2ehandsibancontrole.icu Open in urlscan Pro
176.105.255.127  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://2ehandsibancontrole.icu/pay/verificatie Page URL
2. https://2ehandsibancontrole.icu/content/marktplaats/header.html Page URL
3. https://2ehandsibancontrole.icu/content/marktplaats/CssVars.e8761656.html Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Cookie set verificatie Show response 2ehandsibancontrole.icu/pay/	15 KB 4 KB	338ms 70ms	Document text/html	176.105.255.127 SPECTRAIP Spectra...
General Check archive.org Show headers Download Go to Full URL https://2ehandsibancontrole.icu/pay/verificatie Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 176.105.255.127 , Ascension Island, ASN62068 (SPECTRAIP SpectraIP B.V., NL), Reverse DNS ninkegryp.1vm.in Software nginx/1.14.0 (Ubuntu) / Resource Hash c19c0c82150d8d6b27283cd6af8cdd0841aa3cdc4ca30bcf24b7bc708eb7414f Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Frame-Options SAMEORIGIN Request headers Host 2ehandsibancontrole.icu Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site none Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Response headers Server nginx/1.14.0 (Ubuntu) Date Sat, 09 Nov 2019 17:56:57 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Cache-Control no-cache Pragma no-cache Expires -1 Set-Cookie .AspNetCore.Antiforgery.il7asoJjJEM=CfDJ8JgTtFSxRT9Pknnd6eVHsLRTiA8Y64WGyd_o40MS0-wtO1gBCdOyhscC-uBW1nPUq8DApes_xteL1YXoDSJEx8yej6SOHIKOdI9B_KPfmzL0eUeaUdHKEPyiXz2Cs-NjX29-Or7PXUwOV0J3dCKDjs4; path=/; samesite=strict; httponly .AspNetCore.Session=CfDJ8JgTtFSxRT9Pknnd6eVHsLRTGwkrD2%2BVDe%2B5J9BR5VU5Jv34sVL6sBG%2FfBfttzaFB%2FnynT5OIrO%2B7l%2FnFXz9qrVn46XelxUdTvEG5K0XdTSKKUAvbrLzBow%2FuXKNbZhyHjqDsoVw8CD3sQWz5W4lu68a146kqE9r3C6obZ9q6k8a; path=/; samesite=lax; httponly Strict-Transport-Security max-age=2592000 X-Frame-Options SAMEORIGIN Content-Encoding gzip
GET H/1.1	200 OK	marktplaats.css 2ehandsibancontrole.icu/content/marktplaats/	103 KB 103 KB	26ms 25ms	Stylesheet text/css	176.105.255.127 SPECTRAIP Spectra...
General Check archive.org Show headers Download Go to Full URL https://2ehandsibancontrole.icu/content/marktplaats/marktplaats.css Requested by Host: 2ehandsibancontrole.icu URL: https://2ehandsibancontrole.icu/pay/verificatie Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 176.105.255.127 , Ascension Island, ASN62068 (SPECTRAIP SpectraIP B.V., NL), Reverse DNS ninkegryp.1vm.in Software nginx/1.14.0 (Ubuntu) / Resource Hash 398d74f87682fe45a49629d5ff966191f84310ad409efa2ff47a9affc3a5f0bf Request headers Sec-Fetch-Mode no-cors Referer https://2ehandsibancontrole.icu/pay/verificatie User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers Date Sat, 09 Nov 2019 17:56:57 GMT Last-Modified Tue, 16 Jul 2019 23:13:14 GMT Server nginx/1.14.0 (Ubuntu) ETag "5d2e5a0a-19a85" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 105093
GET H/1.1	200 OK	client.min.css 2ehandsibancontrole.icu/content/marktplaats/	120 KB 120 KB	49ms 24ms	Stylesheet text/css	176.105.255.127 SPECTRAIP Spectra...
