teruggave2023.info Open in urlscan Pro
2606:4700:3035::ac43:a39f Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fwejsdauiqee2.info/
Effective URL:
https://teruggave2023.info/kvk2/kvk.php
Submission: On September 26 via api (September 26th 2023, 12:25:11 pm UTC) from NL — Scanned from NL

Summary HTTP 3 Redirects Links 64 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 3 HTTP transactions. The main IP is 2606:4700:3035::ac43:a39f, located in United States and belongs to CLOUDFLARENET, US. The main domain is teruggave2023.info.
TLS certificate: Issued by GTS CA 1P5 on September 25th 2023. Valid for: 3 months.

This is the only time teruggave2023.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NL Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3030::6815:4b03	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3035::ac43:a39f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
3	3

1 2606:4700:3030::6815:4b03 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

fwejsdauiqee2.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::ac43:a39f (United States)

ASN13335 (CLOUDFLARENET, US)

teruggave2023.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (Ascension Island)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	teruggave2023.info teruggave2023.info	969 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1243	30 KB
1	fwejsdauiqee2.info 1 redirects fwejsdauiqee2.info	691 B
3	3

	Domain	Requested by
2	teruggave2023.info	teruggave2023.info
1	code.jquery.com	teruggave2023.info
1	fwejsdauiqee2.info	1 redirects
3	3

This site contains links to these domains. Also see Links.

Domain
www.belastingdienst.nl
services.belastingdienst.nl
www.overdedouane.nl
www.fiod.nl
over-ons.belastingdienst.nl
werken.belastingdienst.nl
mijn.belastingdienst.nl

Subject Issuer	Validity	Valid
teruggave2023.info GTS CA 1P5	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://teruggave2023.info/kvk2/kvk.php
Frame ID: 1A6CD8ACA2B0D5F74B80CFCC7594A9AA
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Belastingteruggave

Page URL History Show full URLs

http://fwejsdauiqee2.info/ HTTP 301
https://teruggave2023.info/kvk2/kvk.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

3
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1280 kB
Transfer

2757 kB
Size

1
Cookies

64 Outgoing links

These are links going to different origins than the main page.

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/home/home

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/belastingaangifte/belastingaangifte
Title: Belastingaangifte

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/aftrek-en-kortingen/aftrek-en-kortingen
Title: Aftrekposten en kortingen

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/koopwoning/koopwoning
Title: Eigen woning

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/box-3/box-3
Title: Box 3 (vermogensrendementsheffing)

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/buitenland/buitenland
Title: Buitenland

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/betalenenontvangen/betalen-en-ontvangen
Title: Betalen en ontvangen

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/auto-en-vervoer/auto-en-vervoer
Title: Auto en woon-werkverkeer

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/schenken/schenken-en-schenkbelasting
Title: Schenken en schenkbelasting

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/erfbelasting/erfbelasting
Title: Erven en erfbelasting

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/btw/btw
Title: Btw (omzetbelasting)

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/voorlopige-aanslag/voorlopige-aanslag
Title: Voorlopige aanslag

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/toeslagen/toeslagen
Title: Toeslagen

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/zorgtoeslag/zorgtoeslag
Title: Zorgtoeslag

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/huurtoeslag/huurtoeslag
Title: Huurtoeslag

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/kindgebonden-budget/kindgebonden-budget
Title: Kindgebonden budget

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/kinderopvangtoeslag/kinderopvangtoeslag
Title: Kinderopvangtoeslag

Search URL Search Domain Scan URL

URL: https://services.belastingdienst.nl/toeslagen-herstel/
Title: Gedupeerden kinderopvangtoeslag

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/modelovereenkomsten/modelovereenkomsten
Title: De wet DBA

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/douane_voor_bedrijven/douane_voor_bedrijven
Title: Douane voor bedrijven

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/personeel-en-loon/personeel-en-loon
Title: Loonheffingen: voor werkgevers en salarisadministrateurs

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/ondernemers/ondernemers
Title: Ondernemers

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/startende-ondernemer/startende-ondernemer
Title: Startende ondernemers

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/bldcontentnl/belastingdienst/zakelijk/winst/vennootschapsbelasting/vennootschapsbelasting
Title: Vennootschapsbelasting

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/douane/douane
Title: Douane

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/bagage/bagage
Title: Bagage - kijk wat mee mag door de Douane

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/internetaankopen/internetaankopen
Title: Online winkelen - zo zit het bij de Douane

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/brexit-douane/brexit-en-uw-douanezaken
Title: Brexit en uw douanezaken

Search URL Search Domain Scan URL

URL: https://www.overdedouane.nl/
Title: Over de Douane

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/contact-douane/contact-douane
Title: Contact met de Douane

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/jongeren/jongeren
Title: Belasting terugvragen of toeslag aanvragen voor jongeren

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/bezwaar-en-beroep/bezwaar-en-beroep
Title: Bezwaar, beroep en klacht

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/contact/contact
Title: Contact - we helpen u graag

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/coronavirus/coronavirus
Title: Coronamaatregelen Belastingdienst

