terugbetal-ingen.com Open in urlscan Pro
2606:4700:3032::6815:420a Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://terugbetal-ingen.com/
Submission Tags: https://phish.report @phish_report Search All
Submission: On January 17 via api (January 17th 2022, 7:27:16 am UTC) from FI — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3032::6815:420a, located in United States and belongs to CLOUDFLARENET, US. The main domain is terugbetal-ingen.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 17th 2022. Valid for: a year.

This is the only time terugbetal-ingen.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online)

Domain & IP information

	IP Address		AS Autonomous System
17	2606:4700:303... 2606:4700:3032::6815:420a		13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	1

17 2606:4700:3032::6815:420a (United States)

ASN13335 (CLOUDFLARENET, US)

terugbetal-ingen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	terugbetal-ingen.com terugbetal-ingen.com	248 KB
17	1

	Domain	Requested by
17	terugbetal-ingen.com	terugbetal-ingen.com
17	1

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-17` - `2023-01-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://terugbetal-ingen.com/
Frame ID: 306503B732192B85C48CA3734045F7D2
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mijn Overheid | Belastingdienst

Page Statistics

17
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

248 kB
Transfer

590 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response terugbetal-ingen.com/	13 KB 3 KB	148ms 95ms	Document text/html	2606:4700:3032::6815:420a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://terugbetal-ingen.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:420a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4f5fd648840971ad3a8fb32ed104f0f20f2f112af4a5c9133dd248eb07bfc54d` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Mon, 17 Jan 2022 07:27:11 GMT content-type text/html last-modified Wed, 05 Jan 2022 06:41:20 GMT vary Accept-Encoding cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmnLvBTvSt0YrvUT%2B4eNHbcRr5rTvsSm673wZSu%2BqLj0oWxgWvu%2BHHZRxt4Dr0YUp6jS9gUtImdDDJImx3QKzvMDL8MucibCkJU8mQFBYBEiZjNtEwIVmP68%2FzjCe%2F%2BlLuuZ2j7ttPO9bqAiJPAsjUMNWQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6ceddc1279257033-FRA content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	marktplaats.css terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/	103 KB 14 KB	33ms 32ms	Stylesheet text/css	2606:4700:3032::6815:420a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/marktplaats.css Requested by Host: terugbetal-ingen.com URL: https://terugbetal-ingen.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:420a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `398d74f87682fe45a49629d5ff966191f84310ad409efa2ff47a9affc3a5f0bf` Request headers Accept-Language de-DE,de;q=0.9 Referer https://terugbetal-ingen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 07:27:11 GMT content-encoding br cf-cache-status HIT last-modified Mon, 23 Mar 2020 15:28:18 GMT server cloudflare age 1660 etag W/"19a85-5a18748d30880-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DyTQLEkCOdBErAJtLDbx6LKPOKkHpdPpjCYXiyEw6I7vonDCqIVYXtRZPrQBgaYey25%2BvUqRyAV4bBZ4KqA9ukmDhabr6Bwy%2BahRqwydNk5PSngnRjzSqwgUHel%2FHbXM%2FnsLNoyeeQRkoAL1Irfu4lyx9g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ceddc132bce7033-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	client.min.css terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/	120 KB 18 KB	37ms 36ms	Stylesheet text/css	2606:4700:3032::6815:420a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/client.min.css Requested by Host: terugbetal-ingen.com URL: https://terugbetal-ingen.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:420a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6b0eedcff94b6a63aa4726b01dd0cd284710ca8b73f35ea018e141f9b778c758` Request headers Accept-Language de-DE,de;q=0.9 Referer https://terugbetal-ingen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 07:27:11 GMT content-encoding br cf-cache-status HIT last-modified Mon, 23 Mar 2020 15:28:18 GMT server cloudflare age 1660 etag W/"1df98-5a18748d30880-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7MT%2FWLCyN8gb2gqDKcOW%2BS4m8PiUpCiW5zVGB00MJJJ6Hjndvey8e7kNlr21Y3vzx%2Fcjqk60Rcc5ztMc7u56Q5KjfhPuvVRUEA99d9quGRvecMFg7wkESqlMsr5rZO0ChHv0nxjp%2BZ%2FqNyXNMFNzOk9uw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ceddc132bda7033-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	normalize.112272e5.css terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/	6 KB 2 KB	31ms 31ms	Stylesheet text/css	2606:4700:3032::6815:420a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/normalize.112272e5.css Requested by Host: terugbetal-ingen.com URL: https://terugbetal-ingen.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:420a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512` Request headers Accept-Language de-DE,de;q=0.9 Referer https://terugbetal-ingen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 07:27:11 GMT content-encoding br cf-cache-status HIT last-modified Mon, 23 Mar 2020 15:28:18 GMT server cloudflare age 1660 etag W/"17fa-5a18748d30880-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JRxm1NlT1%2BFUsoyvsyZHNKl1Yb5%2F6bE2%2Fk0CBzpRl1yHGfmazV8czywYDtexVrmsE6YIzDsFqbMIC4ZnlCd1WcSGaSPxbY9tmbhl6V3dj41qU%2Bz1sotGxFmOpj0zCH2rTJAXviyh%2F%2FXz9SqXrmBLir%2BsdA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ceddc132be27033-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	common.js.download Show response terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/	78 KB 30 KB	73ms 72ms	Script application/javascript	2606:4700:3032::6815:420a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/common.js.download Requested by Host: terugbetal-ingen.com URL: https://terugbetal-ingen.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:420a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bfe8034d6da06a3fb17b45b8d3813aa8e8e47b3bf650274da27eee2b2a47b0cb` Request headers Accept-Language de-DE,de;q=0.9 Referer https://terugbetal-ingen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 07:27:11 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 23 Mar 2020 15:28:18 GMT server cloudflare etag W/"136e8-5a18748d30880-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZzCCGrd3AhEEzK%2BOImp1XcrWEvtMuiG0M5CZN32DwHZeo8Dg7Cr%2Fsw9DzpcHTG%2FfYcF9jvEjAVdejA%2F4rkhMTtdzQp4PNoPz9ZuDp4uPredZ21iE05K3EuqTUbiQlADoK0ICL9VuazxLCdatdFY9wu0fQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ceddc132be47033-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	util.js.download Show response terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/	143 KB 54 KB	105ms 104ms	Script application/javascript	2606:4700:3032::6815:420a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/util.js.download Requested by Host: terugbetal-ingen.com URL: https://terugbetal-ingen.