jouactivatie.online Open in urlscan Pro
2606:4700:3036::681f:4aa1 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://jouactivatie.online/triodos/files/botSettings.php
Submission: On March 27 via manual (March 27th 2020, 9:39:32 am UTC) from NL

Summary HTTP 10 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 2606:4700:3036::681f:4aa1, located in United States and belongs to CLOUDFLARENET, US. The main domain is jouactivatie.online.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 24th 2020. Valid for: 7 months.

This is the only time jouactivatie.online was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Triodos Bank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
10	2606:4700:303... 2606:4700:3036::681f:4aa1		13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2

10 2606:4700:3036::681f:4aa1 (United States)

ASN13335 (CLOUDFLARENET, US)

jouactivatie.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	jouactivatie.online jouactivatie.online	199 KB
10	1

	Domain	Requested by
10	jouactivatie.online	jouactivatie.online
10	1

This site contains links to these domains. Also see Links.

Domain
www.triodos.nl
bankieren.triodos.nl

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-24` - `2020-10-09`	7 months	crt.sh

This page contains 1 frames:

Primary Page: https://jouactivatie.online/triodos/files/botSettings.php
Frame ID: AD1798C3490B1720A72595D238A801A5
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

10
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

199 kB
Transfer

755 kB
Size

2
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.triodos.nl/nl/particulieren/service/
Title: Service

Search URL Search Domain Scan URL

URL: https://www.triodos.nl/nl/ib-faq-identifier
Title: veelgestelde vragen

Search URL Search Domain Scan URL

URL: https://bankieren.triodos.nl/ib-seam/pages/help.seam
Title: Help

Search URL Search Domain Scan URL

URL: https://bankieren.triodos.nl/ib-seam/pages/profile/personalsettings.seam
Title: uw persoonlijke gegevens

Search URL Search Domain Scan URL

URL: https://bankieren.triodos.nl/ib-seam/pages/profile/accountsettings.seam
Title: instellingen van uw rekeningen

Search URL Search Domain Scan URL

URL: https://www.triodos.nl/projecten/bret/22482
Title:

Search URL Search Domain Scan URL

URL: https://www.triodos.nl/nl/over-triodos-bank/mijngeldgaatgoed/
Title: Mijn Geld Gaat Goed

