vertrags-bestatig.online Open in urlscan Pro
2606:4700:3030::6815:4b95 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://post-gruppe.online/
Effective URL:
https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwye...
Submission: On July 09 via api (July 9th 2023, 1:07:20 pm UTC) from US — Scanned from NL

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3030::6815:4b95, located in United States and belongs to CLOUDFLARENET, US. The main domain is vertrags-bestatig.online.
TLS certificate: Issued by GTS CA 1P5 on July 5th 2023. Valid for: 3 months.

This is the only time vertrags-bestatig.online was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Postbank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 20	2606:4700:303... 2606:4700:3030::6815:4b95	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2606:4700:303... 2606:4700:3032::ac43:b1e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	3

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

post-gruppe.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:3030::6815:4b95 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

vertrags-bestatig.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:b1e4 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

vertrags-bestatig.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	vertrags-bestatig.online 6 redirects vertrags-bestatig.online	172 KB
1	post-gruppe.online post-gruppe.online	561 B
20	2

	Domain	Requested by
22	vertrags-bestatig.online	6 redirects vertrags-bestatig.online
1	post-gruppe.online
20	2

This site contains no links.

Subject Issuer	Validity	Valid
post-gruppe.online E1	`2023-07-06` - `2023-10-04`	3 months	crt.sh
vertrags-bestatig.online GTS CA 1P5	`2023-07-05` - `2023-10-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e
Frame ID: 7AF362437FF58622A92FC30CEAF3C2CD
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyuf... HTTP 301
http://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyuf... HTTP 301
https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyuf... HTTP 302
https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyuf... Page URL
https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyuf... HTTP 301
http://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyuf... HTTP 301
https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyuf... HTTP 302
https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyuf... Page URL

Detected technologies

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

85 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

168 kB
Transfer

594 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue HTTP 301
http://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/ HTTP 301
https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/ HTTP 302
https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/white.php?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e Page URL
https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e HTTP 301
http://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e HTTP 301
https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e HTTP 302
https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue HTTP 301
http://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/ HTTP 301
https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/ HTTP 302
https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/white.php?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e

