gelijkoversteken.me Open in urlscan Pro
2.56.59.87 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gelijkoversteken.me/pay/62462d9ed034e
Submission: On March 31 via api (March 31st 2022, 10:51:51 pm UTC) from NL — Scanned from NL

Summary HTTP 25 Redirects Links 39 Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 25 HTTP transactions. The main IP is 2.56.59.87, located in Dulles, United States and belongs to AS-SERVERION, US. The main domain is gelijkoversteken.me.
TLS certificate: Issued by R3 on March 26th 2022. Valid for: 3 months.

This is the only time gelijkoversteken.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PostNL (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
5 6	2.56.59.87 2.56.59.87	399471 (AS-SERVERION) (AS-SERVERION)
2	52.48.18.21 52.48.18.21	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	185.10.49.98 185.10.49.98	20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam)
1	2606:4700:20:... 2606:4700:20::681a:443	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	7

6 2.56.59.87 (Dulles, United States) 5 redirects

ASN399471 (AS-SERVERION, US)

gelijkoversteken.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.18.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-18-21.eu-west-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.10.49.98 (Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: 185-10-49-98.colo.transip.net

www.keendelivery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:443 (United States)

ASN13335 (CLOUDFLARENET, US)

mempay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 357	252 KB
6	gelijkoversteken.me 5 redirects gelijkoversteken.me	1 MB
5	google.nl www.google.nl — Cisco Umbrella Rank: 8586
2	usabilla.com w.usabilla.com — Cisco Umbrella Rank: 3155	17 KB
1	mempay.com mempay.com
1	keendelivery.com www.keendelivery.com	15 KB
25	6

	Domain	Requested by
6	maps.googleapis.com	gelijkoversteken.me maps.googleapis.com
6	gelijkoversteken.me	5 redirects
5	www.google.nl	gelijkoversteken.me
2	w.usabilla.com	srcdoc
1	mempay.com	gelijkoversteken.me
1	www.keendelivery.com	gelijkoversteken.me
25	6

This site contains links to these domains. Also see Links.

Domain
jouw.postnl.nl
shop.postnl.nl
www.postnl.nl
portokosten.postnl.nl
itunes.apple.com
play.google.com
chrome.google.com

Subject Issuer	Validity	Valid
gelijkoversteken.me R3	`2022-03-26` - `2022-06-24`	3 months	crt.sh
w.usabilla.com Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
dev.keendelivery.com R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://gelijkoversteken.me/pay/62462d9ed034e
Frame ID: DBAF7D538681C7A41E62813C084AC0E0
Requests: 60 HTTP requests in this frame

Frame: https://w.usabilla.com/079c352aab2c.js?lv=1
Frame ID: 35BB81DDD4C62E4ACB0E55DF5922BFB6
Requests: 1 HTTP requests in this frame

Frame: https://w.usabilla.com/5750a1f169ed.js?s1
Frame ID: 20823E185809EC0FFFDFD249779B4A00
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 2546A53EEB0A8F3917EDF8B749A3ED1B
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 1A0BD63FB6F6FD38760D515AC908C281
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Service & Contact: waarmee kunnen we je helpen? | PostNLPostNL | Bezorging

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Page Statistics

25
Requests

44 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

7
IPs

4
Countries

1739 kB
Transfer

4052 kB
Size

1
Cookies

39 Outgoing links

These are links going to different origins than the main page.

URL: https://jouw.postnl.nl/?pst=sp-pnl-nav-verz-ql2-versturen#!/versturen/details
Title: Online frankeren

Search URL Search Domain Scan URL

URL: https://shop.postnl.nl/webshop/post-en-pakketzegels/?pst=sp-pnl-nav-verz-ql3-shop-zegels
Title: Postzegels kopen

Search URL Search Domain Scan URL

URL: https://www.postnl.nl/locatiewijzer/?pst=sp-pnl-nav-verz-ql4-locatiewijzer
Title: PostNL-punten

Search URL Search Domain Scan URL

URL: https://jouw.postnl.nl/?pst=sp-pnl-nav-ontv-ql1-tracktrace#!/track-and-trace
Title: Track & trace

Search URL Search Domain Scan URL

URL: https://portokosten.postnl.nl/?pst=sp-pnl-nav-ontv-ql3-porteninnen
Title: Portokosten

Search URL Search Domain Scan URL

URL: https://jouw.postnl.nl/postbusaanvragen/?pst=sp-pnl-nav-ontv-ql4-postbus-aanvragen
Title: Postbus aanvragen