General Check archive.org Show headers Download Go to Full URL https://2ehandsibancontrole.icu/content/marktplaats/client.min.css Requested by Host: 2ehandsibancontrole.icu URL: https://2ehandsibancontrole.icu/pay/verificatie Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 176.105.255.127 , Ascension Island, ASN62068 (SPECTRAIP SpectraIP B.V., NL), Reverse DNS ninkegryp.1vm.in Software nginx/1.14.0 (Ubuntu) / Resource Hash 6b0eedcff94b6a63aa4726b01dd0cd284710ca8b73f35ea018e141f9b778c758 Request headers Sec-Fetch-Mode no-cors Referer https://2ehandsibancontrole.icu/pay/verificatie User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers Date Sat, 09 Nov 2019 17:56:57 GMT Last-Modified Tue, 16 Jul 2019 22:18:16 GMT Server nginx/1.14.0 (Ubuntu) ETag "5d2e4d28-1df98" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 122776
GET H/1.1	200 OK	header.html Show response 2ehandsibancontrole.icu/content/marktplaats/	48 KB 8 KB	42ms 17ms	Document text/html	176.105.255.127 SPECTRAIP Spectra...
General Check archive.org Show headers Download Go to Full URL https://2ehandsibancontrole.icu/content/marktplaats/header.html Requested by Host: 2ehandsibancontrole.icu URL: https://2ehandsibancontrole.icu/pay/verificatie Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 176.105.255.127 , Ascension Island, ASN62068 (SPECTRAIP SpectraIP B.V., NL), Reverse DNS ninkegryp.1vm.in Software nginx/1.14.0 (Ubuntu) / Resource Hash d277dd6d8082249ed4c447b61a4e644a3148985d551175e7461d2ec981317ec6 Request headers Sec-Fetch-Mode cors Referer https://2ehandsibancontrole.icu/pay/verificatie Origin https://2ehandsibancontrole.icu User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers Date Sat, 09 Nov 2019 17:56:57 GMT Content-Encoding gzip Last-Modified Thu, 05 Sep 2019 14:27:38 GMT Server nginx/1.14.0 (Ubuntu) ETag W/"5d711b5a-be4a" Transfer-Encoding chunked Content-Type text/html Connection keep-alive
GET H/1.1	200 OK	normalize.112272e5.css 2ehandsibancontrole.icu/content/marktplaats/	6 KB 6 KB	38ms 14ms	Stylesheet text/css	176.105.255.127 SPECTRAIP Spectra...
General Check archive.org Show headers Download Go to Full URL https://2ehandsibancontrole.icu/content/marktplaats/normalize.112272e5.css Requested by Host: 2ehandsibancontrole.icu URL: https://2ehandsibancontrole.icu/pay/verificatie Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 176.105.255.127 , Ascension Island, ASN62068 (SPECTRAIP SpectraIP B.V., NL), Reverse DNS ninkegryp.1vm.in Software nginx/1.14.0 (Ubuntu) / Resource Hash 580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512 Request headers Sec-Fetch-Mode no-cors Referer https://2ehandsibancontrole.icu/pay/verificatie User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers Date Sat, 09 Nov 2019 17:56:57 GMT Last-Modified Fri, 06 Sep 2019 22:19:38 GMT Server nginx/1.14.0 (Ubuntu) ETag "5d72db7a-17fa" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 6138
GET H/1.1	200 OK	Primary Request CssVars.e8761656.html Show response 2ehandsibancontrole.icu/content/marktplaats/	345 B 533 B	42ms 17ms	Document text/html	176.105.255.127 SPECTRAIP Spectra...
General Check archive.org Show headers Download Go to Full URL https://2ehandsibancontrole.icu/content/marktplaats/CssVars.e8761656.html Requested by Host: 2ehandsibancontrole.icu URL: https://2ehandsibancontrole.icu/pay/verificatie Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 176.105.255.127 , Ascension Island, ASN62068 (SPECTRAIP SpectraIP B.V., NL), Reverse DNS ninkegryp.1vm.in Software nginx/1.14.0 (Ubuntu) / Resource Hash 2e4cc3abd3aa646eb7de18aaf8ba6538f369b568e9f9640767186b13578734a3 Request headers Sec-Fetch-Mode cors Referer https://2ehandsibancontrole.icu/pay/verificatie Origin https://2ehandsibancontrole.icu User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers Date Sat, 09 Nov 2019 17:56:57 GMT Content-Encoding gzip Last-Modified Fri, 06 Sep 2019 22:21:12 GMT Server nginx/1.14.0 (Ubuntu) ETag W/"5d72dbd8-159" Transfer-Encoding chunked Content-Type text/html Connection keep-alive
GET H/1.1	200 OK	kyc-bank-card-success.svg 2ehandsibancontrole.icu/content/marktplaats/	2 KB 2 KB	43ms 17ms	Image image/svg+xml	176.105.255.127 SPECTRAIP Spectra...
