fraud-notifications.com Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fraud-notifications.com/en/verify/?sid=82vOhrq30wrWgLtVSDBKYbtQwz6EvNcS7Zge
Submission: On February 04 via api (February 4th 2022, 1:56:12 am UTC) from BE — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 12 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is fraud-notifications.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 8th 2021. Valid for: a year.

This is the only time fraud-notifications.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.187.168.7 35.187.168.7	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
12	3

9 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

fraud-notifications.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.187.168.7 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 7.168.187.35.bc.googleusercontent.com

www.uza.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	fraud-notifications.com fraud-notifications.com	349 KB
2	uza.be www.uza.be	170 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
12	3

	Domain	Requested by
9	fraud-notifications.com	fraud-notifications.com
2	www.uza.be	fraud-notifications.com
1	fonts.googleapis.com	fraud-notifications.com
12	3

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-08` - `2022-10-07`	a year	crt.sh
uza.be R3	`2022-01-10` - `2022-04-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://fraud-notifications.com/en/verify/?sid=82vOhrq30wrWgLtVSDBKYbtQwz6EvNcS7Zge
Frame ID: A2EE355C3E56FB642BB67D98AF6CA9EA
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PhishedJe werd gephished

Page Statistics

12
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

520 kB
Transfer

2084 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
fraud-notifications.com/en/verify/ 4 KB
3 KB 1375ms
1325ms Document
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fraud-notifications.com/en/verify/?sid=82vOhrq30wrWgLtVSDBKYbtQwz6EvNcS7Zge
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.8
Resource Hash: 24ae27cdb37fe520e6502bdaed033b819759e4c5cf89c3719545a913b0e9f01d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 04 Feb 2022 01:56:07 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.0.8
cache-control: no-cache, private
vary: Accept-Encoding
x-cloud-trace-context: 483186e30ff94efad5a88f2b6ea4706e
expires: Fri, 04 Feb 2022 01:56:07 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98xHgqznj5rWUlkA7Ds1KnCoBPBpSaBn%2B5%2BFSP%2BDjVvz%2BIhAEd1k9zU1alRT8X0Of9A4lU%2FADfZKbPEZ2DQA1ieLyLENE7LsEa%2ByrSY6fHeJwrZdJ32eeYvKZiVjw%2BkdNClDb171n8hrAGARu3ATc07lP%2FKdhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d8047d208585a13-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 iconfont.css
fraud-notifications.com/assets/fonts/feather-font/css/ 13 KB
3 KB 87ms
84ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fraud-notifications.com/assets/fonts/feather-font/css/iconfont.css
Requested by: Host: fraud-notifications.com
URL: https://fraud-notifications.com/en/verify/?sid=82vOhrq30wrWgLtVSDBKYbtQwz6EvNcS7Zge
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d68a005b62c790914390c7e0597962f0a2ce46a3118dacee8c9ffc496ae78d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud-notifications.com/en/verify/?sid=82vOhrq30wrWgLtVSDBKYbtQwz6EvNcS7Zge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 01:56:07 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sun, 07 Feb 2021 13:25:40 GMT
server: cloudflare
etag: W/"35e3-5babefd503d00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c0s9%2BoOdLMICHCZuwIuKaVS9Fe09SCCrpjjfo9Do0u4VSC4ur6MFxMhdWfHy5oLpph348k1tv0xdUHCOmm%2Fpdw2fWX9RcMdO9u62EYHkOMofouKEPAjafYL0AircB3rcXRg9%2FxEJmCiDwRMwKCjOBnVLkoKkqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-cloud-trace-context: 6733a4f96f7c88bbedb99ed30ad28377
cache-control: private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d8047da7bfe5a13-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 perfect-scrollbar.css
fraud-notifications.com/assets/plugins/perfect-scrollbar/ 3 KB
1002 B 78ms
76ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fraud-notifications.com/assets/plugins/perfect-scrollbar/perfect-scrollbar.css
Requested by: Host: fraud-notifications.com
URL: https://fraud-notifications.com/en/verify/?sid=82vOhrq30wrWgLtVSDBKYbtQwz6EvNcS7Zge
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d94d51ce44ac060c0337445a3a6a8954d3912cfcc561981b127e8ff17ed0b9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud-notifications.com/en/verify/?sid=82vOhrq30wrWgLtVSDBKYbtQwz6EvNcS7Zge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 01:56:07 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sun, 07 Feb 2021 13:25:41 GMT
server: cloudflare
etag: W/"a9a-5babefd5f7f40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Osjv2G2gMuXw03EQ3uTi8oY%2BAe3TpBNfRIvKEvDvWe3aQ2T1MPFL2nv%2BAPhe1r9MqG0vqWJzcj8bg3vNIb9zu5ATf9zRG%2F4oDV3PyBnK8G1RDiKbiJpETUyP8O9VARjyhmx4fE2makRWTlBFP8sQtkLgUwwKQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-cloud-trace-context: 1645d55fc7cbd339ad963fc3f49c2a56
cache-control: private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d8047da7c005a13-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 app.css
fraud-notifications.com/css/ 662 KB
70 KB 121ms
119ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fraud-notifications.com/css/app.css
Requested by: Host: fraud-notifications.com
URL: https://fraud-notifications.com/en/verify/?sid=82vOhrq30wrWgLtVSDBKYbtQwz6EvNcS7Zge
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43cf15a90356b8eec680a9d4453d7a475ac46fd304f629b050161c6dc45f9d09

