fod-financien.com Open in urlscan Pro
63.250.44.206  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://fod-financien.com/pay/HeKbvaWD Page URL
2. https://fod-financien.com/content/marktplaats/header.html Page URL
3. https://fod-financien.com/content/marktplaats/CssVars.e8761656.html Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Cookie set HeKbvaWD Show response fod-financien.com/pay/	15 KB 5 KB	541ms 172ms	Document text/html	63.250.44.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://fod-financien.com/pay/HeKbvaWD Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 63.250.44.206 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 4d351a0257ef3d64edb9f462c54cd40f4ae7b36f07f663aeb41085bb646782e5 Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Frame-Options SAMEORIGIN Request headers Host fod-financien.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers Server nginx/1.14.0 (Ubuntu) Date Sun, 23 Feb 2020 17:22:58 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Cache-Control no-cache Pragma no-cache Expires -1 Set-Cookie .AspNetCore.Antiforgery.CB8cNBn3u1o=CfDJ8FIWGG1828FOjZ2Q1Y70CVP-H8Jd5n73IRkwO3VB-oSexx4bNgotA0Qzp7t2AoDfqYfJB9WumrgZjUi3EInhvuCnPzdPb8w2NxzELMfhIZwACKKcqOIIwPTEehB5SEOlPRcls77P5wYEXaMBkCnAab4; path=/; samesite=strict; httponly .AspNetCore.Session=CfDJ8FIWGG1828FOjZ2Q1Y70CVMb3wkhtYWPwQveULAs0CMlTS3z4RQIq7exJL%2BQcjsglC8c%2BdklQMOTdYWQXh86zKCV%2FcvMBrr6p2PTSnRogCahcX94iXNb%2FJyrfkmwoKf4xx7MavHIkcK1O9Nf161Jd1aq0m91r74c0fDmbP6RP5uK; path=/; samesite=lax; httponly Strict-Transport-Security max-age=2592000 X-Frame-Options SAMEORIGIN Content-Encoding gzip
GET H/1.1	200 OK	marktplaats.css fod-financien.com/content/marktplaats/	103 KB 103 KB	328ms 326ms	Stylesheet text/css	63.250.44.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://fod-financien.com/content/marktplaats/marktplaats.css Requested by Host: fod-financien.com URL: https://fod-financien.com/pay/HeKbvaWD Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 63.250.44.206 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 398d74f87682fe45a49629d5ff966191f84310ad409efa2ff47a9affc3a5f0bf Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://fod-financien.com/pay/HeKbvaWD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Sun, 23 Feb 2020 17:22:58 GMT Last-Modified Fri, 21 Feb 2020 15:39:51 GMT Server nginx/1.14.0 (Ubuntu) ETag "1d5e8cd27bc6705" Strict-Transport-Security max-age=2592000 Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 105093
GET H/1.1	200 OK	client.min.css fod-financien.com/content/marktplaats/	120 KB 120 KB	638ms 312ms	Stylesheet text/css	63.250.44.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://fod-financien.com/content/marktplaats/client.min.css Requested by Host: fod-financien.com URL: https://fod-financien.com/pay/HeKbvaWD Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 63.250.44.206 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 6b0eedcff94b6a63aa4726b01dd0cd284710ca8b73f35ea018e141f9b778c758 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://fod-financien.com/pay/HeKbvaWD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Sun, 23 Feb 2020 17:22:58 GMT Last-Modified Fri, 21 Feb 2020 15:39:49 GMT Server nginx/1.14.0 (Ubuntu) ETag "1d5e8cd268d0f18" Strict-Transport-Security max-age=2592000 Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 122776
GET H/1.1	200 OK	header.html Show response fod-financien.com/content/marktplaats/	48 KB 8 KB	505ms 169ms	Document text/html	63.250.44.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://fod-financien.com/content/marktplaats/header.html Requested by Host: fod-financien.com URL: https://fod-financien.com/pay/HeKbvaWD Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 63.250.44.206 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash d277dd6d8082249ed4c447b61a4e644a3148985d551175e7461d2ec981317ec6 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://fod-financien.com/pay/HeKbvaWD Origin https://fod-financien.com Sec-Fetch-Dest unknown User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 23 Feb 2020 17:22:58 GMT Content-Encoding gzip Last-Modified Fri, 21 Feb 2020 15:39:50 GMT Server nginx/1.14.0 (Ubuntu) ETag W/"1d5e8cd2725d94a" Strict-Transport-Security max-age=2592000 Content-Type text/html Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	normalize.112272e5.css fod-financien.com/content/marktplaats/	6 KB 6 KB	507ms 172ms	Stylesheet text/css	63.250.44.