Search URL Search Domain Scan URL

URL: https://shop.postnl.nl/webshop
Title: Webshop

Search URL Search Domain Scan URL

URL: https://shop.postnl.nl/webshop/post-en-pakketzegels
Title: Post- en pakketzegels

Search URL Search Domain Scan URL

URL: https://shop.postnl.nl/webshop/kantoorartikelen
Title: Kantoorartikelen

Search URL Search Domain Scan URL

URL: https://shop.postnl.nl/webshop/cadeaus
Title: Cadeaus

Search URL Search Domain Scan URL

URL: https://shop.postnl.nl/webshop/collect-club
Title: Collect Club

Search URL Search Domain Scan URL

URL: https://shop.postnl.nl/webshop/zakelijke-hulpmiddelen
Title: Zakelijke hulpmiddelen

Search URL Search Domain Scan URL

URL: https://jouw.postnl.nl/#!/
Title: track & trace

Search URL Search Domain Scan URL

URL: https://www.postnl.nl/versturen/pakket-versturen/
Title: Pakket versturen

Search URL Search Domain Scan URL

URL: https://www.postnl.nl/versturen/brief-of-kaart-versturen/
Title: Brief of kaart versturen

Search URL Search Domain Scan URL

URL: https://www.postnl.nl/versturen/postzegels/
Title: Postzegels

Search URL Search Domain Scan URL

URL: https://www.postnl.nl/ontvangen/post-ontvangen/
Title: Post ontvangen

Search URL Search Domain Scan URL

URL: https://www.postnl.nl/ontvangen/pakket-ontvangen/
Title: Pakket ontvangen

Search URL Search Domain Scan URL

URL: https://www.postnl.nl/ontvangen/post-doorsturen/
Title: Post doorsturen

Search URL Search Domain Scan URL

URL: https://www.postnl.nl/zakelijke-oplossingen/post-versturen/
Title: Post versturen

Search URL Search Domain Scan URL

URL: https://www.postnl.nl/zakelijke-oplossingen/pakket-versturen/
Title: Pakket versturen

Search URL Search Domain Scan URL

URL: https://www.postnl.nl/zakelijke-oplossingen/ontvangen/
Title: Ontvangen

Search URL Search Domain Scan URL

URL: https://www.postnl.nl/zakelijke-oplossingen/logistieke-oplossingen/
Title: Logistieke oplossingen

Search URL Search Domain Scan URL

URL: https://www.postnl.nl/zakelijke-oplossingen/postvervoerders/
Title: Postvervoerders

Search URL Search Domain Scan URL

URL: https://jouw.postnl.nl/#!/track-en-trace/zoeken
Title: Track & trace

Search URL Search Domain Scan URL

URL: https://www.postnl.nl/postcode-zoeken/
Title: Postcode zoeken

Search URL Search Domain Scan URL

URL: https://jouw.postnl.nl/#!/overzicht
Title: Versturen

Search URL Search Domain Scan URL

URL: https://www.postnl.nl/locatiewijzer/
Title: PostNL-punten

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/apple-store/id513218878?pt=111198872&ct=pnl-footer&mt=8
Title: iOS

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=nl.tpp.mobile.android&referrer=utm_source%3Dpostnl.nl%26utm_campaign%3Dpnl-footer
Title: Android

Search URL Search Domain Scan URL

URL: https://www.postnl.nl/klantenservice/
Title: Service en contact

Search URL Search Domain Scan URL

URL: https://www.postnl.nl/privacy-verklaring/
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.postnl.nl/cookie-verklaring/
Title: Cookies

Search URL Search Domain Scan URL

URL: https://www.postnl.nl/algemene-voorwaarden/
Title: Algemene voorwaarden

Search URL Search Domain Scan URL

URL: https://www.postnl.nl/over-postnl/over-ons/
Title: Over ons

Search URL Search Domain Scan URL

URL: https://www.postnl.nl/over-postnl/beleggers/
Title: Beleggers

Search URL Search Domain Scan URL

URL: https://www.postnl.nl/over-postnl/pers-nieuws/
Title: Pers en nieuws

Search URL Search Domain Scan URL

URL: https://www.postnl.nl/gebruiksvoorwaarden/
Title: Gebruiksvoorwaarden

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/uvpn-free-and-unlimited-v/jaoafpkngncfpfggjefnekilbkcpjdgp/reviews
Title: Rate Us