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:420a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `584a2c05476de8bbc369a9094e3a888c305a750bf7f6282358a24419ba3c3eaf` Request headers Accept-Language de-DE,de;q=0.9 Referer https://terugbetal-ingen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 07:27:11 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 23 Mar 2020 15:28:18 GMT server cloudflare etag W/"23a6c-5a18748d30880-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pp%2BnkY9HZVK6wfAIYTfSBeaRv%2Fa9VWZyLEBTJ5tRAbCA1lUUIMaMVLEvvC5yJ0FSwUB1QtMI98qKvd8tB3KQvfTZky37lfdTOgzDzct%2Fl4UpbBwlABlkam8d2zJgyXNCWsk6EziWv4LNQyi1SUjJVfZb4Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ceddc132beb7033-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	fod_logo.png terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/	8 KB 9 KB	32ms 32ms	Image image/png	2606:4700:3032::6815:420a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/fod_logo.png Requested by Host: terugbetal-ingen.com URL: https://terugbetal-ingen.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:420a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `daa392a442e0815ae90396224b9f6b0580cc98bbd3eb6f7c2e1f79a3c8689251` Request headers Accept-Language de-DE,de;q=0.9 Referer https://terugbetal-ingen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 07:27:11 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1660 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 8264 last-modified Wed, 08 Apr 2020 15:43:56 GMT server cloudflare etag "2048-5a2c95e31c700" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNyexVBhVNStgxWNFg84B2yEXfN85rKZ58V9GS8mBAP09oaKPbogi32t45nUhPXxXWTEub9lfREH301SsPak1EElRZ8yss7Ce1t1eEXufZ%2BT31lTvWdrJwDi7mNCHYUZFtR%2Br6mu2%2BrK%2FWLKCLArMfmYFA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 6ceddc13cd834eaa-FRA
GET H3	200	obp.dff79601.svg terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/	4 KB 2 KB	24ms 24ms	Image image/svg+xml	2606:4700:3032::6815:420a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/obp.dff79601.svg Requested by Host: terugbetal-ingen.com URL: https://terugbetal-ingen.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:420a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0a13f7a510e9cb674c985ada9d5aa5e11b35c907cca576232354f55be52b9e57` Request headers Accept-Language de-DE,de;q=0.9 Referer https://terugbetal-ingen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 07:27:12 GMT content-encoding br cf-cache-status HIT last-modified Mon, 23 Mar 2020 15:28:18 GMT server cloudflare age 1661 etag W/"eae-5a18748d30880" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PqAeuYHJOdIIGSUzsarisNaF%2Bnw8BmmR7Me8m9gPbqPnSnXTiB07kXVgIe2uYHhKr7Z%2BgzbSllvD6JijCCZOxCXBgvBpJiQzI7LVa1Ft%2BQ0hQ8mxpVQ%2FuTJ9O2dPmAjSkln5q0MdQN%2BUCL%2BkjP5Zinn2Fw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ceddc140de64eaa-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	js Show response terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/	116 KB 117 KB	88ms 88ms	Script text/plain	2606:4700:3032::6815:420a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/js Requested by Host: terugbetal-ingen.com URL: https://terugbetal-ingen.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:420a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cffd79ef5ba4424fdd951858e19523ad61fc440df90e251c60f658dd8ecdf418` Request headers Accept-Language de-DE,de;q=0.9 Referer https://terugbetal-ingen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 07:27:12 GMT cf-cache-status DYNAMIC last-modified Mon, 23 Mar 2020 15:28:18 GMT server cloudflare etag "1d067-5a18748d30880" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UqHziDsje5z7bRMgFQEnVXF1opP%2B0SQzKAgE%2F2oDaW5vVQ3ZQAqEzpnWskzUJ0TQr%2BW5IYbmSFEr8jmO65t1gy07%2Fx9lGIEzFoYuEX28dkYAh43JMgqbaWHLbBYeu2KSFgJ1XtnbqI%2FAOYAIbTGXLxfGUg%3D%3D"}],"group":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6ceddc142e364eaa-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 118887
GET H3	404	bancontact.svg terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/	282 B 282 B	28ms 28ms	Image text/html	2606:4700:3032::6815:420a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/bancontact.svg Requested by Host: terugbetal-ingen.com URL: https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/marktplaats.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:420a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6230f85837cedc77626e6b617c96e715989e7795f3ac19c1932722882f641dab` Request headers Accept-Language de-DE,de;q=0.9 Referer https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/marktplaats.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 07:27:12 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 32 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4umG8sWLpaOUrvF78X6%2Bm5tav3jC9GUhgpyjRWm67PQSAnkj0NpdvFHk5Wn8oyf75xumW7NiPo2VadEieg8OMvdFSfY%2Fb0usAR5zwihHNztZmbdRURfotJ%2Bro0JleRVcjvQJ2vxHbix4c%2BFgvDwKn7Ddjw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 6ceddc143e564eaa-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	404	Marktplaats.Sprite.svg terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/	282 B 282 B	27ms 27ms	Image text/html	2606:4700:3032::6815:420a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/Marktplaats.Sprite.svg Requested by Host: terugbetal-ingen.com URL: https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/marktplaats.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:420a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6230f85837cedc77626e6b617c96e715989e7795f3ac19c1932722882f641dab` Request headers Accept-Language de-DE,de;q=0.9 Referer https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/marktplaats.