20 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ post-gruppe.online/	0 561 B	668ms 567ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://post-gruppe.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7e40c9e3bac90e33-AMS content-encoding br content-type text/html; charset=UTF-8 date Sun, 09 Jul 2023 13:07:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} refresh 0; URL=https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gR15C7VBlbS4YK%2BdC9VTYvwnTBK%2FsLXrAy2FQrwBMCEIqyQRZJu%2BYG8hgAnD0bsbVY6s1Z8C6nfAFhPayrsut%2FjVIFkO5QDk%2BGEy8Fe%2FopSiwGpmjfPK7FY%2B8LbAD%2FTu0X2OhXkT%2FA1J7y9MFSoPgA%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	white.php Show response vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/ Redirect Chain https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue http://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/ https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/ https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/white.php?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbf...	789 B 952 B	466ms 465ms	Document text/html	2606:4700:3030::6815:4b95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/white.php?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:4b95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `445505f062dc0af1839a8e666288a7b8285f63e10ebea4ca3a3349fb0f5628df` Request headers Referer https://post-gruppe.online/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7e40c9ece9020a59-AMS content-encoding br content-type text/html; charset=UTF-8 date Sun, 09 Jul 2023 13:07:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zWO0B3DequDVkF7eb7fMuqPnhLZVIrBTPNFDOUjRmJrOcj0%2FRDVDYEZVhpCUL9tn9JD7LHetW1%2FIhXDgJHE3KZuHGTuY7uKrKPpgLh%2BUtr7TROwElcrQeq01lcpt0k7RQWpM2NhdIYPmtnj6XqSXcHEfwVwMqIQ%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7e40c9e98c8fb89a-AMS content-type text/html; charset=UTF-8 date Sun, 09 Jul 2023 13:07:14 GMT location white.php?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fatWIDJa7rf5lJ3OzL7rhT7ANyIF9p9NkcQDjmMuyeOdm16n7n5ykT5CdBhcYBa6vxXUYpHSpM%2BwUvurkPZELXBfFgnxKf8Jj8KLJrC93tRD2NsxdbkHDXu1qqLBtf0qu5dW8Oy1QmbTVH9lZMW8aVQ%2BvCJMS3w%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	Primary Request / Show response vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/ Redirect Chain https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0?index=51506&feeder=96fcb... http://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/?index=51506&feeder=96fcb... https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/?index=51506&feeder=96fc... https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feede...	20 KB 6 KB	128ms 127ms	Document text/html	2606:4700:3030::6815:4b95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e Requested by Host: vertrags-bestatig.online URL: https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/white.php?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:4b95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `41029dfb9a1fa200f5e01d0fb2996bae07e300f1e86448fc9ada14689b2fef31` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7e40c9fcd9070a59-AMS content-encoding br content-type text/html; charset=UTF-8 date Sun, 09 Jul 2023 13:07:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VG5lvQ5Fbbs00Ky0alEe%2F5BeZC6EDYSda5Lb%2B%2BdSpFSeQATcF%2FKtYqZQgDA4Ba18%2BcHcjAt1dzsLWRxIRV0SRpzBxfYrbNO4HGwmzaR%2BHUsMzf7RbvVk5ss2VAtV1zgc4CgKoI%2FV9A34nMJJrFtjFDT6dm0PFLs%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7e40c9f7385d0a59-AMS content-type text/html; charset=UTF-8 date Sun, 09 Jul 2023 13:07:16 GMT location login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wN6Aw4cT33ZPKAFptp71kcEBhVgF9pDdiyeHsYPg6KN0E%2BILnmzhsMEAstbdO%2Fk7lnNqDmPXNVZoHtg%2FK0wVGdw56LCGWc2DxApdOQbjieYN68EcCUZgINMAjzmZdG3OTo9H7x%2FdJ9DxolDp2vczWPgZGQOnT%2F0%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	jquery.min.js Show response vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/bower_components/jquery/dist/	85 KB 31 KB	390ms 385ms	Script application/javascript	2606:4700:3030::6815:4b95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/bower_components/jquery/dist/jquery.min.js Requested by Host: vertrags-bestatig.online URL: https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:4b95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de` Request headers accept-language nl-NL,nl;q=0.9 Referer https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sun, 09 Jul 2023 13:07:16 GMT content-encoding br cf-cache-status MISS last-modified Mon, 14 Nov 2022 01:46:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"15283-5ed64673b3800-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bETGwIku%2BLYCc3mAZva9RX1pJ2vlq9G1KuxhTHdHKAu4JCQOX6tUVVYjT3N9NlNOzERTN30wgZSdNlA1vKPCZa6gU1HKdaCeGFsbq0pLHI30gnn1BJDiGRZM%2ByN31jOUH2%2BH4NXvivtjR4pZkZ5jhoeEZ7swQlI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7e40c9fdba9b0a59-AMS alt-svc h3=":443"; ma=86400
GET H3	200	ua-parser.min.js Show response vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/bower_components/ua-parser-js/dist/	17 KB 7 KB	141ms 135ms	Script application/javascript	2606:4700:3030::6815:4b95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/bower_components/ua-parser-js/dist/ua-parser.min.js Requested by Host: vertrags-bestatig.online URL: https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:4b95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896` Request headers accept-language nl-NL,nl;q=0.9 Referer https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sun, 09 Jul 2023 13:07:16 GMT content-encoding br cf-cache-status MISS last-modified Mon, 14 Nov 2022 01:46:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"4298-5ed64673b3800-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fHny6GbosSWO3oUtw8dXHScpjq3VxgIKKD7OIoo7PlDIvO3jLZ7K8Y21lQ6ajnIg267A9VKMA3XFFHu4qZkgXdyhZwONU%2B20It01L4m%2BRhhiUTFDuvsIcOC8VKzCzSDbUf%2FcJSPmNw4FAAbPqCQ2N%2BZgGcKB4pk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7e40c9fdba9f0a59-AMS alt-svc h3=":443"; ma=86400
