urlscan.io logo urlscan.io
SecurityTrails logo

www.geldterug-argeta.nl Open in urlscan Pro
65.52.128.33  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.geldterug-argeta.nl/
Submission: On January 23 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 7 domains to perform 17 HTTP transactions. The main IP is 65.52.128.33, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.geldterug-argeta.nl.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 23rd 2021. Valid for: a year.
This is the only time www.geldterug-argeta.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 65.52.128.33 8075 (MICROSOFT...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a04:4e42:1b:... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
17 5
12    65.52.128.33 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: waws-prod-am2-001.cloudapp.net
www.geldterug-argeta.nl
www.kassabonkorting.nl
cashbackswebapi.azurewebsites.net
kassabonkorting.nl
1    2606:4700:3031::6815:365e (United States)

ASN13335 (CLOUDFLARENET, US)
www.cookieconsent.com
1    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
5 cashbackswebapi.azurewebsites.net www.kassabonkorting.nl
4 www.geldterug-argeta.nl www.geldterug-argeta.nl
2 www.kassabonkorting.nl www.geldterug-argeta.nl
www.cookieconsent.com
2 fonts.googleapis.com www.geldterug-argeta.nl
1 kassabonkorting.nl
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.jsdelivr.net www.geldterug-argeta.nl
1 www.cookieconsent.com www.geldterug-argeta.nl
17 8

This site contains no links.

Subject Issuer Validity Valid
geldterug-argeta.nl
Go Daddy Secure Certificate Authority - G2		 2021-01-23 -
2022-01-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-14 -
2021-08-14		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-26 -
2021-04-17		 6 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
kassabonkorting.nl
Go Daddy Secure Certificate Authority - G2		 2019-12-15 -
2021-02-13		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.azurewebsites.net
Microsoft RSA TLS CA 01		 2020-09-28 -
2021-09-28		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.geldterug-argeta.nl/
Frame ID: 4A88A22949D3CBE1184DC48D5D9BAF6A
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

17
Requests

100 %
HTTPS

80 %
IPv6

7
Domains

8
Subdomains

5
IPs

4
Countries

660 kB
Transfer

1460 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.geldterug-argeta.nl/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.geldterug-argeta.nl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.52.128.33 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
waws-prod-am2-001.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a287c0eef63ec8cf1150b17718805f497c0234836e0692502c7919e79fcfe91a

