account-herstellen-nl.info Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://account-herstellen-nl.info/
Submission: On September 22 via api (September 22nd 2023, 8:20:18 pm UTC) from NL — Scanned from NL

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 12 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United Kingdom and belongs to CLOUDFLARENET, US. The main domain is account-herstellen-nl.info.

This is the only time account-herstellen-nl.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ABN Amro (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 10	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:2c:... 2a02:26f0:2c::216:f2b9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	3

10 2a06:98c1:3121::3 (United Kingdom) 1 redirects

ASN13335 (CLOUDFLARENET, US)

account-herstellen-nl.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:2c::216:f2b9 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

www.abnamro.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	account-herstellen-nl.info 1 redirects account-herstellen-nl.info	106 KB
3	abnamro.nl www.abnamro.nl — Cisco Umbrella Rank: 56105	3 KB
12	2

	Domain	Requested by
10	account-herstellen-nl.info	1 redirects account-herstellen-nl.info
3	www.abnamro.nl	account-herstellen-nl.info
12	2

This site contains no links.

Subject Issuer	Validity	Valid
www.abnamro.nl Entrust Certification Authority - L1M	`2023-08-10` - `2024-08-10`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://account-herstellen-nl.info/
Frame ID: 3939BB4BC67B9A0D4BA6BA468063B6AD
Requests: 11 HTTP requests in this frame

Frame: http://account-herstellen-nl.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Frame ID: 9810529D16865031C6BCC125CE92FFC1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Internet Banking - ABN AMRO

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

25 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

109 kB
Transfer

572 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

http://account-herstellen-nl.info/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
http://account-herstellen-nl.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

12 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
account-herstellen-nl.info/ 55 KB
10 KB 159ms
113ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://account-herstellen-nl.info/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.28
Resource Hash: 0ad7f95c9c4e2ba56d55555a89651c2e36fe1842b1fdb65c0f45838c545c6f76

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 80ad3f535fb42c2f-FRA
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 22 Sep 2023 20:20:14 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma: no-cache
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XYMNyROxVr0EvQlNfYcKc5XhenYiidh6hdwm2P5da4Zd%2FszIbqUxVJqLD4NuFyUv%2Fm1z5xqjLOBsk9hks63jIZ%2Bcm3flvHI5fBDxAzfyJVSXUj%2BurUQACvBA%2B%2FDRUKLO8FEi0gvQ5z2O8SuayCsja5Lj5jZb2iBcw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
X-Powered-By: PHP/8.0.28
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK style.css
account-herstellen-nl.info/files/ 381 KB
50 KB 90ms
71ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://account-herstellen-nl.info/files/style.css
Requested by: Host: account-herstellen-nl.info
URL: http://account-herstellen-nl.info/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8c02a476b9fc4d9540fddbb771582cde78cff9852ec4cb09f453ea3aee20b22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://account-herstellen-nl.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Fri, 22 Sep 2023 20:20:14 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Fri, 22 Sep 2023 16:18:51 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"5f345-605f4f6da125d"
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IeGUdcOvFOP0EhGXr%2F32swXWG6V9ekZ8XZJrpF3UBkZYfbm9W21UFCJcIp8jN8j%2BJ181h%2FBu1FipLrULGmCE%2BH8ID%2Fat4zDgrOXpZ0P9BkAZJmT35Gqtzwsu%2F0EKTNAJduM%2FLbUB2pUQ%2Fk9SLpSJPCATQwAvkgImsw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 80ad3f54389d0a61-AMS
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK myabnamro-compatability.css
account-herstellen-nl.info/files/ 31 KB
7 KB 75ms
55ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://account-herstellen-nl.info/files/myabnamro-compatability.css
Requested by: Host: account-herstellen-nl.info
URL: http://account-herstellen-nl.info/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56e6b99e8a2ab9ab909101317254c5f419ed1b7544b074eff38f235434e35227