GET H3	200	font-awesome.min.css vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/bower_components/font-awesome/css/	30 KB 7 KB	170ms 165ms	Stylesheet text/css	2606:4700:3030::6815:4b95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/bower_components/font-awesome/css/font-awesome.min.css Requested by Host: vertrags-bestatig.online URL: https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:4b95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd` Request headers accept-language nl-NL,nl;q=0.9 Referer https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sun, 09 Jul 2023 13:07:16 GMT content-encoding br cf-cache-status MISS last-modified Mon, 14 Nov 2022 01:46:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"7918-5ed64671cb380-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gF1fAZ7%2BEbbLGDhzcmXaMfLKlF1IAQ6FW4LmOwUtUxYjoBNQlnKQ9cub1hVR4PqHt%2FXChFLgopV99HYg068wOxjh3kjnAqIYXIpYac4ceVUZEcOE0AY1WBiMI6vcSXRMdYRl2ZWDv4Lflb9rxk8eHgo447AGN4o%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7e40c9fdbaa20a59-AMS alt-svc h3=":443"; ma=86400
GET H3	200	core_form.js Show response vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/core/form/	16 KB 4 KB	154ms 149ms	Script application/javascript	2606:4700:3030::6815:4b95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/core/form/core_form.js Requested by Host: vertrags-bestatig.online URL: https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:4b95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a3c224ed783e644193338348b27a9dc3a3269349eef351069c74b2650ae78153` Request headers accept-language nl-NL,nl;q=0.9 Referer https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sun, 09 Jul 2023 13:07:16 GMT content-encoding br cf-cache-status MISS last-modified Mon, 14 Nov 2022 01:46:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"3e46-5ed646a17a400-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HB3%2BB%2Bs%2B4dbFTWm90g%2B9jcAUZib6gxz3zyA%2FCnT5FICQWKS%2Bh%2B%2BqTaCqD%2BX5ogVRdy8ODxN4u7a3UW%2BnOILNTwPT9ghuGrDxqoRSVy5%2FpjIyH5%2FSMVK%2F6c7GPTyAASoNQC6rGka6xOL1LilR%2Ftsh558lOo%2BxnV4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7e40c9fdbaa50a59-AMS alt-svc h3=":443"; ma=86400
GET H3	200	core_form.css vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/core/form/	2 KB 816 B	169ms 164ms	Stylesheet text/css	2606:4700:3030::6815:4b95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/core/form/core_form.css Requested by Host: vertrags-bestatig.online URL: https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:4b95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f4d43829a46aca95eff47f13325a06f22c5c8c981cbe102d471508241446c581` Request headers accept-language nl-NL,nl;q=0.9 Referer https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sun, 09 Jul 2023 13:07:16 GMT content-encoding br cf-cache-status MISS last-modified Mon, 14 Nov 2022 01:46:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"639-5ed646a17a400-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m8ZT1Bwj3FHmJh73Xayw8a2cFiLRPTe%2BJXftFcbPChCJzJ2tFrZlfQb79BGl5lIQUuhVFNMeVaMR%2BPAJbznnVI05rdlVX8DMr3zw%2BKf1xdl57Y%2BjH8yWz2x4XGDScS59VRO5laQv7Z6Ds9cg%2FuuvUcxnLHhYf1g%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7e40c9fdbaa70a59-AMS alt-svc h3=":443"; ma=86400
GET H3	200	core_token.js Show response vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/core/token/	15 KB 2 KB	1041ms 1036ms	Script application/javascript	2606:4700:3030::6815:4b95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/core/token/core_token.js Requested by Host: vertrags-bestatig.online URL: https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:4b95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4efe4fc6c120627e57dad671c69e7758b6fdfdba7ad2c4dbe626ad01eadfab9e` Request headers accept-language nl-NL,nl;q=0.9 Referer https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sun, 09 Jul 2023 13:07:17 GMT content-encoding br cf-cache-status MISS last-modified Mon, 14 Nov 2022 01:46:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"3afe-5ed646a17a400-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXbWB4T89eX5%2FY4YrVImGWNFhL%2FkG3RqgFiok3iFghMgnp30xWHEuSf5IzaE1662lzCAj9zycHKOaN2LB%2B4Q3asevWRK1ZVGROP%2FjRjLGeUdWoRXiKbMUGcXfc4zr%2B%2B9bsuGvxNEGXMTqN%2FBHtxnZW55pdPOjGU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7e40c9fdbaa90a59-AMS alt-svc h3=":443"; ma=86400
GET H3	200	angular.min.js Show response vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/bower_components/angular/	165 KB 59 KB	411ms 407ms	Script application/javascript	2606:4700:3030::6815:4b95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/bower_components/angular/angular.min.js Requested by Host: vertrags-bestatig.online URL: https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:4b95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27` Request headers accept-language nl-NL,nl;q=0.9 Referer https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sun, 09 Jul 2023 13:07:16 GMT content-encoding br cf-cache-status MISS last-modified Mon, 14 Nov 2022 01:46:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"2937c-5ed64673b3800-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dVvOFxOpnvGhIyg5xrpPl0GijEFYfOsvxUZqRI8G1dJzjKOUlxzLRJKRpcGHCR3zhfb1qjAQ7J%2BrWS6uL8SuLfuSqDWihmVRPvSy1d48k0NBYA6M5MuvjkdsI31Z%2F0jFDJYLE99h0vKruI9Km7wrXAzj1ymRj0s%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7e40c9fdbaab0a59-AMS alt-svc h3=":443"; ma=86400
GET H3	200	css.css vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/login/form/	1 KB 891 B	2052ms 2049ms	Stylesheet text/css	2606:4700:3030::6815:4b95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/login/form/css.css Requested by Host: vertrags-bestatig.online URL: https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:4b95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0017a0ec297bd5f536253c452efe2c4f687d765f8a896b0ee95a6dfffe0fb99a` Request headers accept-language nl-NL,nl;q=0.9 Referer https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sun, 09 Jul 2023 13:07:18 GMT content-encoding br cf-cache-status MISS last-modified Mon, 14 Nov 2022 01:45:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"472-5ed6466841d00-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bEuoKFmIe%2FoIb5%2FNyIZSCYUVEwBmiI94Vekz0Wfkx1rsGF9hgtibW1EPX%2FWGy%2FtTouj0Xc3YRkQqwX435vgn4N%2FbsvxZyARGou9zmHqOWscJiGYQ8z9oZ0TBYciOxVHnIUz3nj2B75VUttGXhVO539HnIvmeNk4%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7e40c9fdbaaf0a59-AMS alt-svc h3=":443"; ma=86400
