effective URL: https://kvk-gegevens.cde-197.ru/modiforce/kvk/gegevens.php
Submission: On September 29 via manual from NL — Scanned from NL
Summary
This website contacted 6 IPs
in 4 countries
across 6 domains to perform 32 HTTP transactions.
The main IP is 176.124.221.122, located in
Russian Federation and
belongs to CLOUDASSETS, RU.
The main domain is kvk-gegevens.cde-197.ru.
TLS certificate: Issued by R3 on September 28th 2022. Valid for: 3 months.
This is the only time kvk-gegevens.cde-197.ru was scanned on urlscan.io!
TLS certificate: Issued by R3 on September 28th 2022. Valid for: 3 months.
This is the only time kvk-gegevens.cde-197.ru was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ABN Amro (Banking) Kamer van Koophandel (Government)Community Verdicts: Malicious — 2 votes Show Verdicts
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 29 | 176.124.221.122 176.124.221.122 | 212441 (CLOUDASSETS) (CLOUDASSETS) | |
| 1 | 149.210.209.34 149.210.209.34 | 20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam) | |
| 1 2 | 142.250.186.70 142.250.186.70 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:827::2002 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:806::2002 | 15169 (GOOGLE) (GOOGLE) | |
| 32 | 6 |
29
176.124.221.122
(Russian Federation)
ASN212441 (CLOUDASSETS, RU)
PTR: host-176-124-221-122.macloud.host
ASN212441 (CLOUDASSETS, RU)
PTR: host-176-124-221-122.macloud.host
| spacesit.cde-198.ru | |
| kvk-gegevens.cde-197.ru |
1
149.210.209.34
(Netherlands)
ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: webhosting-cluster.transip.nl
ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: webhosting-cluster.transip.nl
| www.internetkassa.nu |
2
142.250.186.70
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
| 4368908.fls.doubleclick.net |
1
2a00:1450:4001:806::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| adservice.google.com.mm |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 28 |
cde-197.ru
kvk-gegevens.cde-197.ru |
74 KB |
| 2 |
doubleclick.net
1 redirects
4368908.fls.doubleclick.net — Cisco Umbrella Rank: 322640 |
2 KB |
| 1 |
google.com.mm
adservice.google.com.mm — Cisco Umbrella Rank: 250008 |
870 B |
| 1 |
google.com
adservice.google.com — Cisco Umbrella Rank: 76 |
969 B |
| 1 |
internetkassa.nu
www.internetkassa.nu |
5 KB |
| 1 |
cde-198.ru
1 redirects
spacesit.cde-198.ru |
243 B |
| 32 | 6 |
| Domain | Requested by | |
|---|---|---|
| 28 | kvk-gegevens.cde-197.ru |
kvk-gegevens.cde-197.ru
|
| 2 | 4368908.fls.doubleclick.net |
1 redirects
kvk-gegevens.cde-197.ru
|
| 1 | adservice.google.com.mm |
adservice.google.com
|
| 1 | adservice.google.com |
4368908.fls.doubleclick.net
|
| 1 | www.internetkassa.nu |
kvk-gegevens.cde-197.ru
|
| 1 | spacesit.cde-198.ru | 1 redirects |
| 32 | 6 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.kvk.nl |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| kvk-gegevens.cde-197.ru R3 |
2022-09-28 - 2022-12-27 |
3 months | crt.sh |
| *.internetkassa.nu R3 |
2022-09-05 - 2022-12-04 |
3 months | crt.sh |
| *.doubleclick.net GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
| *.google.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
| *.google.com.mm GTS CA 1C3 |
2022-09-05 - 2022-11-28 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://kvk-gegevens.cde-197.ru/modiforce/kvk/gegevens.php
Frame ID: 48BB54FFCC11C317F869819B8FBBB6CE
Requests: 30 HTTP requests in this frame
Frame:
https://4368908.fls.doubleclick.net/activityi;dc_pre=CIiaitCkuvoCFTawmgoduioABA;src=4368908;type=rem;cat=2019_0;ord=3676134943668;gtm=2od432;auiddc=232184748.1586796442;u15=bf6fa2f9-79d9-4bca-8a99-75469950aaf1;u20=retail;u21=authenticatie;u22=inloggen;u24=NL;u25=nl;u26=mij%3Aauth%3Ainloggen%3Aindex%3Alogin;u27=https%3A%2F%2Fwww.abnamro.nl%2Fportal%2Fmijn-abnamro%2Fauthenticatie%2Finloggen%2Findex.html;u28=0;~oref=https%3A%2F%2Fwww.abnamro.nl%2Fportal%2Fmijn-abnamro%2Fauthenticatie%2Finloggen%2Findex.html