Request headers

Host
www.geldterug-argeta.nl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
2155
Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Sat, 23 Jan 2021 10:25:20 GMT
Accept-Ranges
bytes
ETag
"0a8f5c72f1d61:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Set-Cookie
ARRAffinity=091f1ca66b572200c91566ce9342e3a785761c759fd7ee55c416b6288abe1dbd;Path=/;HttpOnly;Secure;Domain=www.geldterug-argeta.nl ARRAffinitySameSite=091f1ca66b572200c91566ce9342e3a785761c759fd7ee55c416b6288abe1dbd;Path=/;HttpOnly;SameSite=None;Secure;Domain=www.geldterug-argeta.nl
Date
Sat, 23 Jan 2021 14:58:13 GMT
cookie-consent.js
www.cookieconsent.com/releases/3.1.0/ 		127 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cookieconsent.com/releases/3.1.0/cookie-consent.js
Requested by
Host: www.geldterug-argeta.nl
URL: https://www.geldterug-argeta.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:365e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10cb019eb159bbaaab8de48bb3437ad73797755673b39763daed2695b7dab619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geldterug-argeta.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 14:58:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1224
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
07d159cafe0000dfe37b307000000001
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 23 Jan 2021 12:53:18 GMT
server
cloudflare
x-frame-options
sameorigin
etag
W/"1edc7b7548aaae69af67ca6f9f3e72e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UfdwOeNhDUqVKsAJsx8jSen1EiUeQhL5MkFVKxk2rdPnRNZGJgeqaLSxZe21Pboi%2BVHZErjpWCDVqpB9YuY6%2F5TJw5ZsAAkbfJ6KtKo0eA9sIOc%2BuIqEI4myRU%2BCeIxuXfM%3D"}],"max_age":604800}
content-type
text/javascript
x-xss-protection
1; mode=block
cache-control
public, immutable, max-age=3600
cf-ray
61625f24c882dfe3-FRA
expires
Sat, 23 Jan 2021 14:53:18 GMT
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/ 		158 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
Requested by
Host: www.geldterug-argeta.nl
URL: https://www.geldterug-argeta.nl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.geldterug-argeta.nl
Referer
https://www.geldterug-argeta.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
340519
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
24100
etag
W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
x-served-by
cache-fra19168-FRA, cache-hhn4077-HHN
date
Sat, 23 Jan 2021 14:58:13 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
css2
fonts.googleapis.com/ 		2 KB
534 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Ubuntu
Requested by
Host: www.geldterug-argeta.nl
URL: https://www.geldterug-argeta.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
506a739ef41c5daac26b30b2e9f3ec20ebbac4a5fa4a81d13076d1a1ed532de0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.geldterug-argeta.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 23 Jan 2021 14:58:13 GMT
server
ESF
date
Sat, 23 Jan 2021 14:58:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 23 Jan 2021 14:58:13 GMT
icon
fonts.googleapis.com/ 		574 B
466 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: www.geldterug-argeta.nl
URL: https://www.geldterug-argeta.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2f7d25275cf9ccb802154e572bc808e3c4533bc2004ccb65f4ccf35fc22b0a58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.geldterug-argeta.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 23 Jan 2021 14:58:13 GMT
server
ESF
date
Sat, 23 Jan 2021 14:58:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 23 Jan 2021 14:58:13 GMT
style.css
www.kassabonkorting.nl/webcomponent/ 		69 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kassabonkorting.nl/webcomponent/style.css
Requested by
Host: www.geldterug-argeta.nl
URL: https://www.geldterug-argeta.nl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.52.128.33 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
waws-prod-am2-001.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1c3c5bbdc45067ba37b166b4d596120d61c0b6741ef1cd0ee9d286d9c72a3332

Request headers

Referer
https://www.geldterug-argeta.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 14:58:13 GMT
content-encoding
gzip
etag
"036384b0f0d61:0"
last-modified
Fri, 22 Jan 2021 11:19:58 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
9062
styles.css
www.geldterug-argeta.nl/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.geldterug-argeta.nl/css/styles.css
Requested by
Host: www.geldterug-argeta.nl
URL: https://www.geldterug-argeta.nl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.52.128.33 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
waws-prod-am2-001.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
813313c08b0307bbd061d4d349b91fa98cdfce155db0a150bcbca16b1f64ff66

Request headers

Referer
https://www.geldterug-argeta.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 23 Jan 2021 14:58:13 GMT
Content-Encoding
gzip
ETag
"068aac071f1d61:0"
Last-Modified
Sat, 23 Jan 2021 10:23:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1328
cashback.js
www.kassabonkorting.nl/webcomponent/ 		702 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kassabonkorting.nl/webcomponent/cashback.js
Requested by
Host: www.cookieconsent.com
URL: https://www.cookieconsent.com/releases/3.1.0/cookie-consent.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.52.128.33 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
waws-prod-am2-001.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
673f8f35492079edcc7a54ec9e38d1abdced689adbb1f8886367f383d5581c4e

Request headers

Referer
https://www.geldterug-argeta.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 14:58:13 GMT
content-encoding
gzip
etag
"80608e99b5f0d61:0"
last-modified
Fri, 22 Jan 2021 11:56:21 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
194285
logo-argeta-white.svg
www.geldterug-argeta.nl/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.geldterug-argeta.nl/images/logo-argeta-white.svg
Requested by
Host: www.geldterug-argeta.nl
URL: https://www.geldterug-argeta.nl/css/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.52.128.33 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
waws-prod-am2-001.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5842ce376e1f7d399cccfc7acd4bd77ec94f0da2aa7c90a19b80d31c1602ff69