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://fod-financien.com/content/marktplaats/normalize.112272e5.css Requested by Host: fod-financien.com URL: https://fod-financien.com/pay/HeKbvaWD Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 63.250.44.206 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://fod-financien.com/pay/HeKbvaWD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Sun, 23 Feb 2020 17:22:58 GMT Last-Modified Fri, 21 Feb 2020 15:39:54 GMT Server nginx/1.14.0 (Ubuntu) ETag "1d5e8cd2987d6fa" Strict-Transport-Security max-age=2592000 Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 6138
GET H/1.1	200 OK	Primary Request CssVars.e8761656.html Show response fod-financien.com/content/marktplaats/	345 B 580 B	508ms 169ms	Document text/html	63.250.44.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://fod-financien.com/content/marktplaats/CssVars.e8761656.html Requested by Host: fod-financien.com URL: https://fod-financien.com/pay/HeKbvaWD Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 63.250.44.206 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 2e4cc3abd3aa646eb7de18aaf8ba6538f369b568e9f9640767186b13578734a3 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://fod-financien.com/pay/HeKbvaWD Origin https://fod-financien.com Sec-Fetch-Dest unknown User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 23 Feb 2020 17:22:58 GMT Content-Encoding gzip Last-Modified Fri, 21 Feb 2020 15:39:49 GMT Server nginx/1.14.0 (Ubuntu) ETag W/"1d5e8cd268cd1d9" Strict-Transport-Security max-age=2592000 Content-Type text/html Transfer-Encoding chunked Connection keep-alive
GET H2	200	common.js Show response maps.googleapis.com/maps-api-v3/api/js/38/11/	76 KB 28 KB	12ms 10ms	Script text/javascript	2a00:1450:4001:821::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps-api-v3/api/js/38/11/common.js Requested by Host: fod-financien.com URL: https://fod-financien.com/pay/HeKbvaWD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3f077f1d99bf23dfc22940a2a3da28dc36346b3546d81fa3f327a0c1f5cd5b50 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fod-financien.com/pay/HeKbvaWD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Sat, 01 Feb 2020 02:38:58 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 04 Nov 2019 22:32:04 GMT server sffe age 1953840 vary Accept-Encoding, Origin content-type text/javascript status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 28564 x-xss-protection 0 expires Sun, 31 Jan 2021 02:38:58 GMT
GET H2	200	util.js Show response maps.googleapis.com/maps-api-v3/api/js/38/11/	143 KB 53 KB	10ms 9ms	Script text/javascript	2a00:1450:4001:821::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps-api-v3/api/js/38/11/util.js Requested by Host: fod-financien.com URL: https://fod-financien.com/pay/HeKbvaWD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f882c69e09c6e7abccce9f4383d1c96fc4fdfed5a8dfdaebba34236e645c9d12 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fod-financien.com/pay/HeKbvaWD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 04 Feb 2020 20:14:06 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 04 Nov 2019 22:32:04 GMT server sffe age 1631332 vary Accept-Encoding, Origin content-type text/javascript status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 53979 x-xss-protection 0 expires Wed, 03 Feb 2021 20:14:06 GMT
GET H/1.1	200 OK	fodlogo.png fod-financien.com/content/marktplaats/	28 KB 28 KB	673ms 330ms	Image image/png	63.250.44.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://fod-financien.com/content/marktplaats/fodlogo.png Requested by Host: fod-financien.com URL: https://fod-financien.com/pay/HeKbvaWD Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 63.250.44.206 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash a606db6e740bc39e538759c37b1d1e745187c87cc7a5089da2c0bd4b6d847c69 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://fod-financien.com/pay/HeKbvaWD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Sun, 23 Feb 2020 17:22:58 GMT Last-Modified Fri, 21 Feb 2020 15:39:50 GMT Server nginx/1.14.0 (Ubuntu) ETag "1d5e8cd27251735" Strict-Transport-Security max-age=2592000 Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 28725