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud-notifications.com/en/verify/?sid=82vOhrq30wrWgLtVSDBKYbtQwz6EvNcS7Zge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 01:56:07 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sun, 07 Feb 2021 13:25:42 GMT
server: cloudflare
etag: W/"a597a-5babefd6ec180-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BfT7PIitsOCCPCYJ7rZ0OZlQqQt3OhkSDmCF7DNZOhShO81aC0r%2BEeEwQs%2FiuG316dmdCVx07MEhqehsgrpX0S6E9zRGuTyq1dhTrH6AFBbL204AehQNmtDBf6dyJ%2BIWnvB4rko7Y45pHXdKtqfa7xw34DwWAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d8047da7c015a13-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 spinner.js Show response
fraud-notifications.com/assets/js/ 307 B
519 B 155ms
153ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fraud-notifications.com/assets/js/spinner.js
Requested by: Host: fraud-notifications.com
URL: https://fraud-notifications.com/en/verify/?sid=82vOhrq30wrWgLtVSDBKYbtQwz6EvNcS7Zge
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a80712b5a1d147c0a40bba009c6d4c5711e266b00a36f5e06aebeea5963f57b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud-notifications.com/en/verify/?sid=82vOhrq30wrWgLtVSDBKYbtQwz6EvNcS7Zge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 01:56:07 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sun, 07 Feb 2021 13:25:40 GMT
server: cloudflare
etag: W/"133-5babefd503d00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUBmETkX4DNONlfxFRsE%2FiUqEJ23LzdUYK6H0vEhYhueg9MPeyzWdgzIseXKQi0vkSAs40VNWx%2BUaGPDSVVxP8zNDCXyvCrU4Fyb0VI9mlU1bb9TlU0uMTSTqexWxppNMz5eawkE9tOszPhvcbpwgerQFmYaKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-cloud-trace-context: 4605bec56aeecb49465ad40f4484a858
cache-control: private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d8047da7c025a13-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK uza.png
www.uza.be/sites/all/themes/ia_base_theme/ia_templates/html/images/ 7 KB
7 KB 109ms
23ms Image
image/png 35.187.168.7
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uza.be/sites/all/themes/ia_base_theme/ia_templates/html/images/uza.png

Requested by

Host: fraud-notifications.com
URL: https://fraud-notifications.com/en/verify/?sid=82vOhrq30wrWgLtVSDBKYbtQwz6EvNcS7Zge

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.187.168.7 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

7.168.187.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

958603c25445b68b3a36a17edd7298b6a7f3352f6bd50a26ca86c5442295ec8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud-notifications.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 04 Feb 2022 01:56:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Apr 2021 06:49:53 GMT
Server: nginx
Age: 0
ETag: "1a28-5c08a162833df"
X-Cache: MISS
Content-Type: image/png
Cache-Control: max-age=604800, public
X-Varnish: 45566793
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6696
Expires: Fri, 18 Feb 2022 01:56:07 GMT

GET
H2 200 email-decode.min.js Show response
fraud-notifications.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 19ms
17ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud-notifications.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: fraud-notifications.com
URL: https://fraud-notifications.com/en/verify/?sid=82vOhrq30wrWgLtVSDBKYbtQwz6EvNcS7Zge

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud-notifications.com/en/verify/?sid=82vOhrq30wrWgLtVSDBKYbtQwz6EvNcS7Zge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 01:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 26 Jan 2022 18:50:50 GMT
server: cloudflare
etag: W/"61f1980a-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJnxYc5MXENuwwBID%2F3YfOVTVmZwUJ2zuN3IkTfBkO%2B3j3fkQNYAKNnzqI%2FmmXNxwSos6tFN4FQycl7hBqF66bAEpEyOW30g%2B%2BTMdc8sPaxirkDDPWHLtXs0yHfqZLD%2BSVlrlFjYHzb%2BO3jWaba8m5AJfECCtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d8047da7c035a13-MXP
vary: Accept-Encoding
expires: Sun, 06 Feb 2022 01:56:07 GMT