Frame ID: C2254CB463C40DD2D1A77FC91EA0E789
Requests: 1 HTTP requests in this frame
Frame:
https://adservice.google.com/ddm/fls/i/dc_pre=CIiaitCkuvoCFTawmgoduioABA;src=4368908;type=rem;cat=2019_0;ord=3676134943668;gtm=2od432;auiddc=232184748.1586796442;u15=bf6fa2f9-79d9-4bca-8a99-75469950aaf1;u20=retail;u21=authenticatie;u22=inloggen;u24=NL;u25=nl;u26=mij%3Aauth%3Ainloggen%3Aindex%3Alogin;u27=https%3A%2F%2Fwww.abnamro.nl%2Fportal%2Fmijn-abnamro%2Fauthenticatie%2Finloggen%2Findex.html;u28=0;~oref=https%3A%2F%2Fwww.abnamro.nl%2Fportal%2Fmijn-abnamro%2Fauthenticatie%2Finloggen%2Findex.html
Frame ID: 7164BCE97A47EE1FC2D62B2C7AD5026E
Requests: 1 HTTP requests in this frame
Frame:
https://adservice.google.com.mm/ddm/fls/i/dc_pre=CIiaitCkuvoCFTawmgoduioABA;src=4368908;type=rem;cat=2019_0;ord=3676134943668;gtm=2od432;auiddc=232184748.1586796442;u15=bf6fa2f9-79d9-4bca-8a99-75469950aaf1;u20=retail;u21=authenticatie;u22=inloggen;u24=NL;u25=nl;u26=mij%3Aauth%3Ainloggen%3Aindex%3Alogin;u27=https%3A%2F%2Fwww.abnamro.nl%2Fportal%2Fmijn-abnamro%2Fauthenticatie%2Finloggen%2Findex.html;u28=0;~oref=https%3A%2F%2Fwww.abnamro.nl%2Fportal%2Fmijn-abnamro%2Fauthenticatie%2Finloggen%2Findex.html
Frame ID: 035EF7481983C575A458C6042C0C7565
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Gegevenscontrole - KVKPage URL History Show full URLs
-
https://spacesit.cde-198.ru/contact/send/kv5.php
HTTP 302
https://kvk-gegevens.cde-197.ru/modiforce/kvk/gegevens.php Page URL
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /wp-(?:content|includes)/
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://www.kvk.nl/service-en-contact/
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://spacesit.cde-198.ru/contact/send/kv5.php
HTTP 302
https://kvk-gegevens.cde-197.ru/modiforce/kvk/gegevens.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 29- https://4368908.fls.doubleclick.net/activityi;src=4368908;type=rem;cat=2019_0;ord=3676134943668;gtm=2od432;auiddc=232184748.1586796442;u15=bf6fa2f9-79d9-4bca-8a99-75469950aaf1;u20=retail;u21=authenticatie;u22=inloggen;u24=NL;u25=nl;u26=mij%3Aauth%3Ainloggen%3Aindex%3Alogin;u27=https%3A%2F%2Fwww.abnamro.nl%2Fportal%2Fmijn-abnamro%2Fauthenticatie%2Finloggen%2Findex.html;u28=0;~oref=https%3A%2F%2Fwww.abnamro.nl%2Fportal%2Fmijn-abnamro%2Fauthenticatie%2Finloggen%2Findex.html HTTP 302
- https://4368908.fls.doubleclick.net/activityi;dc_pre=CIiaitCkuvoCFTawmgoduioABA;src=4368908;type=rem;cat=2019_0;ord=3676134943668;gtm=2od432;auiddc=232184748.1586796442;u15=bf6fa2f9-79d9-4bca-8a99-75469950aaf1;u20=retail;u21=authenticatie;u22=inloggen;u24=NL;u25=nl;u26=mij%3Aauth%3Ainloggen%3Aindex%3Alogin;u27=https%3A%2F%2Fwww.abnamro.nl%2Fportal%2Fmijn-abnamro%2Fauthenticatie%2Finloggen%2Findex.html;u28=0;~oref=https%3A%2F%2Fwww.abnamro.nl%2Fportal%2Fmijn-abnamro%2Fauthenticatie%2Finloggen%2Findex.html
32 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
gegevens.php
kvk-gegevens.cde-197.ru/modiforce/kvk/ Redirect Chain
|
88 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style4.css
kvk-gegevens.cde-197.ru/modiforce/kvk/ |
342 KB 50 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
myabnamro-compatability.css
kvk-gegevens.cde-197.ru/modiforce/kvk/ |
29 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
analytics.js
kvk-gegevens.cde-197.ru/modiforce/kvk/Internet%20Bankieren%20-%20ABN%20AMRO_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
r42_library.js
kvk-gegevens.cde-197.ru/modiforce/kvk/Internet%20Bankieren%20-%20ABN%20AMRO_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fbevents.js