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://gelijkoversteken.me/content/marktplaats/marktplaats.css HTTP 302
https://www.google.nl/

Request Chain 35

https://gelijkoversteken.me/content/marktplaats/client.min.css HTTP 302
https://www.google.nl/

Request Chain 36

https://gelijkoversteken.me/content/marktplaats/normalize.112272e5.css HTTP 302
https://www.google.nl/

Request Chain 48

https://gelijkoversteken.me/pay/bancontact.svg HTTP 302
https://www.google.nl/

Request Chain 49

https://gelijkoversteken.me/pay/Marktplaats.Sprite.svg HTTP 302
https://www.google.nl/

Request Chain 50

https://gelijkoversteken.me/pay/Roboto-Light-webfont.woff2 HTTP 302
https://www.google.nl/

Request Chain 51

https://gelijkoversteken.me/pay/Roboto-Regular-webfont.woff2 HTTP 302
https://www.google.nl/

Request Chain 52

https://gelijkoversteken.me/pay/Roboto-Medium-webfont.woff2 HTTP 302
https://www.google.nl/

Request Chain 55

https://gelijkoversteken.me/pay/Roboto-Light-webfont.woff HTTP 302
https://www.google.nl/

Request Chain 56

https://gelijkoversteken.me/pay/Roboto-Regular-webfont.woff HTTP 302
https://www.google.nl/

Request Chain 57

https://gelijkoversteken.me/pay/Roboto-Medium-webfont.woff HTTP 302
https://www.google.nl/

Request Chain 58

https://gelijkoversteken.me/pay/Roboto-Light-webfont.ttf?v1 HTTP 302
https://www.google.nl/

Request Chain 59

https://gelijkoversteken.me/pay/Roboto-Medium-webfont.ttf?v1 HTTP 302
https://www.google.nl/

Request Chain 60

https://gelijkoversteken.me/pay/Roboto-Regular-webfont.ttf?v1 HTTP 302
https://www.google.nl/

25 HTTP transactions
39 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 62462d9ed034e Show response
gelijkoversteken.me/pay/ 3 MB
1 MB 819ms
34ms Document
text/html 2.56.59.87
AS-SERVERION

General

Check archive.org

Show headers Download Go to

Full URL: https://gelijkoversteken.me/pay/62462d9ed034e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2.56.59.87 Dulles, United States, ASN399471 (AS-SERVERION, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 560c97d5467491933997c42adf7cca3d92c1591a40438a3a0b128cf4314b38a7

Request headers

Accept-Language: nl-NL,nl;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 31 Mar 2022 22:51:45 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.18 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 29 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6ba28131eab4cac037e344ab0654984ec309c545a6bb20d30d7c87a644f8ead

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89283b800ea53c85e4935548aebd76f3316791221f56c00850bc90aa860e5ad6

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebfd8efd9e408288113c5bf63134db6cbca301ef39888a0d7cb31d4c792f13b9

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 810b6540200f531b49c62acbfcde12853a8b90d53edd8c7b2646e1cfcd949f5f

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb51e2d0ed68d16ee5e3b0485174b168eefaa17679fd239bb28c6ab47fd435be

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84b26a82e30041b73f26d6e29368d8db7469ebd9c21241da05a7989849fa33e6

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4b8f0ef0db65da7cb32127179f1717c098d8548eba2da1a32862ea4645bb912

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ebc691870a2b2f30f541e4aaaa2f2d759772498f25b1b2ff2267bb36d4fb025

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 10 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c34990dc40be58eca50a13329a7871024a898cd3839c74ca419235689703a67f

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 19 KB
19 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7ef04095b8463d419ea9c9541e10dd3dec1311f454ba3d5a656ace55d5b8c73

Request headers

Referer
Origin: https://gelijkoversteken.me
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: application/font-woff2

GET
DATA 200
OK truncated
/ 35 KB
35 KB Font
font/x-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ac556140f22d7f8e0632291157b13ce162a10ee1878b4bffee39f92850e1c9a

Request headers

Referer
Origin: https://gelijkoversteken.me
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: font/x-woff

GET
DATA 200
OK truncated
/ 20 KB
20 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0df3d65fc22a5cf3bcf8938f81bab89d634db8e2cfd5e33e3ce77960498cff62

Request headers

Referer
Origin: https://gelijkoversteken.me
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: application/font-woff2

GET
DATA 200
OK truncated
/ 20 KB
20 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45e671bd5367ca5cfe8d75f7abc75530a07c55409ef765a8d5d0f19ad7488a1d