GET
H2 200 app.js Show response
fraud-notifications.com/js/ 1 MB
248 KB 169ms
167ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fraud-notifications.com/js/app.js
Requested by: Host: fraud-notifications.com
URL: https://fraud-notifications.com/en/verify/?sid=82vOhrq30wrWgLtVSDBKYbtQwz6EvNcS7Zge
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b101aa19311ae4ef96e3f5211445daa4d031caab4fb3a4d872c34cd5e49115c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud-notifications.com/en/verify/?sid=82vOhrq30wrWgLtVSDBKYbtQwz6EvNcS7Zge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 01:56:07 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sun, 07 Feb 2021 13:25:42 GMT
server: cloudflare
etag: W/"11d81e-5babefd6ec180-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RIR4CVw0fx2yPj2Rp3%2BYvttAmuZNBbE%2Fm86YDyfq%2BzMy2VFZg%2Fv4bY8M5NfpbSenyIleANw2tHzAUYyCEB9Sne4yImfmRGkrMUvC4%2Bez9yLFWv%2FXo%2FgKHwfemeWM2kOzUtEzECtg%2BbTQKwgdZNWH8jwuVRVa7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d8047da7c045a13-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 feather.min.js Show response
fraud-notifications.com/assets/plugins/feather-icons/ 74 KB
20 KB 108ms
106ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fraud-notifications.com/assets/plugins/feather-icons/feather.min.js
Requested by: Host: fraud-notifications.com
URL: https://fraud-notifications.com/en/verify/?sid=82vOhrq30wrWgLtVSDBKYbtQwz6EvNcS7Zge
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9221bfd45d662f7fed697b65dc89dc151f4b2299c432611e0022cf06b095c129

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud-notifications.com/en/verify/?sid=82vOhrq30wrWgLtVSDBKYbtQwz6EvNcS7Zge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 01:56:07 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sun, 07 Feb 2021 13:25:40 GMT
server: cloudflare
etag: W/"1280f-5babefd503d00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1C13pOvlWRYgzeE1PabJvihOgIqLnKsgriNzmasXjiE6EPz0Hh1xJ2qLXUDnqtS%2FzYlNvt34SvXUsWMEF%2Fz8C1vqPz%2B4FfRpZJ3tl6kDTDr122wKEedpr0cbJA6y5gjei763kJTD9HZo1k3WwiuPAS29xe1iA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-cloud-trace-context: 2d27ca85273498e4afed3a874b5b001e
cache-control: private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d8047da7c055a13-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 template.js Show response
fraud-notifications.com/assets/js/ 4 KB
2 KB 85ms
84ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fraud-notifications.com/assets/js/template.js
Requested by: Host: fraud-notifications.com
URL: https://fraud-notifications.com/en/verify/?sid=82vOhrq30wrWgLtVSDBKYbtQwz6EvNcS7Zge
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28bd52b65e4a55d4c41d64057afa153cba867b2e7c3e6901192f68aed88e0a57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud-notifications.com/en/verify/?sid=82vOhrq30wrWgLtVSDBKYbtQwz6EvNcS7Zge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 01:56:07 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sun, 07 Feb 2021 13:25:40 GMT
server: cloudflare
etag: W/"10ad-5babefd503d00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EsrhufFRdZoqLT%2FhckH5eEO506y%2FmFu%2F7stSLTZLe%2BvzVWv8f1DCFWWLCuyAt3kEHDcPsRwdBaipwXqxnpCzR0eLbMjdS6dgQVi2Sh4dmHZa7rapatP3kHeDFzJqQG%2Fg0RAn7iUcRZ9xxeoJ%2BSb7zEEhBsNWdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-cloud-trace-context: 235417b31ba9073ef18fe7cfca1529b3
cache-control: private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d8047da7c065a13-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 37ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Overpass:300,400,600,700,800,900&display=swap

Requested by

Host: fraud-notifications.com
URL: https://fraud-notifications.com/css/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d9ad7f521a76d9a1dbd0040221726d0c30eeb9dd40be003016d1e46662589d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud-notifications.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Feb 2022 01:56:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 04 Feb 2022 01:56:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Feb 2022 01:56:07 GMT

GET
H/1.1 200
OK uza_universitair_ziekenhuis_antwerpen_3_0-600x400.jpg
www.uza.be/sites/default/files/resize/uploads/sfeerbeelden/ 162 KB
163 KB 43ms
43ms Image
image/jpeg 35.187.168.7
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uza.be/sites/default/files/resize/uploads/sfeerbeelden/uza_universitair_ziekenhuis_antwerpen_3_0-600x400.jpg

Requested by

Host: fraud-notifications.com
URL: https://fraud-notifications.com/en/verify/?sid=82vOhrq30wrWgLtVSDBKYbtQwz6EvNcS7Zge

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.187.168.7 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