General Check archive.org Show headers Download Go to Show image Full URL https://2ehandsibancontrole.icu/content/marktplaats/kyc-bank-card-success.svg Requested by Host: 2ehandsibancontrole.icu URL: https://2ehandsibancontrole.icu/pay/verificatie Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 176.105.255.127 , Ascension Island, ASN62068 (SPECTRAIP SpectraIP B.V., NL), Reverse DNS ninkegryp.1vm.in Software nginx/1.14.0 (Ubuntu) / Resource Hash c5d39316857aa80da885b3e92f6df39461af9abbd1e9365e57fa637152a1cfab Request headers Sec-Fetch-Mode no-cors Referer https://2ehandsibancontrole.icu/pay/verificatie User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers Date Sat, 09 Nov 2019 17:56:57 GMT Last-Modified Tue, 16 Jul 2019 22:20:28 GMT Server nginx/1.14.0 (Ubuntu) ETag "5d2e4dac-6e9" Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 1769
GET H/1.1	200 OK	obp.dff79601.svg 2ehandsibancontrole.icu/content/marktplaats/	4 KB 4 KB	12ms 12ms	Image image/svg+xml	176.105.255.127 SPECTRAIP Spectra...
General Check archive.org Show headers Download Go to Show image Full URL https://2ehandsibancontrole.icu/content/marktplaats/obp.dff79601.svg Requested by Host: 2ehandsibancontrole.icu URL: https://2ehandsibancontrole.icu/pay/verificatie Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 176.105.255.127 , Ascension Island, ASN62068 (SPECTRAIP SpectraIP B.V., NL), Reverse DNS ninkegryp.1vm.in Software nginx/1.14.0 (Ubuntu) / Resource Hash 0a13f7a510e9cb674c985ada9d5aa5e11b35c907cca576232354f55be52b9e57 Request headers Sec-Fetch-Mode no-cors Referer https://2ehandsibancontrole.icu/pay/verificatie User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers Date Sat, 09 Nov 2019 17:56:57 GMT Last-Modified Tue, 16 Jul 2019 21:36:58 GMT Server nginx/1.14.0 (Ubuntu) ETag "5d2e437a-eae" Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 3758
GET H2	200	js Show response maps.googleapis.com/maps/api/	105 KB 34 KB	37ms 26ms	Script text/javascript	2a00:1450:4001:809::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps/api/js?client=gme-marktplaats&channel=mp-messaging Requested by Host: 2ehandsibancontrole.icu URL: https://2ehandsibancontrole.icu/pay/verificatie Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software mafe / Resource Hash 2854cab8ff613c47e708532a85b88796d9958aa6efeff865cbb71d7c03acbda0 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://2ehandsibancontrole.icu/pay/verificatie User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers date Sat, 09 Nov 2019 17:56:57 GMT content-encoding gzip vary Accept-Language server mafe x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 status 200 cache-control public, max-age=1800 server-timing gfet4t7; dur=12 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 34484 x-xss-protection 0 expires Sat, 09 Nov 2019 18:26:57 GMT
GET H/1.1	404 Not Found	Roboto-Regular-webfont.woff2 2ehandsibancontrole.icu/content/marktplaats/	0 0	12ms 12ms	Font text/html	176.105.255.127 SPECTRAIP Spectra...
General Check archive.org Show headers Download Go to Full URL https://2ehandsibancontrole.icu/content/marktplaats/Roboto-Regular-webfont.woff2 Requested by Host: 2ehandsibancontrole.icu URL: https://2ehandsibancontrole.icu/pay/verificatie Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 176.105.255.127 , Ascension Island, ASN62068 (SPECTRAIP SpectraIP B.V., NL), Reverse DNS ninkegryp.1vm.in Software nginx/1.14.0 (Ubuntu) / Resource Hash Request headers Sec-Fetch-Mode cors Referer https://2ehandsibancontrole.icu/content/marktplaats/marktplaats.css Origin https://2ehandsibancontrole.icu User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers Date Sat, 09 Nov 2019 17:56:57 GMT Content-Encoding gzip Server nginx/1.14.0 (Ubuntu) Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	200 OK	bancontact.svg 2ehandsibancontrole.icu/content/marktplaats/	18 KB 18 KB	24ms 24ms	Image image/svg+xml	176.105.255.127 SPECTRAIP Spectra...