Request headers

Referer
Origin: https://gelijkoversteken.me
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: application/font-woff2

GET
DATA 200
OK truncated
/ 20 KB
20 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 549f84a9d7a387a21d0baf1c5425e28ef4a01ff99cb8099065e77131752daf2d

Request headers

Referer
Origin: https://gelijkoversteken.me
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: application/font-woff2

GET
DATA 200
OK truncated
/ 622 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61609969d163d720e40e31fd1e383469c3714b3b170c29b1fc03decc3ebacdb2

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 079c352aab2c.js Show response
w.usabilla.com/ Frame 35BB 57 KB
14 KB 96ms
31ms Script
text/javascript 52.48.18.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/079c352aab2c.js?lv=1
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.18.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-18-21.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 412d8893f6e2ec632262cf92ec47f5ef8503dc19702575efcf9622840980a83d

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gelijkoversteken.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Mar 2022 22:51:45 GMT
content-encoding: gzip
x-widget-server: 2.1
etag: "4974b11432c7ebd588c1ffc7cb22194b"
content-type: text/javascript
cache-control: public,max-age=0
content-length: 14360

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10e7c9d985d29a262431695ce140a600e37fc3655ec82951164cd291471284f4

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e47d94cd4d895daa391ada617c7adea9a11c527320e85c39df57d288b6a58868

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f79221c4ec1b8bfec16dc0a597eac3a2e71708d3dc41cde9777c21ae6c9c5195

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d0aa52a685b41b4c1a8fffa273c0b109a89512b1e9e6c2d022b4604eef3922e

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9d26d156cf20ca127f85364f1be122212bd2aebc86768ccf36ab6ffdd82633c

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 838f29ff931e2f0584d5514dd0d4133e466f8dcd9b02403421795c851bc0944d

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 185e0ebd115b0f812b7f69b776390caeb094f4d8fd3d16b5fd20ab31d53e2a77

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28545eece7bb260eb828ce44aa750095cd422d8f028c1df5643eae06f9ae46b3

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90b0bf80408446c3d41b692c19cf22d31c4294b14e393d82069b5f1c92cbda72

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b49cf07dfb69cb690a8f45e1dbb28f3a2cf9f40773f5d4effcbfecd9a544358

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37f0f3d5f50be4f62535609b5c903ebed96bec596afe412f7603599c708260fc

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04e8be55c1284778a7edf09243f04740c0655bdf735dbe177b09631db598fda2

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6554b64c6b7ef59cb1c95f24c64a10547bfa9ebee230f87c57dd82e58846c97f

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2298e29ac1f301ea2b9fcda86cb1653e3f2fe035fd2765bfd3a2147e79d37404

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e74b96c7931250b558f979ae3d88cc834810b33b345edd6782bda3da662f2ac

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50192acf5eebeb7af3680a75877bea8aeca19a7ffcec79f2205f88d891902b76

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f81a90306873948ddfb451c569261a2a5c73c64e49ff3cf1a9525b9da441b2df

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65fafbca04d41042aa987845b775a3b0c17b954461c39a90833a1bd3fdad5473

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

/
www.google.nl/
Redirect Chain

https://gelijkoversteken.me/content/marktplaats/marktplaats.css
https://www.google.nl/

0
0

147ms
84ms

Stylesheet
text/html

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.nl/
Requested by: Host: gelijkoversteken.me
URL: https://gelijkoversteken.me/pay/62462d9ed034e
Protocol: H2
Server: 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gelijkoversteken.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Thu, 31 Mar 2022 22:51:45 GMT
Server: Apache/2.4.18 (Ubuntu)
Content-Type: text/html; charset=UTF-8
location: https://www.google.nl
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

/
www.google.nl/
Redirect Chain

https://gelijkoversteken.me/content/marktplaats/client.min.css
https://www.google.nl/

0
0

169ms
124ms

Stylesheet
text/html

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.nl/
Requested by: Host: gelijkoversteken.me
URL: https://gelijkoversteken.me/pay/62462d9ed034e
Protocol: H2
Server: 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gelijkoversteken.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Thu, 31 Mar 2022 22:51:45 GMT
Server: Apache/2.4.18 (Ubuntu)
Content-Type: text/html; charset=UTF-8
location: https://www.google.nl
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

/
www.google.nl/
Redirect Chain

https://gelijkoversteken.me/content/marktplaats/normalize.112272e5.css
https://www.google.nl/