7.168.187.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

6f21ffbdf821ec4bebb59f285d049cfe1639e294f94db3be356bb2e4141cb831

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud-notifications.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 04 Feb 2022 01:56:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 29 Mar 2019 16:16:29 GMT
Server: nginx
Age: 0
ETag: "289ec-5853dfe4e4a5e"
X-Cache: MISS
Content-Type: image/jpeg
Cache-Control: max-age=604800, public
X-Varnish: 45566796
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 166380
Expires: Fri, 18 Feb 2022 01:56:07 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fraud-notifications.com/	1970-01-20 00:39:06	Name: simulations_session Value: eyJpdiI6IjlRaktKQXpMeHEyWnNkNnVMdEd1c2c9PSIsInZhbHVlIjoiTTdpcURPaTJndkNVRVVPcjZzVVhqYnY0TEprVVJOdHRIVm1QbDVvQm4yVEJUcVlvazBNV2hMcUFPLzc1UU1xQlFpQ0Y3Ky83QjJOZ1orMlM3dm9vcTNiWmhZUFVZeEYzc2doaGdNcHZDUWt3aFVnWmplZU1NaUpJNTZxSUcwcS8iLCJtYWMiOiI4MDgyZDNkZTMxZWY3OGMzNzg2YmMwOGUwYzdmZDMxYzM1YWJiMjI4NDVjY2MzYzgxZmZmNmVlNjQxN2JiYzMwIiwidGFnIjoiIn0%3D
fraud-notifications.com/	1970-01-20 00:42:35	Name: P_SEC_V Value: eyJpdiI6Imhza1J0QmVreTl1cVlocXdvT2VVS0E9PSIsInZhbHVlIjoiWUhadFhsKzg2UjBxaXNJYTgzcjZGbUdlcVRJbktOUjhtdGRtN2FVYk9Hek1lZ2QwaFEwVUtLbXZaa2pCd0R3cVk0MmQzV0NmWFBlTzFiampYZ1NUaGF5ZTAxM0ZNeVFXek9ZZVZYdVNwODQ9IiwibWFjIjoiZmQ5NzljZTViYjQ5MjJkYzczYjkwMmMyMmY4YTUxOTI1ZWRkODQ4NzhhNGY4YTA3ZmQ3YzAzM2MyZjU1MTAxNyIsInRhZyI6IiJ9
fraud-notifications.com/	1970-01-20 00:42:35	Name: P_EML_V Value: eyJpdiI6IlZ2dENWWjcvYXZWVXRUbXJoYWw3dWc9PSIsInZhbHVlIjoiemg5NlJlclZ1ek1WdG1hOG5TZW1aZzFDNXkzeUc2QmhtWklyTlE3OTJqZERndHhJMGNGa0FHSnplbmNUZkFON0NJL3lvQVg3NkZIdnJuSjFrNWczemJjMkVlYmltNDhkK0VGUUdyY00yRWc9IiwibWFjIjoiZDE2Y2Y4Njc3Mjk5NzViMGM5M2VlNWM0ZThjOTI0MzY5MTA1YTA0MmFiMGUwOTc5MGJlMzExY2ZmY2NkMzg4NSIsInRhZyI6IiJ9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fraud-notifications.com
www.uza.be
2a00:1450:4001:82b::200a
2a06:98c1:3120::7
35.187.168.7
1d68a005b62c790914390c7e0597962f0a2ce46a3118dacee8c9ffc496ae78d8
1d9ad7f521a76d9a1dbd0040221726d0c30eeb9dd40be003016d1e46662589d3
24ae27cdb37fe520e6502bdaed033b819759e4c5cf89c3719545a913b0e9f01d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28bd52b65e4a55d4c41d64057afa153cba867b2e7c3e6901192f68aed88e0a57
2d94d51ce44ac060c0337445a3a6a8954d3912cfcc561981b127e8ff17ed0b9b
43cf15a90356b8eec680a9d4453d7a475ac46fd304f629b050161c6dc45f9d09
6f21ffbdf821ec4bebb59f285d049cfe1639e294f94db3be356bb2e4141cb831
7b101aa19311ae4ef96e3f5211445daa4d031caab4fb3a4d872c34cd5e49115c
9221bfd45d662f7fed697b65dc89dc151f4b2299c432611e0022cf06b095c129
958603c25445b68b3a36a17edd7298b6a7f3352f6bd50a26ca86c5442295ec8b
a80712b5a1d147c0a40bba009c6d4c5711e266b00a36f5e06aebeea5963f57b7

fraud-notifications.com Open in urlscan Pro 2a06:98c1:3120::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

12 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

520 kBTransfer

2084 kBSize

3 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

3 Cookies

Indicators

fraud-notifications.com Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

520 kB
Transfer

2084 kB
Size

3
Cookies

12 HTTP transactions
0 data transactions