kvk-gegevens.cde-197.ru/modiforce/kvk/Internet%20Bankieren%20-%20ABN%20AMRO_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
js
kvk-gegevens.cde-197.ru/modiforce/kvk/Internet%20Bankieren%20-%20ABN%20AMRO_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
utag_004.js
kvk-gegevens.cde-197.ru/modiforce/kvk/Internet%20Bankieren%20-%20ABN%20AMRO_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.js
kvk-gegevens.cde-197.ru/modiforce/kvk/Internet%20Bankieren%20-%20ABN%20AMRO_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
webcomponents-loader.js
kvk-gegevens.cde-197.ru/modiforce/kvk/Internet%20Bankieren%20-%20ABN%20AMRO_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
adobe-scode.js
kvk-gegevens.cde-197.ru/modiforce/kvk/Internet%20Bankieren%20-%20ABN%20AMRO_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tealium-environment.js
kvk-gegevens.cde-197.ru/modiforce/kvk/Internet%20Bankieren%20-%20ABN%20AMRO_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dtm-code.js
kvk-gegevens.cde-197.ru/modiforce/kvk/Internet%20Bankieren%20-%20ABN%20AMRO_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
index.js
kvk-gegevens.cde-197.ru/modiforce/kvk/Internet%20Bankieren%20-%20ABN%20AMRO_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
utag_002.js
kvk-gegevens.cde-197.ru/modiforce/kvk/Internet%20Bankieren%20-%20ABN%20AMRO_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
utag_003.js
kvk-gegevens.cde-197.ru/modiforce/kvk/Internet%20Bankieren%20-%20ABN%20AMRO_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
utag.js
kvk-gegevens.cde-197.ru/modiforce/kvk/Internet%20Bankieren%20-%20ABN%20AMRO_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
utag_005.js
kvk-gegevens.cde-197.ru/modiforce/kvk/Internet%20Bankieren%20-%20ABN%20AMRO_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3.css
kvk-gegevens.cde-197.ru/modiforce/kvk/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
vendorsindex.js
kvk-gegevens.cde-197.ru/modiforce/kvk/Internet%20Bankieren%20-%20ABN%20AMRO_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
0.css
kvk-gegevens.cde-197.ru/assets/css/ |
151 B 437 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
index_002.js
kvk-gegevens.cde-197.ru/modiforce/kvk/Internet%20Bankieren%20-%20ABN%20AMRO_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
01717469f9a40017420ad48c702f0104e002a00d00978_004
kvk-gegevens.cde-197.ru/modiforce/kvk/Internet%20Bankieren%20-%20ABN%20AMRO_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
01717469f9a40017420ad48c702f0104e002a00d00978_002
kvk-gegevens.cde-197.ru/modiforce/kvk/Internet%20Bankieren%20-%20ABN%20AMRO_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
01717469f9a40017420ad48c702f0104e002a00d00978
kvk-gegevens.cde-197.ru/modiforce/kvk/Internet%20Bankieren%20-%20ABN%20AMRO_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
01717469f9a40017420ad48c702f0104e002a00d00978_005
kvk-gegevens.cde-197.ru/modiforce/kvk/Internet%20Bankieren%20-%20ABN%20AMRO_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
01717469f9a40017420ad48c702f0104e002a00d00978_003
kvk-gegevens.cde-197.ru/modiforce/kvk/Internet%20Bankieren%20-%20ABN%20AMRO_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
kvklogo.png
www.internetkassa.nu/wp-content/uploads/2018/11/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
160 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
em-header-gradient.668ea565.svg
kvk-gegevens.cde-197.ru/modiforce/images/ |
285 B 285 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
activityi;dc_pre=CIiaitCkuvoCFTawmgoduioABA;src=4368908;type=rem;cat=2019_0;ord=3676134943668;gtm=2od432;auiddc=232184748.1586796442;u15=bf6fa2f9-79d9-4bca-8a99-75469950aaf1;u20=retail;u21=authenti...