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/bldcontentnl/belastingdienst/zakelijk/winst/dividendbelasting/dividendbelasting
Title: Dividendbelasting

Search URL Search Domain Scan URL

URL: https://www.fiod.nl/
Title: FIOD

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/bldcontentnl/standaard_functies/prive/help/help
Title: Help

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/intermediairs/intermediairs
Title: Intermediairs

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/kennisnetwerk
Title: Kennisnetwerk belastingen en toeslagen

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/na-een-overlijden/na-een-overlijden
Title: Na een overlijden

Search URL Search Domain Scan URL

URL: https://over-ons.belastingdienst.nl/
Title: Over ons

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/bldcontentnl/belastingdienst/zakelijk/overige_belastingen/overige_belastingen
Title: Overige belastingen

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/bldcontentnl/belastingdienst/prive/relatie_familie_en_gezondheid/relatie_familie_en_gezondheid
Title: Relatie, familie, gezondheid

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/scheiden/scheiden
Title: Scheiden of uit elkaar gaan

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/bldcontentnl/campagnes/landingspaginas/intermediairs/sbr/sbr
Title: Standard Business Reporting (SBR)

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/werk-en-inkomen/werk-en-inkomen
Title: Werk en inkomen

Search URL Search Domain Scan URL

URL: https://werken.belastingdienst.nl/
Title: Werken bij de Belastingdienst

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/home/content/inloggen-mijn-belastingdienst
Title: Mijn Belastingdienst

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/bldcontentnl/belastingdienst/prive/toeslagen/inloggen_op_mijn_toeslagen
Title: Mijn toeslagen

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/ondernemers/content/inloggen-voor-ondernemers
Title: Voor ondernemers

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/douane_voor_bedrijven/content/douaneportalen
Title: Voor douanezaken

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/nl/box-3/
Title: Box 3

Search URL Search Domain Scan URL

URL: https://mijn.belastingdienst.nl/GTService/#/inloggen
Title: Mijn Belastingdienst

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/bldcontentnl/niet_in_enig_menu/prive/privacy
Title: Privacyverklaring

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/bldcontentnl/niet_in_enig_menu/sitemap/sitemap
Title: Sitemap

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/bldcontentnl/niet_in_enig_menu/prive/copyright
Title: Copyright

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/bldcontentnl/niet_in_enig_menu/prive/cookies
Title: Cookies

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/bldcontentnl/niet_in_enig_menu/prive/digitale_toegankelijkheid/digitale-toegankelijkheid
Title: Toegankelijkheid

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/en/individuals/individuals
Title: English site

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/bldcontenten/belastingdienst/business/business
Title: Business

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/en/customs/customs
Title: Customs

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/bldcontentde/belastingdienst/privatpersonen/privatpersonen
Title: Deutsche Seite

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/de/privatpersonen/privatpersonen
Title: Privatpersonen