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 07:27:12 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 32 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6MMUkki4wcLmEpYVkrtExcyKM4h9F6wsWIuv7eTbQECvlW4BYh4XTYgP4DBaEd2QdEaeCionISg0OL2JQZU1g5RaebUErAKqnfv1epa4q5zcKxnJ22ACu%2F%2FQ0tHK9Lwh4sHsOrBHA4%2FHATMVZqjNT%2FGYA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 6ceddc143e5b4eaa-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	404	Roboto-Light-webfont.woff2 terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/	0 0	94ms 93ms	Font text/html	2606:4700:3032::6815:420a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/Roboto-Light-webfont.woff2 Requested by Host: terugbetal-ingen.com URL: https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/marktplaats.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:420a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/marktplaats.css Origin https://terugbetal-ingen.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 07:27:12 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3HKdTcIqbeCApO7b6kWXKEN6ms3hDo1UjH3%2B9M%2Bc0df0GIL8NpZTF7FGn%2BZ2Mg%2F%2F4dFp3tfyreg18jlq2wi4i5f2dB3MWeaO1ovT1h%2BUpRQOEezjcfYN%2Fn5wKC0gZHIjMRKeQIgY9jKBtuJzuYGqNIcY8Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 6ceddc143e5c4eaa-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	404	Roboto-Regular-webfont.woff2 terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/	0 0	95ms 95ms	Font text/html	2606:4700:3032::6815:420a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/Roboto-Regular-webfont.woff2 Requested by Host: terugbetal-ingen.com URL: https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/marktplaats.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:420a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/marktplaats.css Origin https://terugbetal-ingen.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 07:27:12 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UWv1dL7IksZBmOK7lXdoGbn8Amsn%2FnOfnomPMiE3vlchMcSyGwYun6eirItEr0xZwWmpsyAgt%2BydycvVJSBSH4t%2BW5icTeHhO3mZy15df6gVbHDUYwWvwLpHPZfJXidj7%2BeggTfTcLa8n2WRZ%2FnxOHqfQw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 6ceddc143e5f4eaa-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	404	Roboto-Light-webfont.woff terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/	0 0	94ms 93ms	Font text/html	2606:4700:3032::6815:420a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/Roboto-Light-webfont.woff Requested by Host: terugbetal-ingen.com URL: https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/marktplaats.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:420a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/marktplaats.css Origin https://terugbetal-ingen.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 07:27:12 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ydSLt0DWsEUSMu%2F%2BM5zloVSJCAJnKTkyPTfr6b0uQzp85zbdmeS3Et1qONIBcj2X%2Fvhk3dqVPLXgdhPD0HJ7BELFby7dZwpKuLfDDFQWFkDUNynDuFzQShl030snMBsLLDiTNz8K%2B%2BnmhpmIbJJSLXX0ZA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 6ceddc14df754eaa-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	404	Roboto-Regular-webfont.woff terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/	0 0	86ms 86ms	Font text/html	2606:4700:3032::6815:420a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/Roboto-Regular-webfont.woff Requested by Host: terugbetal-ingen.com URL: https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/marktplaats.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:420a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/marktplaats.css Origin https://terugbetal-ingen.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 07:27:12 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KEe92HV17qHTRqdJocWaD6c15KGy%2FFy9brAy3pP%2BWdjKB30jACfuMtxJIpZHVEYRl1cOcOiHsnbU6osL66jwq0BqGsy2A0D77UResJiF7Umbrc%2FiCDLp2LpHTOuABfM2fcc%2BnuPO5BMGU%2FcOY8%2BT8QmZLw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 6ceddc14df7b4eaa-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	404	Roboto-Regular-webfont.ttf terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/	0 0	84ms 83ms	Font text/html	2606:4700:3032::6815:420a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/Roboto-Regular-webfont.ttf?v1 Requested by Host: terugbetal-ingen.com URL: https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/marktplaats.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:420a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/marktplaats.css Origin https://terugbetal-ingen.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 07:27:12 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAbrJPoqWSUeOGLXPWsWwBoCKrFTTzMvS1UGAx5Iw0Gl3rzydFnwuAD1z7yBZN6DBzppe1WhU0907zPPm%2Bq%2FpB1wOBKXAJGgjai5w7f0kK595Q8mWf6gDQfm2OaREx54JOC2WDqyNeSJ985309e8KZQYLA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 6ceddc1568954eaa-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	404	Roboto-Light-webfont.ttf terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/	0 0	99ms 99ms	Font text/html	2606:4700:3032::6815:420a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/Roboto-Light-webfont.ttf?v1 Requested by Host: terugbetal-ingen.com URL: https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/marktplaats.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:420a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/marktplaats.css Origin https://terugbetal-ingen.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 07:27:12 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99iePilQ%2BE0HV9k5vWPBOxZxmyz69wepmDvnMDtlok5JEcnWrqXlr%2FgD1W%2Fz44YftzhV3igo3nZwHaowBwSgsbG%2BeXlApcthCB2IRZbvNA0zwffwAK1pjN2nq1vyyBv422y9sHnew3KcN0%2FW%2FoP0gNZ%2BgA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 6ceddc1568a84eaa-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/Marktplaats.Sprite.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/bancontact.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/Roboto-Light-webfont.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/Roboto-Regular-webfont.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/Roboto-Regular-webfont.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/Roboto-Light-webfont.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/Roboto-Regular-webfont.ttf?v1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://terugbetal-ingen.com/FOD%20Financi%C3%ABn_files/Roboto-Light-webfont.ttf?v1 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