General Check archive.org Show headers Download Go to Show image Full URL https://2ehandsibancontrole.icu/content/marktplaats/bancontact.svg Requested by Host: 2ehandsibancontrole.icu URL: https://2ehandsibancontrole.icu/pay/verificatie Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 176.105.255.127 , Ascension Island, ASN62068 (SPECTRAIP SpectraIP B.V., NL), Reverse DNS ninkegryp.1vm.in Software nginx/1.14.0 (Ubuntu) / Resource Hash 6497447255bc49d61cc2a7446e79a880f621299d9a22aadcd7501e2576ef02cd Request headers Sec-Fetch-Mode no-cors Referer https://2ehandsibancontrole.icu/content/marktplaats/marktplaats.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers Date Sat, 09 Nov 2019 17:56:57 GMT Last-Modified Tue, 16 Jul 2019 23:10:00 GMT Server nginx/1.14.0 (Ubuntu) ETag "5d2e5948-4888" Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 18568
GET H/1.1	200 OK	Marktplaats.Sprite.svg 2ehandsibancontrole.icu/content/marktplaats/	218 KB 218 KB	13ms 13ms	Image image/svg+xml	176.105.255.127 SPECTRAIP Spectra...
General Check archive.org Show headers Download Go to Show image Full URL https://2ehandsibancontrole.icu/content/marktplaats/Marktplaats.Sprite.svg Requested by Host: 2ehandsibancontrole.icu URL: https://2ehandsibancontrole.icu/pay/verificatie Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 176.105.255.127 , Ascension Island, ASN62068 (SPECTRAIP SpectraIP B.V., NL), Reverse DNS ninkegryp.1vm.in Software nginx/1.14.0 (Ubuntu) / Resource Hash 19016e0b1372d08aff16789dcb2c557615bd22fad7c76ffd0a9f9948c8bdc267 Request headers Sec-Fetch-Mode no-cors Referer https://2ehandsibancontrole.icu/content/marktplaats/marktplaats.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers Date Sat, 09 Nov 2019 17:56:57 GMT Last-Modified Tue, 16 Jul 2019 22:19:32 GMT Server nginx/1.14.0 (Ubuntu) ETag "5d2e4d74-36862" Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 223330
GET H/1.1	404 Not Found	Roboto-Light-webfont.woff2 2ehandsibancontrole.icu/content/marktplaats/	0 0	13ms 13ms	Font text/html	176.105.255.127 SPECTRAIP Spectra...
General Check archive.org Show headers Download Go to Full URL https://2ehandsibancontrole.icu/content/marktplaats/Roboto-Light-webfont.woff2 Requested by Host: 2ehandsibancontrole.icu URL: https://2ehandsibancontrole.icu/pay/verificatie Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 176.105.255.127 , Ascension Island, ASN62068 (SPECTRAIP SpectraIP B.V., NL), Reverse DNS ninkegryp.1vm.in Software nginx/1.14.0 (Ubuntu) / Resource Hash Request headers Sec-Fetch-Mode cors Referer https://2ehandsibancontrole.icu/content/marktplaats/marktplaats.css Origin https://2ehandsibancontrole.icu User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers Date Sat, 09 Nov 2019 17:56:57 GMT Content-Encoding gzip Server nginx/1.14.0 (Ubuntu) Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	Roboto-Regular-webfont.woff 2ehandsibancontrole.icu/content/marktplaats/	0 0	12ms 12ms	Font text/html	176.105.255.127 SPECTRAIP Spectra...
General Check archive.org Show headers Download Go to Full URL https://2ehandsibancontrole.icu/content/marktplaats/Roboto-Regular-webfont.woff Requested by Host: 2ehandsibancontrole.icu URL: https://2ehandsibancontrole.icu/pay/verificatie Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 176.105.255.127 , Ascension Island, ASN62068 (SPECTRAIP SpectraIP B.V., NL), Reverse DNS ninkegryp.1vm.in Software nginx/1.14.0 (Ubuntu) / Resource Hash Request headers Sec-Fetch-Mode cors Referer https://2ehandsibancontrole.icu/content/marktplaats/marktplaats.css Origin https://2ehandsibancontrole.icu User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers Date Sat, 09 Nov 2019 17:56:57 GMT Content-Encoding gzip Server nginx/1.14.0 (Ubuntu) Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	Roboto-Light-webfont.woff 2ehandsibancontrole.icu/content/marktplaats/	0 0	13ms 13ms	Font text/html	176.105.255.127 SPECTRAIP Spectra...