GET H3	200	index.css vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/login/	214 KB 25 KB	591ms 588ms	Stylesheet text/css	2606:4700:3030::6815:4b95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/login/index.css Requested by Host: vertrags-bestatig.online URL: https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:4b95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `958bac3fee20e15e22ef42677505deb90d74e7214d66a20a160a03d8c10795ad` Request headers accept-language nl-NL,nl;q=0.9 Referer https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sun, 09 Jul 2023 13:07:16 GMT content-encoding br cf-cache-status MISS last-modified Mon, 14 Nov 2022 01:45:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"3596b-5ed6466659880-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbd3OWCUrgtXZjRMwc6Yr3kM1jRYFpaGUI1wFdM6fnMi3v7666Gz7zR6hrRHRUx5eEzq8O3cOiBhkctGm5uNbzYvXjXBDHLaSlLwVQ2ApFTbjVZVN0Phav51VdwnsB8Wh9VzSG%2B9VVsXEZb%2FB8kiQvpu74xnibg%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7e40c9fdbab10a59-AMS alt-svc h3=":443"; ma=86400
GET H3	200	form.js Show response vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/login/form/	4 KB 1 KB	981ms 980ms	Script application/javascript	2606:4700:3030::6815:4b95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/login/form/form.js?v=64aab104a4d81 Requested by Host: vertrags-bestatig.online URL: https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:4b95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9459cfdaef9d197d1f48a2190e65dff33a3906fc7f98f6c28bcad7478c30ef47` Request headers accept-language nl-NL,nl;q=0.9 Referer https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sun, 09 Jul 2023 13:07:19 GMT content-encoding br cf-cache-status MISS last-modified Mon, 14 Nov 2022 01:45:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"f6b-5ed6466841d00-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2BfT6t7l39JVcvg%2FVWcU9b%2FLtpomUtE7IHbGAXaKzaacEJaJjXKOJacJkbdIIay8%2FpodTO18bzadgoz9eReKA%2BbGQ7aqT4DvL8%2FmW4HOhOKEq9pXC86BOFSbFNKmLnVq98fFZ4DmDJVN%2BkLG4IFQKgtiaJxPP0Y%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7e40ca0aadf50a59-AMS alt-svc h3=":443"; ma=86400
GET H3	200	logo.svg vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/login/	3 KB 2 KB	982ms 981ms	Image image/svg+xml	2606:4700:3030::6815:4b95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/login/logo.svg Requested by Host: vertrags-bestatig.online URL: https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:4b95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `44a485e43d7c032784496d17e884bdc41683d3ad3d9999287fa848a2f698ac20` Request headers accept-language nl-NL,nl;q=0.9 Referer https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sun, 09 Jul 2023 13:07:19 GMT content-encoding br cf-cache-status MISS last-modified Mon, 14 Nov 2022 01:45:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"a9e-5ed6466659880" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQfXlLj5l7jc8GEPa8WV7GiwJrSqCgKw%2B1cTUKAy%2F2gH2iAPS7l76cuht%2F70PSSsLVaQMEe0yK%2FrdqLxqrfAw4D7UkvNpNNQxBqGP519bl23o1qn1%2F1LuIDbMa%2FY1nnysz3qB1xhorn1aA084qordS65mq6t9lI%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 7e40ca0aadf80a59-AMS alt-svc h3=":443"; ma=86400
GET H3	200	logo-claim.svg vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/login/	6 KB 3 KB	983ms 981ms	Image image/svg+xml	2606:4700:3030::6815:4b95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/login/logo-claim.svg Requested by Host: vertrags-bestatig.online URL: https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:4b95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1ad849d8a916dcde00adb1ee3d0f21c7f636a98b7b2c49f57194f245d37b2e91` Request headers accept-language nl-NL,nl;q=0.9 Referer https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sun, 09 Jul 2023 13:07:19 GMT content-encoding br cf-cache-status MISS last-modified Mon, 14 Nov 2022 01:45:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"18ff-5ed6466841d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMYNBVF3gX4Z%2F9TwQpg65SWiGZNFJRE6ntWCoC74oVpu0tO79qm%2FomDKpPB4%2BifLbiXEzK%2B7XOUw2U2goULtPuHJLzTv5G2NNqPA43y3Et2vh33oQokh%2B5%2FI5V9w95Z7iq56UWh5%2F98ZIJDhj2%2Bp7Tei3u5zXOA%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 7e40ca0aadf90a59-AMS alt-svc h3=":443"; ma=86400
GET H3	200	iob5_login_alte_anmeldung.jpg vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/login/	15 KB 16 KB	98ms 97ms	Image image/jpeg	2606:4700:3030::6815:4b95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/login/iob5_login_alte_anmeldung.jpg Requested by Host: vertrags-bestatig.online URL: https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:4b95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `550778f7050b2f39fc38c8e326c78e0a53921774f9f39dd3685f1c73efee2613` Request headers accept-language nl-NL,nl;q=0.9 Referer https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sun, 09 Jul 2023 13:07:18 GMT cf-cache-status MISS last-modified Mon, 14 Nov 2022 01:45:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "3dc0-5ed6466659880" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nxwDYb52SrNkpT5Pgw8syz0YSe3KTrmJN%2Fq8dky6cZ1VxKTebBXTUuREzWPYWto1%2Ful%2Bv5pJNSuTEFFzBt46ur8iZXnOznKE8Abq3m6NA%2BeaJ6LyOSRZsn19dF0fu2I8xX%2BBAGIE8K0zpViWaXUNfvVIMkOXBug%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 7e40ca0aadfb0a59-AMS alt-svc h3=":443"; ma=86400 content-length 15808
GET		iob_5_login_psd2.jpg vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/login/	0 0