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://account-herstellen-nl.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Fri, 22 Sep 2023 20:20:14 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Fri, 22 Sep 2023 16:18:51 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"7a68-605f4f6d3aed3"
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YeNs6kLyS0dNn3ypM%2BlItJddaBs4iM3lStCVWYAtt7TcMYeRyqi6VyGtzklELm4t3svhATFzjQ2ifduX%2FDIU66Nyq5KcssZn3hZRyShxzQvBEPr6I3H95t2Nnn7rgz77vsdaY64vluGOTkdJrLJeNwPq%2F9lV5b6Qqw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 80ad3f5438d82c2f-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK 0.59b72370.css
account-herstellen-nl.info/files/ 5 KB
3 KB 57ms
37ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://account-herstellen-nl.info/files/0.59b72370.css
Requested by: Host: account-herstellen-nl.info
URL: http://account-herstellen-nl.info/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 059283d53fe0c8533e1869b1dab1835c96d4c8fe393f38ce20de604d26897c12

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://account-herstellen-nl.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Fri, 22 Sep 2023 20:20:14 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1904
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Fri, 22 Sep 2023 16:18:51 GMT
Server: cloudflare
ETag: W/"12bd-605f4f6d73c04"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xz%2BxKrx1hUCVQG7yfKW38JxqRAGbJrZEbd2FPbm7S%2B8P1LiH7CIumaEEQiyi5AiIyqOhx48tSAxp2Ld9O8Ejc%2FcRyP76tH%2B9H5%2FgKgczv5GHZG0SI7brihm8yJxy4CcUkHLhMiojHXLcypjI3XQ2y3tPhAVkYZGYwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
CF-RAY: 80ad3f543d450e37-AMS

GET
H/1.1 404
Not Found index.718a6b49.js
account-herstellen-nl.info/ 0
0 82ms
63ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://account-herstellen-nl.info/index.718a6b49.js
Requested by: Host: account-herstellen-nl.info
URL: http://account-herstellen-nl.info/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://account-herstellen-nl.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Fri, 22 Sep 2023 20:20:14 GMT
Content-Encoding: gzip
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VbJHUzMArxnd%2BLmrSwaZYFwlZSI2VAxCj66hpNOaXDXdDkkX4sJgdsqU6GvAHf47ygZc2tfLXE8eD9nzL14lbRC%2BnG7LkHLPj21ODvsepO2%2FTyI%2F0R45C3kYS40oQmAncsFmFATF7cyEw7ooQK1TiNbhrl5TuxqIqg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=iso-8859-1
Vary: Accept-Encoding
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 80ad3f543ec00b87-AMS
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK jquery.js Show response
account-herstellen-nl.info/files/ 87 KB
31 KB 133ms
109ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://account-herstellen-nl.info/files/jquery.js
Requested by: Host: account-herstellen-nl.info
URL: http://account-herstellen-nl.info/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://account-herstellen-nl.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Fri, 22 Sep 2023 20:20:14 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Fri, 22 Sep 2023 16:18:52 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"15d9d-605f4f6dd9eb8"
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4CEvKUcZD3XjPQhre%2FBihIxcNKvDJPDI%2FKGhQjYh5deIp%2BHub9F4vx%2F1y1cweEdJnpN43PYtErmRQIHO9bHj7KYeuIU5k79DXYA%2BXNo3X3PeXcW3yardH4CkFvpjIo6lw5LqZaI2WeUyHT9t3IXHZLvbCYCVsS3CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 80ad3f544d51d2dd-CDG
alt-svc: h3=":443"; ma=86400

GET
H/1.1 404
Not Found HnE
account-herstellen-nl.info/jOGmWN/Djs99/KzSV9/mw/3u7zDtG4/Awo7OlkB/AVlyHk5C/ 0
0 116ms
108ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://account-herstellen-nl.info/jOGmWN/Djs99/KzSV9/mw/3u7zDtG4/Awo7OlkB/AVlyHk5C/HnE
Requested by: Host: account-herstellen-nl.info
URL: http://account-herstellen-nl.info/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://account-herstellen-nl.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Fri, 22 Sep 2023 20:20:14 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R24CbVodQkQ8Fj4CQ8GFbjwIX91YDdR99%2BrW3%2F3%2Bb0FvF5t9O1aNFVKQ3BQ7GddCr2Y7DPmQAi%2BzagkeVJI9vf09bwLL%2FNgAEguHELdUAYOPi41%2BaOmrxDihGhE4Dwy5PDrSGaw3F4RPQmAUyMaeXe2s7TxMZNscrA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 80ad3f544a480e45-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 em-brand-logo.03858305.svg
www.abnamro.nl/portal/resources/aab/emerald-global/images/ 2 KB
1 KB 330ms
239ms Image
image/svg+xml 2a02:26f0:2c::216:f2b9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.abnamro.nl/portal/resources/aab/emerald-global/images/em-brand-logo.03858305.svg