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request botSettings.php Show response jouactivatie.online/triodos/files/	17 KB 5 KB	60ms 41ms	Document text/html	2606:4700:3036::681f:4aa1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jouactivatie.online/triodos/files/botSettings.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681f:4aa1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.3 Resource Hash `4f7417c8410417b634876f0e879c4aecc91fab56238156dac153dcc83f718efd` Request headers :method GET :authority jouactivatie.online :scheme https :path /triodos/files/botSettings.php pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest document accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers status 200 date Fri, 27 Mar 2020 09:39:14 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=dfd82857ade616f12ffc370995332ebe41585301954; expires=Sun, 26-Apr-20 09:39:14 GMT; path=/; domain=.jouactivatie.online; HttpOnly; SameSite=Lax; Secure PHPSESSID=dn2vjtvd90r95ddfhfi9p9k6lf; path=/ x-powered-by PHP/7.4.3 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 57a824a25c6cdff3-FRA content-encoding br
GET H2	200	main.css jouactivatie.online/triodos/files/css/	708 KB 175 KB	74ms 73ms	Stylesheet text/css	2606:4700:3036::681f:4aa1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jouactivatie.online/triodos/files/css/main.css Requested by Host: jouactivatie.online URL: https://jouactivatie.online/triodos/files/botSettings.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681f:4aa1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a06b9c5df4cd15c2410a2a308f9d14e79933ee45e445b7ba0144e6bffeb635bd` Request headers Referer https://jouactivatie.online/triodos/files/botSettings.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Fri, 27 Mar 2020 09:39:15 GMT content-encoding br cf-cache-status MISS last-modified Tue, 10 Mar 2020 06:42:46 GMT server cloudflare etag W/"b1054-5a07a6d6f0580" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=14400 cf-ray 57a824a2ad34dff3-FRA
GET H2	200	responsive.css jouactivatie.online/triodos/files/css/	4 KB 803 B	67ms 66ms	Stylesheet text/css	2606:4700:3036::681f:4aa1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jouactivatie.online/triodos/files/css/responsive.css Requested by Host: jouactivatie.online URL: https://jouactivatie.online/triodos/files/botSettings.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681f:4aa1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `faa430bc620341d7160dc034fe33806f13a47f455fe9ca9d90e90699ee9d8725` Request headers Referer https://jouactivatie.online/triodos/files/botSettings.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Fri, 27 Mar 2020 09:39:15 GMT content-encoding br cf-cache-status MISS last-modified Tue, 10 Mar 2020 09:49:56 GMT server cloudflare etag W/"102d-5a07d0acb3900" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=14400 cf-ray 57a824a2ad38dff3-FRA
GET H2	200	headerLogo_nl.gif.gif jouactivatie.online/triodos/files/img/	2 KB 3 KB	48ms 47ms	Image image/gif	2606:4700:3036::681f:4aa1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://jouactivatie.online/triodos/files/img/headerLogo_nl.gif.gif Requested by Host: jouactivatie.online URL: https://jouactivatie.online/triodos/files/botSettings.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681f:4aa1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f6edbf862904ac1db16a2c5d40d010df44af28331cd92fa4b6d9b7c4f675dd77` Request headers Referer https://jouactivatie.online/triodos/files/botSettings.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 09:39:15 GMT cf-cache-status MISS last-modified Tue, 03 Mar 2020 00:17:36 GMT server cloudflare etag "9bf-59fe83b14c800" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 57a824a2ad3edff3-FRA content-length 2495
GET H2	200	ib-hangslotje.jpg jouactivatie.online/triodos/files/img/	886 B 1 KB	33ms 32ms	Image image/jpeg	2606:4700:3036::681f:4aa1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://jouactivatie.online/triodos/files/img/ib-hangslotje.jpg Requested by Host: jouactivatie.online URL: https://jouactivatie.online/triodos/files/botSettings.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681f:4aa1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6ccd85c8d72fb3c3ce6f77d4b3a5bb12dd627cdeed7577fd74495f1083d9949d` Request headers Referer https://jouactivatie.online/triodos/files/botSettings.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 09:39:15 GMT cf-cache-status MISS last-modified Wed, 04 Mar 2020 02:01:38 GMT server cloudflare etag "376-59ffdccf98480" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 57a824a2ad40dff3-FRA content-length 886
GET H2	200	20171108011133986332000000.jfif jouactivatie.online/triodos/files/img/	12 KB 12 KB	36ms 35ms	Image image/jpeg	2606:4700:3036::681f:4aa1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://jouactivatie.online/triodos/files/img/20171108011133986332000000.jfif Requested by Host: jouactivatie.online URL: https://jouactivatie.online/triodos/files/botSettings.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681f:4aa1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a316167b2c58d136f0b0c2428e62f5fb35b721fe423b03adb36d0e682a9deb7f` Request headers Referer https://jouactivatie.online/triodos/files/botSettings.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 09:39:15 GMT cf-cache-status DYNAMIC last-modified Wed, 04 Mar 2020 02:01:20 GMT server cloudflare etag "2f37-59ffdcbe6dc00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 accept-ranges bytes cf-ray 57a824a2ad44dff3-FRA content-length 12087
GET H2	200	rellax.min.js Show response jouactivatie.online/triodos/files/js/	7 KB 2 KB	79ms 78ms	Script application/javascript	2606:4700:3036::681f:4aa1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jouactivatie.online/triodos/files/js/rellax.min.js Requested by Host: jouactivatie.online URL: https://jouactivatie.online/triodos/files/botSettings.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681f:4aa1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fb17fd6899c7a1c9e6ae282ada120324605202725d179347f8ea1ee49d8f1e22` Request headers Referer https://jouactivatie.online/triodos/files/botSettings.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Fri, 27 Mar 2020 09:39:15 GMT content-encoding br cf-cache-status MISS last-modified Sat, 07 Mar 2020 02:05:38 GMT server cloudflare etag W/"1b78-5a03a34cdc080" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 57a824a2ad43dff3-FRA
GET H2	200	headerBg.png.png jouactivatie.online/triodos/files/img/	189 B 296 B	25ms 25ms	Image image/png	2606:4700:3036::681f:4aa1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://jouactivatie.online/triodos/files/img/headerBg.png.png Requested by Host: jouactivatie.online URL: https://jouactivatie.online/triodos/files/botSettings.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681f:4aa1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `dfffecf68cc1392b85b513ec3e5cb7f8d63c52a887c5c039f228dfd43029e6c2` Request headers Referer https://jouactivatie.online/triodos/files/css/main.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 09:39:15 GMT cf-cache-status MISS last-modified Tue, 03 Mar 2020 00:26:24 GMT server cloudflare etag "bd-59fe85a8d6c00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 57a824a38f89dff3-FRA content-length 189
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `55f24919a1b077e55be32536fdd1139f4a4d6478dc76a052d5b01fdde68a0888` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	836 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `195659ecb08ccc8ee38a9e6ec767387b5eea8f00ee7eac6a39b7ba65ca56ae8e` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H2	200	list-bullet.gif jouactivatie.online/triodos/files/img/	60 B 158 B	16ms 16ms	Image image/gif	2606:4700:3036::681f:4aa1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://jouactivatie.online/triodos/files/img/list-bullet.gif Requested by Host: jouactivatie.online URL: https://jouactivatie.online/triodos/files/botSettings.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681f:4aa1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1d8dc335945815e4848a10a14c9d3cfe15a9a4c3da402f1e48fd3640123e4a69` Request headers Referer https://jouactivatie.online/triodos/files/css/main.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 09:39:15 GMT cf-cache-status MISS last-modified Tue, 03 Mar 2020 00:38:50 GMT server cloudflare etag "3c-59fe887047a80" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 57a824a39f9fdff3-FRA content-length 60
GET H2	200	footerBg.png.png jouactivatie.online/triodos/files/img/	359 B 459 B	25ms 24ms	Image image/png	2606:4700:3036::681f:4aa1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://jouactivatie.online/triodos/files/img/footerBg.png.png Requested by Host: jouactivatie.online URL: https://jouactivatie.online/triodos/files/botSettings.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681f:4aa1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4a9f4ea70b0af24ca1c5d383e2129957cb27da87581a12e6f389257c69f60327` Request headers Referer https://jouactivatie.online/triodos/files/css/main.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 09:39:15 GMT cf-cache-status MISS last-modified Tue, 03 Mar 2020 00:36:36 GMT server cloudflare etag "167-59fe87f07cd00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 57a824a39fa0dff3-FRA content-length 359
GET DATA	200 OK	truncated /	181 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `9b213a2556128f9bc2da8a7d770d766574aff7d7bb0bfdc0b76763875003eb23` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Triodos Bank (Banking)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			jouactivatie.online/	1969-12-31 23:59:59	Name: PHPSESSID Value: dn2vjtvd90r95ddfhfi9p9k6lf
			.jouactivatie.online/	1970-01-19 09:04:53	Name: __cfduid Value: dfd82857ade616f12ffc370995332ebe41585301954