0
0

160ms
121ms

Stylesheet
text/html

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.nl/
Requested by: Host: gelijkoversteken.me
URL: https://gelijkoversteken.me/pay/62462d9ed034e
Protocol: H2
Server: 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gelijkoversteken.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Thu, 31 Mar 2022 22:51:45 GMT
Server: Apache/2.4.18 (Ubuntu)
Content-Type: text/html; charset=UTF-8
location: https://www.google.nl
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/38/11/intl/nl_ALL/ 76 KB
29 KB 71ms
22ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/38/11/intl/nl_ALL/common.js

Requested by

Host: gelijkoversteken.me
URL: https://gelijkoversteken.me/pay/62462d9ed034e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50c76b6340f567a536017cdf52bef65fdbbec4d637253e823543059ac68c2fd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gelijkoversteken.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 09:33:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 307097
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28568
x-xss-protection: 0
last-modified: Mon, 04 Nov 2019 22:32:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Mar 2023 09:33:28 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/38/11/intl/nl_ALL/ 143 KB
53 KB 91ms
42ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/38/11/intl/nl_ALL/util.js

Requested by

Host: gelijkoversteken.me
URL: https://gelijkoversteken.me/pay/62462d9ed034e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9f2fabff1b5fdcf2833cdcca025f1ec73c4889c41410e8a018cb1a84bb6ac79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gelijkoversteken.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 22:29:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53998
x-xss-protection: 0
last-modified: Mon, 04 Nov 2019 22:32:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Mar 2023 22:29:03 GMT

GET
H2 200 postnl-logo-preview.png
www.keendelivery.com/wp-content/uploads/2017/03/ 14 KB
15 KB 55ms
15ms Image
image/png 185.10.49.98
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.keendelivery.com/wp-content/uploads/2017/03/postnl-logo-preview.png

Requested by

Host: gelijkoversteken.me
URL: https://gelijkoversteken.me/pay/62462d9ed034e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.10.49.98 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

185-10-49-98.colo.transip.net

Software

Apache/2 /

Resource Hash

8db46f8eafcb6502700d7c45f33ec9934ea87fed3e158a47a9e7d02d84bc232d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gelijkoversteken.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Fri, 20 Oct 2017 11:52:20 GMT
server: Apache/2
etag: "3924-55bf91af09d8f"
content-type: image/png
cache-control: max-age=2592000
date: Thu, 31 Mar 2022 22:51:45 GMT
accept-ranges: bytes
content-length: 14628
expires: Sat, 30 Apr 2022 22:51:45 GMT

GET
H2 403 OBP_logo_final_yellow_RGB.png
mempay.com/uploads/partners/ 0
0 72ms
27ms Image
text/html 2606:4700:20::681a:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mempay.com/uploads/partners/OBP_logo_final_yellow_RGB.png
Requested by: Host: gelijkoversteken.me
URL: https://gelijkoversteken.me/pay/62462d9ed034e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gelijkoversteken.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 157 KB
51 KB 113ms
64ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?client=gme-marktplaats&channel=mp-messaging

Requested by

Host: gelijkoversteken.me
URL: https://gelijkoversteken.me/pay/62462d9ed034e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

bf600392f557f8b4249f6576b17d3747dfe6aea153988eb2ccee7122a322adbf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gelijkoversteken.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 22:51:45 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=16
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52361
x-xss-protection: 0
expires: Thu, 31 Mar 2022 23:21:45 GMT

GET
H2 200 5750a1f169ed.js Show response
w.usabilla.com/ Frame 2082 7 KB
3 KB 103ms
62ms Script
text/javascript 52.48.18.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/5750a1f169ed.js?s1
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.18.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-18-21.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bd4b773305a7e618ac4d140f7d8964416c9f52f02bd7e5b0318c0e4cb5fa292a

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gelijkoversteken.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Mar 2022 22:51:45 GMT
content-encoding: gzip
x-widget-server: 2.1
etag: "d8edbe28675ce4131c61f89bc8a0d60e"
content-type: text/javascript
cache-control: public,max-age=0
content-length: 3025

GET
DATA 200
OK truncated
/ 275 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d9648e2dacbd0858d1f21e52282f75033feebf60422efa7b585cdafda92145d

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 32 KB
32 KB Font
font/x-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8b853e3faeecb3a245231e5e84984e34adadc388ba59fea25c4e8372d6b5bbb

Request headers

Referer
Origin: https://gelijkoversteken.me
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: font/x-woff