Request headers

Referer
https://www.geldterug-argeta.nl/css/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 23 Jan 2021 14:58:13 GMT
Last-Modified
Thu, 21 Jan 2021 21:15:58 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"03b989c3af0d61:0"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
7286
bck-logo-uncropped.svg
www.geldterug-argeta.nl/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.geldterug-argeta.nl/images/bck-logo-uncropped.svg
Requested by
Host: www.geldterug-argeta.nl
URL: https://www.geldterug-argeta.nl/css/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.52.128.33 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
waws-prod-am2-001.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8932aca202aef93bd072b5c2b3297897bbd6f4d1c9120b32c1c32d767d763214

Request headers

Referer
https://www.geldterug-argeta.nl/css/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 23 Jan 2021 14:58:13 GMT
Last-Modified
Thu, 21 Jan 2021 21:15:58 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"03b989c3af0d61:0"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1109
4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.geldterug-argeta.nl
Referer
https://fonts.googleapis.com/css2?family=Ubuntu
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 19:56:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:03:01 GMT
server
sffe
age
68497
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13720
x-xss-protection
0
expires
Sat, 22 Jan 2022 19:56:36 GMT
campaigns
cashbackswebapi.azurewebsites.net/api/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cashbackswebapi.azurewebsites.net/api/campaigns?id=44
Requested by
Host: www.kassabonkorting.nl
URL: https://www.kassabonkorting.nl/webcomponent/cashback.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.52.128.33 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
waws-prod-am2-001.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
469437a6723ce5665d63eedae472a7a64ad3bd584e8ae50bcc0daeb71b3f3b75

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.geldterug-argeta.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 23 Jan 2021 14:58:13 GMT
Content-Encoding
gzip
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Length
680
Request-Context
appId=cid-v1:ae9e1ef5-e264-485f-a016-0287116a20bd
Pragma
no-cache
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Access-Control-Allow-Headers
X-ACCESS_TOKEN, Access-Control-Allow-Origin, Authorization, Origin, x-requested-with, Content-Type, Accept, Content-Range, Content-Disposition, Content-Description
Expires
-1
kassabonkorting-uitleg-bon.png
kassabonkorting.nl/assets/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kassabonkorting.nl/assets/images/kassabonkorting-uitleg-bon.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.52.128.33 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
waws-prod-am2-001.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4794a9ce9b5984812d8a6b5f8331075e7164ed33d171f9ae32e12ad50323071c

Request headers

Referer
https://www.geldterug-argeta.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 14:58:14 GMT
last-modified
Wed, 30 Sep 2020 06:50:58 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0f51adf696d61:0"
content-type
image/png
accept-ranges
bytes
content-length
15835
images
cashbackswebapi.azurewebsites.net/api/ 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cashbackswebapi.azurewebsites.net/api/images?id=43011
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.52.128.33 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
waws-prod-am2-001.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ca2415071c2b1b917d9d967f704d68934a5fbe684c08dd4bb98be1262b258865

Request headers

Referer
https://www.geldterug-argeta.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 23 Jan 2021 14:58:14 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Request-Context
Cache-Control
public, max-age=259200
Access-Control-Allow-Headers
X-ACCESS_TOKEN, Access-Control-Allow-Origin, Authorization, Origin, x-requested-with, Content-Type, Accept, Content-Range, Content-Disposition, Content-Description
Content-Length
90737
Request-Context
appId=cid-v1:ae9e1ef5-e264-485f-a016-0287116a20bd
images
cashbackswebapi.azurewebsites.net/api/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cashbackswebapi.azurewebsites.net/api/images?id=43012
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.52.128.33 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
waws-prod-am2-001.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
284b3f800795dc126df4746313bb14b6045fbe428bca2429d57d16332a31e926

Request headers

Referer
https://www.geldterug-argeta.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 23 Jan 2021 14:58:14 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Request-Context
Cache-Control
public, max-age=259200
Access-Control-Allow-Headers
X-ACCESS_TOKEN, Access-Control-Allow-Origin, Authorization, Origin, x-requested-with, Content-Type, Accept, Content-Range, Content-Disposition, Content-Description
Content-Length
92468
Request-Context
appId=cid-v1:ae9e1ef5-e264-485f-a016-0287116a20bd
images
cashbackswebapi.azurewebsites.net/api/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cashbackswebapi.azurewebsites.net/api/images?id=43013
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.52.128.33 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
waws-prod-am2-001.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4d6cbcca33fd31531c8641c009b62d212083f2cde4aecf6c6098bb4f752235fd