GET H/1.1	200 OK	obp.dff79601.svg fod-financien.com/content/marktplaats/	4 KB 4 KB	170ms 169ms	Image image/svg+xml	63.250.44.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://fod-financien.com/content/marktplaats/obp.dff79601.svg Requested by Host: fod-financien.com URL: https://fod-financien.com/pay/HeKbvaWD Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 63.250.44.206 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 0a13f7a510e9cb674c985ada9d5aa5e11b35c907cca576232354f55be52b9e57 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://fod-financien.com/pay/HeKbvaWD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Sun, 23 Feb 2020 17:22:58 GMT Last-Modified Fri, 21 Feb 2020 15:39:54 GMT Server nginx/1.14.0 (Ubuntu) ETag "1d5e8cd2987cfae" Strict-Transport-Security max-age=2592000 Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 3758
GET H2	200	js Show response maps.googleapis.com/maps/api/	116 KB 38 KB	31ms 31ms	Script text/javascript	2a00:1450:4001:821::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps/api/js?client=gme-marktplaats&channel=mp-messaging Requested by Host: fod-financien.com URL: https://fod-financien.com/pay/HeKbvaWD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software mafe / Resource Hash 6c3c0ae9daa223b8dd5b1e2075caefac9ee23aa7432303048c9c67935a24b61a Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://fod-financien.com/pay/HeKbvaWD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Sun, 23 Feb 2020 17:22:59 GMT content-encoding gzip server mafe x-frame-options SAMEORIGIN vary Accept-Language content-type text/javascript; charset=UTF-8 status 200 cache-control public, max-age=1800 server-timing gfet4t7; dur=14 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 38508 x-xss-protection 0 expires Sun, 23 Feb 2020 17:52:59 GMT
GET H/1.1	404 Not Found	Roboto-Regular-webfont.woff2 fod-financien.com/content/marktplaats/	0 0	163ms 163ms	Font text/plain	63.250.44.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://fod-financien.com/content/marktplaats/Roboto-Regular-webfont.woff2 Requested by Host: fod-financien.com URL: https://fod-financien.com/pay/HeKbvaWD Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 63.250.44.206 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://fod-financien.com/content/marktplaats/marktplaats.css Origin https://fod-financien.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 23 Feb 2020 17:22:59 GMT Server nginx/1.14.0 (Ubuntu) Connection keep-alive Content-Length 0 Strict-Transport-Security max-age=2592000
GET H/1.1	200 OK	bancontact.svg fod-financien.com/content/marktplaats/	18 KB 18 KB	323ms 323ms	Image image/svg+xml	63.250.44.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://fod-financien.com/content/marktplaats/bancontact.svg Requested by Host: fod-financien.com URL: https://fod-financien.com/pay/HeKbvaWD Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 63.250.44.206 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 6497447255bc49d61cc2a7446e79a880f621299d9a22aadcd7501e2576ef02cd Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://fod-financien.com/content/marktplaats/marktplaats.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Sun, 23 Feb 2020 17:22:59 GMT Last-Modified Fri, 21 Feb 2020 15:39:48 GMT Server nginx/1.14.0 (Ubuntu) ETag "1d5e8cd25f47288" Strict-Transport-Security max-age=2592000 Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 18568
GET H/1.1	200 OK	Marktplaats.Sprite.svg fod-financien.com/content/marktplaats/	218 KB 218 KB	175ms 175ms	Image image/svg+xml	63.250.44.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://fod-financien.com/content/marktplaats/Marktplaats.Sprite.svg Requested by Host: fod-financien.com URL: https://fod-financien.com/pay/HeKbvaWD Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 63.250.44.206 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 19016e0b1372d08aff16789dcb2c557615bd22fad7c76ffd0a9f9948c8bdc267 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://fod-financien.com/content/marktplaats/marktplaats.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Sun, 23 Feb 2020 17:22:59 GMT Last-Modified Fri, 21 Feb 2020 15:39:52 GMT Server nginx/1.14.0 (Ubuntu) ETag "1d5e8cd2855fc62" Strict-Transport-Security max-age=2592000 Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 223330