GET
DATA 200
OK truncated
/ Frame 2546 13 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e375a1658e86dd6ab611bbb7bc734d2f7a0d5ec688db072fca2bc773c80667ee

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1A0B 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 65ms
34ms XHR
application/json 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=gme-marktplaats&channel=mp-messaging

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gelijkoversteken.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 22:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://gelijkoversteken.me
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H3

200

/
www.google.nl/
Redirect Chain

https://gelijkoversteken.me/pay/bancontact.svg
https://www.google.nl/

0
0

111ms
83ms

Image
text/html

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.nl/
Requested by: Host: gelijkoversteken.me
URL: https://gelijkoversteken.me/pay/62462d9ed034e
Protocol: H3
Server: 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gelijkoversteken.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Thu, 31 Mar 2022 22:51:46 GMT
Server: Apache/2.4.18 (Ubuntu)
Content-Type: text/html; charset=UTF-8
location: https://www.google.nl
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3

200

/
www.google.nl/
Redirect Chain

https://gelijkoversteken.me/pay/Marktplaats.Sprite.svg
https://www.google.nl/

0
0

153ms
125ms

Image
text/html

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.nl/
Requested by: Host: gelijkoversteken.me
URL: https://gelijkoversteken.me/pay/62462d9ed034e
Protocol: H3
Server: 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gelijkoversteken.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Thu, 31 Mar 2022 22:51:46 GMT
Server: Apache/2.4.18 (Ubuntu)
Content-Type: text/html; charset=UTF-8
location: https://www.google.nl
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET

/
www.google.nl/
Redirect Chain

https://gelijkoversteken.me/pay/Roboto-Light-webfont.woff2
https://www.google.nl/

0
0

GET

/
www.google.nl/
Redirect Chain

https://gelijkoversteken.me/pay/Roboto-Regular-webfont.woff2
https://www.google.nl/

0
0

GET

/
www.google.nl/
Redirect Chain

https://gelijkoversteken.me/pay/Roboto-Medium-webfont.woff2
https://www.google.nl/

0
0

GET
DATA 200
OK truncated
/ 20 KB
20 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0df3d65fc22a5cf3bcf8938f81bab89d634db8e2cfd5e33e3ce77960498cff62

Request headers

Referer
Origin: https://gelijkoversteken.me
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 27 KB
27 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 045388876c5fcd98e6e9bfb98e03a20554f782778472d01cffca20cda96666e1

Request headers

Referer
Origin: https://gelijkoversteken.me
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: application/font-woff

GET

/
www.google.nl/
Redirect Chain

https://gelijkoversteken.me/pay/Roboto-Light-webfont.woff
https://www.google.nl/

0
0

GET

/
www.google.nl/
Redirect Chain

https://gelijkoversteken.me/pay/Roboto-Regular-webfont.woff
https://www.google.nl/

0
0

GET

/
www.google.nl/
Redirect Chain

https://gelijkoversteken.me/pay/Roboto-Medium-webfont.woff
https://www.google.nl/

0
0

GET

/
www.google.nl/
Redirect Chain

https://gelijkoversteken.me/pay/Roboto-Light-webfont.ttf?v1
https://www.google.nl/

0
0

GET

/
www.google.nl/
Redirect Chain

https://gelijkoversteken.me/pay/Roboto-Medium-webfont.ttf?v1
https://www.google.nl/

0
0

GET

/
www.google.nl/
Redirect Chain

https://gelijkoversteken.me/pay/Roboto-Regular-webfont.ttf?v1
https://www.google.nl/

0
0

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/47/7a/intl/nl_ALL/ 77 KB
28 KB 48ms
20ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/47/7a/intl/nl_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=gme-marktplaats&channel=mp-messaging

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28355f997f7ccc50fdeefe2fc647be40b3661760939211b47e7596ee28ddc4d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gelijkoversteken.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 18:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28812
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 20:23:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 18:05:37 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/47/7a/intl/nl_ALL/ 297 KB
91 KB 49ms
21ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/47/7a/intl/nl_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=gme-marktplaats&channel=mp-messaging

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ba2b1cc44040565c270d5049404b8d0ddb733070c04ed09d0cdd4e3da7922e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gelijkoversteken.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 11:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 386500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92773
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 20:23:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Mar 2023 11:30:11 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.nl
URL: https://www.google.nl/