Request headers

Referer
https://www.geldterug-argeta.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 23 Jan 2021 14:58:14 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Request-Context
Cache-Control
public, max-age=259200
Access-Control-Allow-Headers
X-ACCESS_TOKEN, Access-Control-Allow-Origin, Authorization, Origin, x-requested-with, Content-Type, Accept, Content-Range, Content-Disposition, Content-Description
Content-Length
90367
Request-Context
appId=cid-v1:ae9e1ef5-e264-485f-a016-0287116a20bd
images
cashbackswebapi.azurewebsites.net/api/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cashbackswebapi.azurewebsites.net/api/images?id=43014
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.52.128.33 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
waws-prod-am2-001.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ac9d32cb8a7f067db318b80d487f37b1543f6cc3b6608e196bf30fe491513a0b

Request headers

Referer
https://www.geldterug-argeta.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 23 Jan 2021 14:58:14 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Request-Context
Cache-Control
public, max-age=259200
Access-Control-Allow-Headers
X-ACCESS_TOKEN, Access-Control-Allow-Origin, Authorization, Origin, x-requested-with, Content-Type, Accept, Content-Range, Content-Disposition, Content-Description
Content-Length
88350
Request-Context
appId=cid-v1:ae9e1ef5-e264-485f-a016-0287116a20bd

Verdicts & Comments Add Verdict or Comment

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| cookieconsent object| webpackJsonp function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__fetch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched object| __zone_symbol__beforeunloadfalse object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__resizefalse object| __zone_symbol__orientationchangefalse object| __zone_symbol__beforeprintfalse object| __zone_symbol__afterprintfalse object| __zone_symbol__focusfalse function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

2 Cookies

Domain/Path Name / Value
.www.geldterug-argeta.nl/ Name: ARRAffinitySameSite
Value: 091f1ca66b572200c91566ce9342e3a785761c759fd7ee55c416b6288abe1dbd
.www.geldterug-argeta.nl/ Name: ARRAffinity
Value: 091f1ca66b572200c91566ce9342e3a785761c759fd7ee55c416b6288abe1dbd

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cashbackswebapi.azurewebsites.net
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
kassabonkorting.nl
www.cookieconsent.com
www.geldterug-argeta.nl
www.kassabonkorting.nl
2606:4700:3031::6815:365e
2a00:1450:4001:801::2003
2a00:1450:4001:808::200a
2a04:4e42:1b::621
65.52.128.33
10cb019eb159bbaaab8de48bb3437ad73797755673b39763daed2695b7dab619
1c3c5bbdc45067ba37b166b4d596120d61c0b6741ef1cd0ee9d286d9c72a3332
284b3f800795dc126df4746313bb14b6045fbe428bca2429d57d16332a31e926
2f7d25275cf9ccb802154e572bc808e3c4533bc2004ccb65f4ccf35fc22b0a58
469437a6723ce5665d63eedae472a7a64ad3bd584e8ae50bcc0daeb71b3f3b75
4794a9ce9b5984812d8a6b5f8331075e7164ed33d171f9ae32e12ad50323071c
4d6cbcca33fd31531c8641c009b62d212083f2cde4aecf6c6098bb4f752235fd
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
506a739ef41c5daac26b30b2e9f3ec20ebbac4a5fa4a81d13076d1a1ed532de0
5842ce376e1f7d399cccfc7acd4bd77ec94f0da2aa7c90a19b80d31c1602ff69
673f8f35492079edcc7a54ec9e38d1abdced689adbb1f8886367f383d5581c4e
813313c08b0307bbd061d4d349b91fa98cdfce155db0a150bcbca16b1f64ff66
8932aca202aef93bd072b5c2b3297897bbd6f4d1c9120b32c1c32d767d763214
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
a287c0eef63ec8cf1150b17718805f497c0234836e0692502c7919e79fcfe91a
ac9d32cb8a7f067db318b80d487f37b1543f6cc3b6608e196bf30fe491513a0b
ca2415071c2b1b917d9d967f704d68934a5fbe684c08dd4bb98be1262b258865