General Check archive.org Show headers Download Go to Full URL https://2ehandsibancontrole.icu/content/marktplaats/Roboto-Light-webfont.woff Requested by Host: 2ehandsibancontrole.icu URL: https://2ehandsibancontrole.icu/pay/verificatie Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 176.105.255.127 , Ascension Island, ASN62068 (SPECTRAIP SpectraIP B.V., NL), Reverse DNS ninkegryp.1vm.in Software nginx/1.14.0 (Ubuntu) / Resource Hash Request headers Sec-Fetch-Mode cors Referer https://2ehandsibancontrole.icu/content/marktplaats/marktplaats.css Origin https://2ehandsibancontrole.icu User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers Date Sat, 09 Nov 2019 17:56:57 GMT Content-Encoding gzip Server nginx/1.14.0 (Ubuntu) Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	Roboto-Regular-webfont.ttf 2ehandsibancontrole.icu/content/marktplaats/	0 0	12ms 12ms	Font text/html	176.105.255.127 SPECTRAIP Spectra...
General Check archive.org Show headers Download Go to Full URL https://2ehandsibancontrole.icu/content/marktplaats/Roboto-Regular-webfont.ttf?v1 Requested by Host: 2ehandsibancontrole.icu URL: https://2ehandsibancontrole.icu/pay/verificatie Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 176.105.255.127 , Ascension Island, ASN62068 (SPECTRAIP SpectraIP B.V., NL), Reverse DNS ninkegryp.1vm.in Software nginx/1.14.0 (Ubuntu) / Resource Hash Request headers Sec-Fetch-Mode cors Referer https://2ehandsibancontrole.icu/content/marktplaats/marktplaats.css Origin https://2ehandsibancontrole.icu User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers Date Sat, 09 Nov 2019 17:56:57 GMT Content-Encoding gzip Server nginx/1.14.0 (Ubuntu) Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	Roboto-Light-webfont.ttf 2ehandsibancontrole.icu/content/marktplaats/	0 0	12ms 12ms	Font text/html	176.105.255.127 SPECTRAIP Spectra...
General Check archive.org Show headers Download Go to Full URL https://2ehandsibancontrole.icu/content/marktplaats/Roboto-Light-webfont.ttf?v1 Requested by Host: 2ehandsibancontrole.icu URL: https://2ehandsibancontrole.icu/pay/verificatie Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 176.105.255.127 , Ascension Island, ASN62068 (SPECTRAIP SpectraIP B.V., NL), Reverse DNS ninkegryp.1vm.in Software nginx/1.14.0 (Ubuntu) / Resource Hash Request headers Sec-Fetch-Mode cors Referer https://2ehandsibancontrole.icu/content/marktplaats/marktplaats.css Origin https://2ehandsibancontrole.icu User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers Date Sat, 09 Nov 2019 17:56:57 GMT Content-Encoding gzip Server nginx/1.14.0 (Ubuntu) Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H2	200	common.js Show response maps.googleapis.com/maps-api-v3/api/js/37/10a/	75 KB 28 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:809::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps-api-v3/api/js/37/10a/common.js Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?client=gme-marktplaats&channel=mp-messaging Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash e48bd92ab9651f3daa6bff9b4dec24aba7da5db99cd4e13b802c7becdfcc2856 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://2ehandsibancontrole.icu/pay/verificatie User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers date Wed, 06 Nov 2019 13:23:01 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 30 Jul 2019 18:04:11 GMT server sffe age 275641 vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 28142 x-xss-protection 0 expires Thu, 05 Nov 2020 13:23:01 GMT