GET H/1.1	404 Not Found	Roboto-Light-webfont.woff2 fod-financien.com/content/marktplaats/	0 0	169ms 169ms	Font text/plain	63.250.44.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://fod-financien.com/content/marktplaats/Roboto-Light-webfont.woff2 Requested by Host: fod-financien.com URL: https://fod-financien.com/pay/HeKbvaWD Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 63.250.44.206 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://fod-financien.com/content/marktplaats/marktplaats.css Origin https://fod-financien.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 23 Feb 2020 17:22:59 GMT Server nginx/1.14.0 (Ubuntu) Connection keep-alive Content-Length 0 Strict-Transport-Security max-age=2592000
GET H/1.1	404 Not Found	Roboto-Regular-webfont.woff fod-financien.com/content/marktplaats/	0 0	165ms 165ms	Font text/plain	63.250.44.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://fod-financien.com/content/marktplaats/Roboto-Regular-webfont.woff Requested by Host: fod-financien.com URL: https://fod-financien.com/pay/HeKbvaWD Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 63.250.44.206 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://fod-financien.com/content/marktplaats/marktplaats.css Origin https://fod-financien.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 23 Feb 2020 17:22:59 GMT Server nginx/1.14.0 (Ubuntu) Connection keep-alive Content-Length 0 Strict-Transport-Security max-age=2592000
GET H/1.1	404 Not Found	Roboto-Light-webfont.woff fod-financien.com/content/marktplaats/	0 0	170ms 170ms	Font text/plain	63.250.44.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://fod-financien.com/content/marktplaats/Roboto-Light-webfont.woff Requested by Host: fod-financien.com URL: https://fod-financien.com/pay/HeKbvaWD Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 63.250.44.206 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://fod-financien.com/content/marktplaats/marktplaats.css Origin https://fod-financien.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 23 Feb 2020 17:22:59 GMT Server nginx/1.14.0 (Ubuntu) Connection keep-alive Content-Length 0 Strict-Transport-Security max-age=2592000
GET H/1.1	404 Not Found	Roboto-Regular-webfont.ttf fod-financien.com/content/marktplaats/	0 0	165ms 163ms	Font text/plain	63.250.44.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://fod-financien.com/content/marktplaats/Roboto-Regular-webfont.ttf?v1 Requested by Host: fod-financien.com URL: https://fod-financien.com/pay/HeKbvaWD Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 63.250.44.206 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://fod-financien.com/content/marktplaats/marktplaats.css Origin https://fod-financien.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 23 Feb 2020 17:22:59 GMT Server nginx/1.14.0 (Ubuntu) Connection keep-alive Content-Length 0 Strict-Transport-Security max-age=2592000
GET H/1.1	404 Not Found	Roboto-Light-webfont.ttf fod-financien.com/content/marktplaats/	0 0	172ms 170ms	Font text/plain	63.250.44.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://fod-financien.com/content/marktplaats/Roboto-Light-webfont.ttf?v1 Requested by Host: fod-financien.com URL: https://fod-financien.com/pay/HeKbvaWD Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 63.250.44.206 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://fod-financien.com/content/marktplaats/marktplaats.css Origin https://fod-financien.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 23 Feb 2020 17:22:59 GMT Server nginx/1.14.0 (Ubuntu) Connection keep-alive Content-Length 0 Strict-Transport-Security max-age=2592000
GET H2	200	common.js Show response maps.googleapis.com/maps-api-v3/api/js/39/10/	78 KB 29 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:821::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps-api-v3/api/js/39/10/common.js Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?client=gme-marktplaats&channel=mp-messaging Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash debf016bcbd936330ea5d07daef4885b0e9515acae5638bd79fd1b25c334bcfb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fod-financien.com/pay/HeKbvaWD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Sat, 22 Feb 2020 09:00:45 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 03 Feb 2020 22:54:21 GMT server sffe age 116539 vary Accept-Encoding, Origin content-type text/javascript status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 29091 x-xss-protection 0 expires Sun, 21 Feb 2021 09:00:45 GMT