Requested by

Host: account-herstellen-nl.info
URL: http://account-herstellen-nl.info/files/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c::216:f2b9 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

541f188898bec74bb24d7b3cbce5e76c0574a07353fc9a74b1dea8c4971be825

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://account-herstellen-nl.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:20:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Aug 2020 07:43:26 GMT
x-heist: sJwq5f9jG1dJfTGCKG0Z0f9fu0ouSg5PIgXELl9UnsVXafRHNujOfvz0Hv1mmnaw9fnbJylDysLkUnG5URtsferI
etag: "1597045406000"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
content-language: en-US
content-length: 951
expires: Tue, 17 Sep 2024 11:47:18 GMT

GET
H2 200 sy-arrow-chevron-left.2f35541f.svg
www.abnamro.nl/portal/resources/aab/emerald-global/images/ 319 B
655 B 243ms
152ms Image
image/svg+xml 2a02:26f0:2c::216:f2b9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.abnamro.nl/portal/resources/aab/emerald-global/images/sy-arrow-chevron-left.2f35541f.svg

Requested by

Host: account-herstellen-nl.info
URL: http://account-herstellen-nl.info/files/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c::216:f2b9 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f4d7c09c1e402abcb3280abeccea1b9389a02c61ceaacf30442f00ad04555889

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://account-herstellen-nl.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:20:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Aug 2020 07:43:26 GMT
x-heist: ZFBMCbiA0zLSZnfEHcaG2SvQtTd4fRFBIdzxV020vDCBjdTCaHrKgkSYWaJdAYqSPWU5ywcuFNYMLvut9zwdQlS7xC6pDGsBdopbDgYxi7tYWuiEehOvEHwmlVUn8yUVV4qqzjEz4y6PWWKrE9GjICiBhvTLcWzd9YicbOjpNyOOpWV3HWxEoCo7sJ8a8rsTG8Gpfos5Uv2FYN6Q2i5WZSpou6pTPAFZAycxCiykJabmyAwqn7Yhxk5iApY2AhNOzi6SJTMja84In24zdtf73fwadAjYEs
etag: "1597045406000"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
content-language: en-US
content-length: 221
expires: Fri, 29 Mar 2024 07:45:34 GMT

GET
H2 200 em-header-gradient.668ea565.svg
www.abnamro.nl/portal/resources/aab/emerald-global/images/ 938 B
1 KB 244ms
153ms Image
image/svg+xml 2a02:26f0:2c::216:f2b9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.abnamro.nl/portal/resources/aab/emerald-global/images/em-header-gradient.668ea565.svg

Requested by

Host: account-herstellen-nl.info
URL: http://account-herstellen-nl.info/files/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c::216:f2b9 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1307f0a44bcaa9340443ffe06a2a80011b82ba84d6eaddf8669e51f0106dd009

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://account-herstellen-nl.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:20:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Aug 2020 07:43:26 GMT
x-heist: KAcSYzbqm6Q7x1bucG6KqY5k5zrMBbACnsOaYdPO0HqzZsKuKrZMpeyFO4dy5KV3IGmUeyBcpgGawtE84rn0NuFoC7WxGDanDDI7QUPEWksJwq5f9jG1dJfTGCKG0Z0f9fu0ouSg5PIgXELl9UnsVXafRHNujOfvz0Hv1mmnaw9fnbJylDysLkUnG5URtsferIGEtJE6YnITBGnOKFYJJyC32LngyAEs2AFzLurBaCYvuxFvGYYu5ZIbZaoKvzf3JpOI4rnlRNtB7yK294UAWdMx7d8xUNUB7XPA3zJb6155T0sxSp5j0tt3teOu4W4UkYRwa3isEpKd3MUkxMZFRJV5uuA2xHg6MOGmHZOOSbVO9COeVLHkWtFyMD2Xpo5ycnkzIke
etag: "1597045406000"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
content-language: en-US
content-length: 516
expires: Fri, 29 Mar 2024 07:48:00 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 979e0b8bcad57effd98fa2ed518977d8117e69c1b436231df500279484938c7b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://account-herstellen-nl.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1

200
OK

main.js Show response
account-herstellen-nl.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/ Frame 9810
Redirect Chain

http://account-herstellen-nl.info/cdn-cgi/challenge-platform/scripts/jsd/main.js
http://account-herstellen-nl.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