Domain: www.google.nl
URL: https://www.google.nl/

Domain: www.google.nl
URL: https://www.google.nl/

Domain: www.google.nl
URL: https://www.google.nl/

Domain: www.google.nl
URL: https://www.google.nl/

Domain: www.google.nl
URL: https://www.google.nl/

Domain: www.google.nl
URL: https://www.google.nl/

Domain: www.google.nl
URL: https://www.google.nl/

Domain: www.google.nl
URL: https://www.google.nl/

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PostNL (Transportation)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			gelijkoversteken.me/	1969-12-31 23:59:59	Name: PHPSESSID Value: 831te4mjpqvf8tf6cu3k720gi0

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mempay.com/uploads/partners/OBP_logo_final_yellow_RGB.png Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://gelijkoversteken.me/pay/62462d9ed034e Message: Access to font at 'https://www.google.nl/' (redirected from 'https://gelijkoversteken.me/pay/Roboto-Light-webfont.woff2') from origin 'https://gelijkoversteken.me' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.google.nl/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gelijkoversteken.me/pay/62462d9ed034e Message: Access to font at 'https://www.google.nl/' (redirected from 'https://gelijkoversteken.me/pay/Roboto-Regular-webfont.woff2') from origin 'https://gelijkoversteken.me' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.google.nl/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gelijkoversteken.me/pay/62462d9ed034e Message: Access to font at 'https://www.google.nl/' (redirected from 'https://gelijkoversteken.me/pay/Roboto-Medium-webfont.woff2') from origin 'https://gelijkoversteken.me' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.google.nl/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gelijkoversteken.me/pay/62462d9ed034e Message: Access to font at 'https://www.google.nl/' (redirected from 'https://gelijkoversteken.me/pay/Roboto-Light-webfont.woff') from origin 'https://gelijkoversteken.me' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.google.nl/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gelijkoversteken.me/pay/62462d9ed034e Message: Access to font at 'https://www.google.nl/' (redirected from 'https://gelijkoversteken.me/pay/Roboto-Medium-webfont.woff') from origin 'https://gelijkoversteken.me' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.google.nl/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gelijkoversteken.me/pay/62462d9ed034e Message: Access to font at 'https://www.google.nl/' (redirected from 'https://gelijkoversteken.me/pay/Roboto-Regular-webfont.woff') from origin 'https://gelijkoversteken.me' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.google.nl/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gelijkoversteken.me/pay/62462d9ed034e Message: Access to font at 'https://www.google.nl/' (redirected from 'https://gelijkoversteken.me/pay/Roboto-Light-webfont.ttf?v1') from origin 'https://gelijkoversteken.me' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.google.nl/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gelijkoversteken.me/pay/62462d9ed034e Message: Access to font at 'https://www.google.nl/' (redirected from 'https://gelijkoversteken.me/pay/Roboto-Medium-webfont.ttf?v1') from origin 'https://gelijkoversteken.me' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.google.nl/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gelijkoversteken.me/pay/62462d9ed034e Message: Access to font at 'https://www.google.nl/' (redirected from 'https://gelijkoversteken.me/pay/Roboto-Regular-webfont.ttf?v1') from origin 'https://gelijkoversteken.me' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.google.nl/ Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gelijkoversteken.me
maps.googleapis.com
mempay.com
w.usabilla.com
www.google.nl
www.keendelivery.com
www.google.nl
185.10.49.98
2.56.59.87