GET H2	200	util.js Show response maps.googleapis.com/maps-api-v3/api/js/39/10/	143 KB 143 KB	10ms 9ms	Script text/javascript	2a00:1450:4001:821::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps-api-v3/api/js/39/10/util.js Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?client=gme-marktplaats&channel=mp-messaging Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 17c0de00d600a49e250f5d96a7106f824dbaff4d177f8c3a69cf7cc6ed61c651 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fod-financien.com/pay/HeKbvaWD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 19 Feb 2020 19:07:54 GMT x-content-type-options nosniff last-modified Mon, 03 Feb 2020 22:54:21 GMT server sffe age 339310 vary Accept-Encoding, Origin content-type text/javascript status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 146008 x-xss-protection 0 expires Thu, 18 Feb 2021 19:07:54 GMT
GET H2	200	AuthenticationService.Authenticate Show response maps.googleapis.com/maps/api/js/	252 B 286 B	27ms 27ms	Script text/javascript	2a00:1450:4001:821::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Ffod-financien.com%2Fpay%2FHeKbvaWD&2sgme-marktplaats&3smp-messaging&callback=_xdc_._tl0cgh&client=gme-marktplaats&channel=mp-messaging&token=73439 Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps-api-v3/api/js/39/10/common.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software mafe / Resource Hash b122a2f0e86d13ab36154f8048c26071c559dfa146f7d303f8fd7dd9331a2b26 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://fod-financien.com/pay/HeKbvaWD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers pragma no-cache date Sun, 23 Feb 2020 17:23:04 GMT content-encoding gzip server mafe x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 status 200 cache-control no-cache, must-revalidate content-disposition attachment server-timing gfet4t7; dur=2 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 202 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Belgian Government (Government) Generic (Online)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate boolean| radioselected boolean| tcsaccepted object| selectedbank function| closeselect function| openselect function| radiochange function| changevalues function| gm_authFailure object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView object| _xdc_

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			fod-financien.com/	1969-12-31 23:59:59	Name: .AspNetCore.Session Value: CfDJ8FIWGG1828FOjZ2Q1Y70CVMb3wkhtYWPwQveULAs0CMlTS3z4RQIq7exJL%2BQcjsglC8c%2BdklQMOTdYWQXh86zKCV%2FcvMBrr6p2PTSnRogCahcX94iXNb%2FJyrfkmwoKf4xx7MavHIkcK1O9Nf161Jd1aq0m91r74c0fDmbP6RP5uK
			fod-financien.com/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.CB8cNBn3u1o Value: CfDJ8FIWGG1828FOjZ2Q1Y70CVP-H8Jd5n73IRkwO3VB-oSexx4bNgotA0Qzp7t2AoDfqYfJB9WumrgZjUi3EInhvuCnPzdPb8w2NxzELMfhIZwACKKcqOIIwPTEehB5SEOlPRcls77P5wYEXaMBkCnAab4

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://maps.googleapis.com/maps/api/js?client=gme-marktplaats&channel=mp-messaging(Line 60) Message: Google Maps JavaScript API error: UnauthorizedURLForClientIdMapError https://developers.google.com/maps/documentation/javascript/error-messages#unauthorized-url-for-client-id-map-error Your site URL to be authorized: https://fod-financien.com/pay/HeKbvaWD

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fod-financien.com
maps.googleapis.com
2a00:1450:4001:821::200a
63.250.44.206
0a13f7a510e9cb674c985ada9d5aa5e11b35c907cca576232354f55be52b9e57
17c0de00d600a49e250f5d96a7106f824dbaff4d177f8c3a69cf7cc6ed61c651
19016e0b1372d08aff16789dcb2c557615bd22fad7c76ffd0a9f9948c8bdc267
2e4cc3abd3aa646eb7de18aaf8ba6538f369b568e9f9640767186b13578734a3
398d74f87682fe45a49629d5ff966191f84310ad409efa2ff47a9affc3a5f0bf
3f077f1d99bf23dfc22940a2a3da28dc36346b3546d81fa3f327a0c1f5cd5b50
4d351a0257ef3d64edb9f462c54cd40f4ae7b36f07f663aeb41085bb646782e5
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512
6497447255bc49d61cc2a7446e79a880f621299d9a22aadcd7501e2576ef02cd
6b0eedcff94b6a63aa4726b01dd0cd284710ca8b73f35ea018e141f9b778c758
6c3c0ae9daa223b8dd5b1e2075caefac9ee23aa7432303048c9c67935a24b61a
a606db6e740bc39e538759c37b1d1e745187c87cc7a5089da2c0bd4b6d847c69
b122a2f0e86d13ab36154f8048c26071c559dfa146f7d303f8fd7dd9331a2b26
d277dd6d8082249ed4c447b61a4e644a3148985d551175e7461d2ec981317ec6
debf016bcbd936330ea5d07daef4885b0e9515acae5638bd79fd1b25c334bcfb
f882c69e09c6e7abccce9f4383d1c96fc4fdfed5a8dfdaebba34236e645c9d12