7 KB
4 KB

33ms
33ms

Script
application/javascript

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://account-herstellen-nl.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Requested by

Host: account-herstellen-nl.info
URL: http://account-herstellen-nl.info/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

166a54664dc355b60cccf069246e2cdb1acad6b799d7c7039a1cf18ba013a8e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Fri, 22 Sep 2023 20:20:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
vary: accept-encoding
Content-Type: application/javascript; charset=UTF-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XK7Mwnuc%2F8R6lkkNcsbBciESVzS49MgPu8l7jYPUZMHyXkCNQ0jcZCSDThNTDqjOPy%2B%2BxbeNCob6Y5BjmfMjIDpTVS7rAuWADeIfiRvLQbHyVLxF26sY4Q2ALscpCziCXRaARijnWGhzehzjPBi5CceRqHh%2BMpn%2B%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, public
Connection: keep-alive
CF-RAY: 80ad3f557bd90e45-MXP
alt-svc: h3=":443"; ma=86400

Redirect headers

Date: Fri, 22 Sep 2023 20:20:14 GMT
content-encoding: gzip
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
vary: accept-encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2FBknJl48oa0vl4JwwM4CE09uplzrL8qzN%2BW275aEXrLBzDrM%2BWAnOTxsXwUCpOubHsN3APCmskwM7FYT8nheIPDKoHD7raz4gtNnCXGwjbzq0%2FHLbg2s%2BxsLelLiB4NZc4GYcr2YJvrQaTHBym9ih1o9H8KOuuVow%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
Connection: keep-alive
CF-RAY: 80ad3f553b7d0e45-MXP
alt-svc: h3=":443"; ma=86400

POST
H/1.1 200
OK 80ad3f535fb42c2f Show response
account-herstellen-nl.info/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 9810 0
884 B 75ms
75ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://account-herstellen-nl.info/cdn-cgi/challenge-platform/h/g/jsd/r/80ad3f535fb42c2f
Requested by: Host: account-herstellen-nl.info
URL: http://account-herstellen-nl.info/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 22 Sep 2023 20:20:14 GMT
Content-Encoding: gzip
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RO9E%2B2Z54W2Z1BH87BsgGvFpTyEXb%2BitLMagqTR5eHFXgAUfiRL69G%2BNz8Jgl6CaLVK%2FEMXkQpzdXrxMr602NNFaaawq%2BAemBgCuJ%2FoaUpokoqLhaag62FTxfdEgIJU2F80yuCD49k%2FaCM1j5YOsAwHdt%2FWNkCCMzg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
CF-RAY: 80ad3f564ceb0e45-MXP
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ABN Amro (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			account-herstellen-nl.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: nvnd7bjlljv23t24oncnub0s72

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://account-herstellen-nl.info/index.718a6b49.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://account-herstellen-nl.info/jOGmWN/Djs99/KzSV9/mw/3u7zDtG4/Awo7OlkB/AVlyHk5C/HnE Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account-herstellen-nl.info
www.abnamro.nl
2a02:26f0:2c::216:f2b9
2a06:98c1:3121::3
059283d53fe0c8533e1869b1dab1835c96d4c8fe393f38ce20de604d26897c12
0ad7f95c9c4e2ba56d55555a89651c2e36fe1842b1fdb65c0f45838c545c6f76
1307f0a44bcaa9340443ffe06a2a80011b82ba84d6eaddf8669e51f0106dd009
166a54664dc355b60cccf069246e2cdb1acad6b799d7c7039a1cf18ba013a8e7
541f188898bec74bb24d7b3cbce5e76c0574a07353fc9a74b1dea8c4971be825
56e6b99e8a2ab9ab909101317254c5f419ed1b7544b074eff38f235434e35227
979e0b8bcad57effd98fa2ed518977d8117e69c1b436231df500279484938c7b
d8c02a476b9fc4d9540fddbb771582cde78cff9852ec4cb09f453ea3aee20b22
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4d7c09c1e402abcb3280abeccea1b9389a02c61ceaacf30442f00ad04555889
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

account-herstellen-nl.info Open in urlscan Pro 2a06:98c1:3121::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

12 Requests

25 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

109 kBTransfer

572 kBSize

1 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

account-herstellen-nl.info Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

25 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

109 kB
Transfer

572 kB
Size

1
Cookies

12 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!