2606:4700:20::681a:443
2a00:1450:4001:810::2003
2a00:1450:4001:831::200a
52.48.18.21
045388876c5fcd98e6e9bfb98e03a20554f782778472d01cffca20cda96666e1
04e8be55c1284778a7edf09243f04740c0655bdf735dbe177b09631db598fda2
0ba2b1cc44040565c270d5049404b8d0ddb733070c04ed09d0cdd4e3da7922e7
0df3d65fc22a5cf3bcf8938f81bab89d634db8e2cfd5e33e3ce77960498cff62
10e7c9d985d29a262431695ce140a600e37fc3655ec82951164cd291471284f4
185e0ebd115b0f812b7f69b776390caeb094f4d8fd3d16b5fd20ab31d53e2a77
2298e29ac1f301ea2b9fcda86cb1653e3f2fe035fd2765bfd3a2147e79d37404
28355f997f7ccc50fdeefe2fc647be40b3661760939211b47e7596ee28ddc4d5
28545eece7bb260eb828ce44aa750095cd422d8f028c1df5643eae06f9ae46b3
2e74b96c7931250b558f979ae3d88cc834810b33b345edd6782bda3da662f2ac
37f0f3d5f50be4f62535609b5c903ebed96bec596afe412f7603599c708260fc
412d8893f6e2ec632262cf92ec47f5ef8503dc19702575efcf9622840980a83d
45e671bd5367ca5cfe8d75f7abc75530a07c55409ef765a8d5d0f19ad7488a1d
50192acf5eebeb7af3680a75877bea8aeca19a7ffcec79f2205f88d891902b76
50c76b6340f567a536017cdf52bef65fdbbec4d637253e823543059ac68c2fd1
549f84a9d7a387a21d0baf1c5425e28ef4a01ff99cb8099065e77131752daf2d
560c97d5467491933997c42adf7cca3d92c1591a40438a3a0b128cf4314b38a7
61609969d163d720e40e31fd1e383469c3714b3b170c29b1fc03decc3ebacdb2
6554b64c6b7ef59cb1c95f24c64a10547bfa9ebee230f87c57dd82e58846c97f
65fafbca04d41042aa987845b775a3b0c17b954461c39a90833a1bd3fdad5473
7d0aa52a685b41b4c1a8fffa273c0b109a89512b1e9e6c2d022b4604eef3922e
7d9648e2dacbd0858d1f21e52282f75033feebf60422efa7b585cdafda92145d
810b6540200f531b49c62acbfcde12853a8b90d53edd8c7b2646e1cfcd949f5f
838f29ff931e2f0584d5514dd0d4133e466f8dcd9b02403421795c851bc0944d
84b26a82e30041b73f26d6e29368d8db7469ebd9c21241da05a7989849fa33e6
89283b800ea53c85e4935548aebd76f3316791221f56c00850bc90aa860e5ad6
8b49cf07dfb69cb690a8f45e1dbb28f3a2cf9f40773f5d4effcbfecd9a544358
8db46f8eafcb6502700d7c45f33ec9934ea87fed3e158a47a9e7d02d84bc232d
90b0bf80408446c3d41b692c19cf22d31c4294b14e393d82069b5f1c92cbda72
9ac556140f22d7f8e0632291157b13ce162a10ee1878b4bffee39f92850e1c9a
9ebc691870a2b2f30f541e4aaaa2f2d759772498f25b1b2ff2267bb36d4fb025
bb51e2d0ed68d16ee5e3b0485174b168eefaa17679fd239bb28c6ab47fd435be
bd4b773305a7e618ac4d140f7d8964416c9f52f02bd7e5b0318c0e4cb5fa292a
bf600392f557f8b4249f6576b17d3747dfe6aea153988eb2ccee7122a322adbf
c34990dc40be58eca50a13329a7871024a898cd3839c74ca419235689703a67f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d4b8f0ef0db65da7cb32127179f1717c098d8548eba2da1a32862ea4645bb912
d6ba28131eab4cac037e344ab0654984ec309c545a6bb20d30d7c87a644f8ead
d9f2fabff1b5fdcf2833cdcca025f1ec73c4889c41410e8a018cb1a84bb6ac79
e375a1658e86dd6ab611bbb7bc734d2f7a0d5ec688db072fca2bc773c80667ee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47d94cd4d895daa391ada617c7adea9a11c527320e85c39df57d288b6a58868
e7ef04095b8463d419ea9c9541e10dd3dec1311f454ba3d5a656ace55d5b8c73
e9d26d156cf20ca127f85364f1be122212bd2aebc86768ccf36ab6ffdd82633c
ebfd8efd9e408288113c5bf63134db6cbca301ef39888a0d7cb31d4c792f13b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f79221c4ec1b8bfec16dc0a597eac3a2e71708d3dc41cde9777c21ae6c9c5195
f81a90306873948ddfb451c569261a2a5c73c64e49ff3cf1a9525b9da441b2df
f8b853e3faeecb3a245231e5e84984e34adadc388ba59fea25c4e8372d6b5bbb

gelijkoversteken.me Open in urlscan Pro 2.56.59.87 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

25 Requests

44 %HTTPS

50 %IPv6

6 Domains

6 Subdomains

7 IPs

4 Countries

1739 kBTransfer

4052 kBSize

1 Cookies

39 Outgoing links

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 39 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gelijkoversteken.me Open in urlscan Pro
2.56.59.87 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

44 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

7
IPs

4
Countries

1739 kB
Transfer

4052 kB
Size

1
Cookies

25 HTTP transactions
39 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!