GET H2	200	util.js Show response maps.googleapis.com/maps-api-v3/api/js/37/10a/	141 KB 53 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:809::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps-api-v3/api/js/37/10a/util.js Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?client=gme-marktplaats&channel=mp-messaging Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash b6f58234982fd9942f311e17d79c3095baf678832ca34aff4a57da3ec38fd4cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://2ehandsibancontrole.icu/pay/verificatie User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers date Wed, 06 Nov 2019 13:23:01 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 30 Jul 2019 18:04:11 GMT server sffe age 275641 vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 54152 x-xss-protection 0 expires Thu, 05 Nov 2020 13:23:01 GMT
GET H2	200	AuthenticationService.Authenticate Show response maps.googleapis.com/maps/api/js/	252 B 350 B	15ms 15ms	Script text/javascript	2a00:1450:4001:809::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2F2ehandsibancontrole.icu%2Fpay%2Fverificatie&2sgme-marktplaats&3smp-messaging&callback=_xdc_._earlnd&client=gme-marktplaats&channel=mp-messaging&token=54865 Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps-api-v3/api/js/37/10a/common.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software mafe / Resource Hash 13a4b48b3906560fc97281fb3772838875d02d6d0f4b161df1b6f3a5db3a0ab5 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://2ehandsibancontrole.icu/pay/verificatie User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers pragma no-cache date Sat, 09 Nov 2019 17:57:02 GMT content-encoding gzip server mafe x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 status 200 cache-control no-cache, must-revalidate content-disposition attachment server-timing gfet4t7; dur=2 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 203 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView boolean| radioselected boolean| tcsaccepted object| selectedbank function| closeselect function| openselect function| radiochange function| changevalues function| gm_authFailure object| _xdc_

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			2ehandsibancontrole.icu/	1969-12-31 23:59:59	Name: .AspNetCore.Session Value: CfDJ8JgTtFSxRT9Pknnd6eVHsLRTGwkrD2%2BVDe%2B5J9BR5VU5Jv34sVL6sBG%2FfBfttzaFB%2FnynT5OIrO%2B7l%2FnFXz9qrVn46XelxUdTvEG5K0XdTSKKUAvbrLzBow%2FuXKNbZhyHjqDsoVw8CD3sQWz5W4lu68a146kqE9r3C6obZ9q6k8a
			2ehandsibancontrole.icu/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.il7asoJjJEM Value: CfDJ8JgTtFSxRT9Pknnd6eVHsLRTiA8Y64WGyd_o40MS0-wtO1gBCdOyhscC-uBW1nPUq8DApes_xteL1YXoDSJEx8yej6SOHIKOdI9B_KPfmzL0eUeaUdHKEPyiXz2Cs-NjX29-Or7PXUwOV0J3dCKDjs4

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://maps.googleapis.com/maps/api/js?client=gme-marktplaats&channel=mp-messaging(Line 53) Message: Google Maps JavaScript API error: UnauthorizedURLForClientIdMapError https://developers.google.com/maps/documentation/javascript/error-messages#unauthorized-url-for-client-id-map-error Your site URL to be authorized: https://2ehandsibancontrole.icu/pay/verificatie

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2ehandsibancontrole.icu
maps.googleapis.com
176.105.255.127
2a00:1450:4001:809::200a
0a13f7a510e9cb674c985ada9d5aa5e11b35c907cca576232354f55be52b9e57
13a4b48b3906560fc97281fb3772838875d02d6d0f4b161df1b6f3a5db3a0ab5
19016e0b1372d08aff16789dcb2c557615bd22fad7c76ffd0a9f9948c8bdc267
2854cab8ff613c47e708532a85b88796d9958aa6efeff865cbb71d7c03acbda0
2e4cc3abd3aa646eb7de18aaf8ba6538f369b568e9f9640767186b13578734a3
398d74f87682fe45a49629d5ff966191f84310ad409efa2ff47a9affc3a5f0bf
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512
6497447255bc49d61cc2a7446e79a880f621299d9a22aadcd7501e2576ef02cd
6b0eedcff94b6a63aa4726b01dd0cd284710ca8b73f35ea018e141f9b778c758
b6f58234982fd9942f311e17d79c3095baf678832ca34aff4a57da3ec38fd4cc
c19c0c82150d8d6b27283cd6af8cdd0841aa3cdc4ca30bcf24b7bc708eb7414f
c5d39316857aa80da885b3e92f6df39461af9abbd1e9365e57fa637152a1cfab
d277dd6d8082249ed4c447b61a4e644a3148985d551175e7461d2ec981317ec6
e48bd92ab9651f3daa6bff9b4dec24aba7da5db99cd4e13b802c7becdfcc2856