terugbetal-ingen.com
2606:4700:3032::6815:420a
0a13f7a510e9cb674c985ada9d5aa5e11b35c907cca576232354f55be52b9e57
398d74f87682fe45a49629d5ff966191f84310ad409efa2ff47a9affc3a5f0bf
4f5fd648840971ad3a8fb32ed104f0f20f2f112af4a5c9133dd248eb07bfc54d
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512
584a2c05476de8bbc369a9094e3a888c305a750bf7f6282358a24419ba3c3eaf
6230f85837cedc77626e6b617c96e715989e7795f3ac19c1932722882f641dab
6b0eedcff94b6a63aa4726b01dd0cd284710ca8b73f35ea018e141f9b778c758
bfe8034d6da06a3fb17b45b8d3813aa8e8e47b3bf650274da27eee2b2a47b0cb
cffd79ef5ba4424fdd951858e19523ad61fc440df90e251c60f658dd8ecdf418
daa392a442e0815ae90396224b9f6b0580cc98bbd3eb6f7c2e1f79a3c8689251

terugbetal-ingen.com Open in urlscan Pro 2606:4700:3032::6815:420a Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

17 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

248 kBTransfer

590 kBSize

0 Cookies

0 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

11 JavaScript Global Variables

0 Cookies

8 Console Messages

Indicators

terugbetal-ingen.com Open in urlscan Pro
2606:4700:3032::6815:420a Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

248 kB
Transfer

590 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!