Search URL Search Domain Scan URL

URL: https://www.belastingdienst.nl/wps/wcm/connect/bldcontentde/belastingdienst/unternehmen
Title: Unternehmen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fwejsdauiqee2.info/ HTTP 301
https://teruggave2023.info/kvk2/kvk.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
9 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request kvk.php Show response teruggave2023.info/kvk2/ Redirect Chain http://fwejsdauiqee2.info/ https://teruggave2023.info/kvk2/kvk.php	2 MB 968 KB	743ms 682ms	Document text/html	2606:4700:3035::ac43:a39f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://teruggave2023.info/kvk2/kvk.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:a39f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0777edef5b76992d3a6ee94064641d66a05a6e4f5b610bee33259af9895a6c88` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 80cb7cd71d6d0218-CDG content-encoding br content-type text/html; charset=UTF-8 date Tue, 26 Sep 2023 12:25:07 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T9Ovap3ib7spT6ZTa7ofjttnc6%2FIHRE6v%2FR7H0s2RwNhVGohKGCYihDwoaprwYjQxihNT2mWxZeVou%2FjeydZ006QlYs8iv%2BQHky5SCiiU%2B7VJCSv3aTD2dv2R9hhf74sXrG5JyxpusOVoAjH%2BINr3iY%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers CF-RAY 80cb7cd5aaf09e08-EWR Cache-Control max-age=3600 Connection keep-alive Date Tue, 26 Sep 2023 12:25:06 GMT Expires Tue, 26 Sep 2023 13:25:06 GMT Location https://teruggave2023.info/kvk2/kvk.php NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nzB2K5wWa04w0W40JO%2BfGPoalXuts1zGwxyud4P%2BUx0ZLGttF4XCY97BdcsEJVQXIvsrMas2VWlRQ4pQ8ZNH08GiskgATfNK15AYBhTldW6KjvCdNs3bNRsjUtJ%2BvDASaz7Z15mmZI3vqQ5YfQsT0zg%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding alt-svc h3=":443"; ma=86400
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 30 KB	52ms 18ms	Script application/javascript	2a04:4e42::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: teruggave2023.info URL: https://teruggave2023.info/kvk2/kvk.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::649 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash `ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e` Request headers Referer https://teruggave2023.info/ Origin https://teruggave2023.info accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 12:25:07 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 493007 x-cache HIT, HIT content-length 30875 x-served-by cache-lga21931-LGA, cache-ams21077-AMS last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1695731107.272745,VS0,VE0 etag W/"28feccc0-15d9d" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 4, 277800
GET H2	200	requests.js Show response teruggave2023.info/kvk2/	4 KB 1 KB	69ms 68ms	Script text/javascript	2606:4700:3035::ac43:a39f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://teruggave2023.info/kvk2/requests.js Requested by Host: teruggave2023.info URL: https://teruggave2023.info/kvk2/kvk.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:a39f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6f8a98838ea5cae13a20e34529149ac5731cfaf8a8a80261e368ed3ab76cf219` Request headers accept-language nl-NL,nl;q=0.9 Referer https://teruggave2023.info/kvk2/kvk.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 12:25:07 GMT content-encoding br cf-cache-status MISS last-modified Thu, 21 Jul 2022 04:04:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"117b-5e448d2256e80-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8k%2BcjAbY6%2FqeGzxGpDSOGRBznIuyMRpmMwQkn6QAV1Ww%2BSRDAC%2B5JanDxTYk9R%2Fn9ChntAS1aAO5RIgQ7r1%2BX1DYl3b7VMKWQtpfXfZGK%2F3a%2FzJ0G5N8%2BVgN%2BjaYjemW6GH9r%2FcUt%2FstUcYYsYFScns%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 80cb7cdc5c8b0218-CDG alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	17 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `24c2c8d65ef0423159d5505ed54492d1346611b076c14fd3af08e5364ce83d9e` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	75 KB 75 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `54039c085acfdaf5124e55514d4153752a8526dc55b1d76c3bc731bfa4c3863a` Request headers Referer Origin https://teruggave2023.info accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type application/font-woff
GET DATA	200 OK	truncated /	103 KB 103 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `76b7bb62d24c8ed3c3fa7b1b41af442199610e1c02d4d7fcbf275abdc69a1366` Request headers Referer Origin https://teruggave2023.info accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type application/font-woff
GET DATA	200 OK	truncated /	10 KB 10 KB		Font application/x-font-ttf
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `d52728361053f1db95f6e3d13a88b473c3a2dfa9ab23c5ec0771367c623fc13d` Request headers Referer Origin https://teruggave2023.info accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type application/x-font-ttf;charset=utf-8
GET DATA	200 OK	truncated /	25 KB 25 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `de04110c4fb35d40e49f9becb0c5e0c6b0252bd8eab6c4a1aae18b03249e8fbd` Request headers Referer Origin https://teruggave2023.info accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type application/font-woff;charset=utf-8
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `2c587d8fb801a7de62f7c1985e521ec81e771f58ae23224ab075e8bec59ddd46` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	266 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	479 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `d4b768e315d68a768157f6b6ba4120604b335ee856635d00f958566d4b4d5360` Request headers Referer Origin https://teruggave2023.info accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 KB 68 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `27c094142b294677babfd410f01ab0ef6450c30f0ced804477f1b98adfc3a591` Request headers Referer Origin https://teruggave2023.info accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type application/font-woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NL Government (Government)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| savepage_ShadowLoader function| $ function| jQuery

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			teruggave2023.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: gdng1dogmdhvm8ui0f9n0f9sq5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
fwejsdauiqee2.info
teruggave2023.info
2606:4700:3030::6815:4b03
2606:4700:3035::ac43:a39f
2a04:4e42::649
0777edef5b76992d3a6ee94064641d66a05a6e4f5b610bee33259af9895a6c88
24c2c8d65ef0423159d5505ed54492d1346611b076c14fd3af08e5364ce83d9e
27c094142b294677babfd410f01ab0ef6450c30f0ced804477f1b98adfc3a591
2c587d8fb801a7de62f7c1985e521ec81e771f58ae23224ab075e8bec59ddd46
54039c085acfdaf5124e55514d4153752a8526dc55b1d76c3bc731bfa4c3863a
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
6f8a98838ea5cae13a20e34529149ac5731cfaf8a8a80261e368ed3ab76cf219
76b7bb62d24c8ed3c3fa7b1b41af442199610e1c02d4d7fcbf275abdc69a1366
d4b768e315d68a768157f6b6ba4120604b335ee856635d00f958566d4b4d5360
d52728361053f1db95f6e3d13a88b473c3a2dfa9ab23c5ec0771367c623fc13d
de04110c4fb35d40e49f9becb0c5e0c6b0252bd8eab6c4a1aae18b03249e8fbd
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

teruggave2023.info Open in urlscan Pro 2606:4700:3035::ac43:a39f Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

3 Requests

100 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

1280 kBTransfer

2757 kBSize

1 Cookies

64 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

1 Cookies

Indicators

teruggave2023.info Open in urlscan Pro
2606:4700:3035::ac43:a39f Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1280 kB
Transfer

2757 kB
Size

1
Cookies

3 HTTP transactions
9 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!