4368908.fls.doubleclick.net/ Frame C225 Redirect Chain
|
778 B 676 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dc_pre=CIiaitCkuvoCFTawmgoduioABA;src=4368908;type=rem;cat=2019_0;ord=3676134943668;gtm=2od432;auiddc=232184748.1586796442;u15=bf6fa2f9-79d9-4bca-8a99-75469950aaf1;u20=retail;u21=authenticatie;u22=...
adservice.google.com/ddm/fls/i/ Frame 7164 |
781 B 969 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dc_pre=CIiaitCkuvoCFTawmgoduioABA;src=4368908;type=rem;cat=2019_0;ord=3676134943668;gtm=2od432;auiddc=232184748.1586796442;u15=bf6fa2f9-79d9-4bca-8a99-75469950aaf1;u20=retail;u21=authenticatie;u22=...
adservice.google.com.mm/ddm/fls/i/ Frame 035E |
194 B 870 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Malicious
page.url
Submitted on
September 29th 2022, 3:17:24 pm
UTC —
From Netherlands
Threats:
Phishing
Brands:
Kamer van Koophandel
NL
Comment: Netherlands Chamber of Commerce (KVK) themed phishing website
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ABN Amro (Banking) Kamer van Koophandel (Government)25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| ABNA_OCA_DoubleClick_Forms function| widgetsAnalytics function| dataLayerManager object| dataLayer function| objPixels function| CategoryLookUp function| FormatDoubleClickRequest object| PixelList function| GDL_get_lastIndex function| GDL_get function| GDL_getfrom_last function| GDL_getfrom_last_key function| GDL_get_event function| IBANnameCheck object| TMSConfigObject1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
23 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
4368908.fls.doubleclick.net
adservice.google.com
adservice.google.com.mm
kvk-gegevens.cde-197.ru
spacesit.cde-198.ru
www.internetkassa.nu
142.250.186.70
149.210.209.34
176.124.221.122
2a00:1450:4001:806::2002
2a00:1450:4001:827::2002
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0a254c9b7620da258ca58cd5da85d5289d28d4a2fe024516bf1de59d080fff1e
1b45d91aad7898cd9a0e09f0d3c83a114114673c40f7ae1842c51dd6ca5929c6
293680a5c9b05ee7c9c775597a78a96e2326217111b9d8d46689349877dc497c
2b1f32f7d221b7205649c265d7c4f1c0b8b3890ae99637ccc9533ca994e04ade
304cdbb19b9f5f2252dc32c72a464cf94cc3763f18fa0e1427406f5dd05aed40
5400e1d9a4493ca735f1103e6c3c7742a6bed1ece7dbec936b874d4abc4a5caf
6eb5ba22684f97c93820f074f14fcb8d36383d98307f41634f4ab2d36ce6296a
891e5e6f689c32b28e41ae5e3f71cf8e63109d8da7a1d9a56b332a8a135cb6d3
a4d9ec0ad534ac6ea87b86af4092110b9b0253c18cf74f10f55f673ef728f96e
a6755f7479a76762b3767ef951678ba8020b90785c98de76f336aea7bbb40449