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://jouactivatie.online/triodos/files/js/rellax.min.js(Line 14) Message: Rellax: The elements you're trying to select don't exist.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

jouactivatie.online
2606:4700:3036::681f:4aa1
195659ecb08ccc8ee38a9e6ec767387b5eea8f00ee7eac6a39b7ba65ca56ae8e
1d8dc335945815e4848a10a14c9d3cfe15a9a4c3da402f1e48fd3640123e4a69
4a9f4ea70b0af24ca1c5d383e2129957cb27da87581a12e6f389257c69f60327
4f7417c8410417b634876f0e879c4aecc91fab56238156dac153dcc83f718efd
55f24919a1b077e55be32536fdd1139f4a4d6478dc76a052d5b01fdde68a0888
6ccd85c8d72fb3c3ce6f77d4b3a5bb12dd627cdeed7577fd74495f1083d9949d
9b213a2556128f9bc2da8a7d770d766574aff7d7bb0bfdc0b76763875003eb23
a06b9c5df4cd15c2410a2a308f9d14e79933ee45e445b7ba0144e6bffeb635bd
a316167b2c58d136f0b0c2428e62f5fb35b721fe423b03adb36d0e682a9deb7f
dfffecf68cc1392b85b513ec3e5cb7f8d63c52a887c5c039f228dfd43029e6c2
f6edbf862904ac1db16a2c5d40d010df44af28331cd92fa4b6d9b7c4f675dd77
faa430bc620341d7160dc034fe33806f13a47f455fe9ca9d90e90699ee9d8725
fb17fd6899c7a1c9e6ae282ada120324605202725d179347f8ea1ee49d8f1e22

jouactivatie.online Open in urlscan Pro 2606:4700:3036::681f:4aa1 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

199 kBTransfer

755 kBSize

2 Cookies

7 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

12 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

jouactivatie.online Open in urlscan Pro
2606:4700:3036::681f:4aa1 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

199 kB
Transfer

755 kB
Size

2
Cookies

10 HTTP transactions
3 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!