GET		iob_5_sicherheitshinweis.jpg vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/login/	0 0

GET		ng.js vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/login/ng/	0 0

GET H3	200	token.js Show response vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/login/token/	1 KB 963 B	983ms 982ms	Script application/javascript	2606:4700:3030::6815:4b95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/login/token/token.js?v=64aab104a4d84 Requested by Host: vertrags-bestatig.online URL: https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:4b95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a14c0795d3c8aa995526096002771398d1c43837b5935beeebcb460e4406296a` Request headers accept-language nl-NL,nl;q=0.9 Referer https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/a1b2c3/655b6ec5a7249eeda46a0fcc286191d0/login/?index=51506&feeder=96fcb55758c00634f745d254fe0f743dbbfcab4e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sun, 09 Jul 2023 13:07:19 GMT content-encoding br cf-cache-status MISS last-modified Mon, 14 Nov 2022 01:45:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"4b8-5ed6466841d00-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uaZzx9279iY2Bh9HQYQAoFCgaiOiUXDV0armHepN1d9LX0WaQw47WdTXHvgyMew16OIDZHai1Lz3NS5e%2FzEPWqoI9WIHYpH4bWA6q9F6vjI8mv%2BUy%2F3v0ZyGnGOU7VEjpOEjOGdI0xHX2QYGwVg9lYlDpDO6zU0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7e40ca0aae020a59-AMS alt-svc h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: vertrags-bestatig.online
URL: https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/login/iob_5_login_psd2.jpg

Domain: vertrags-bestatig.online
URL: https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/login/iob_5_sicherheitshinweis.jpg

Domain: vertrags-bestatig.online
URL: https://vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue/login/ng/ng.js?v=64aab104a4d83

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Postbank (Banking)

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			vertrags-bestatig.online/De/H7782188HJFyusuHFWuer83983281889HWuuw8hdhweweewrwe21ieru88383498!hyfdyyufreyuyu387889!hgyuwyeyue	1969-12-31 23:59:59	Name: real Value: OK
			vertrags-bestatig.online/	1970-01-20 13:51:40	Name: bid Value: 655b6ec5a7249eeda46a0fcc286191d0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

post-gruppe.online
vertrags-bestatig.online
vertrags-bestatig.online
2606:4700:3030::6815:4b95
2606:4700:3032::ac43:b1e4
2a06:98c1:3120::3
0017a0ec297bd5f536253c452efe2c4f687d765f8a896b0ee95a6dfffe0fb99a
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
1ad849d8a916dcde00adb1ee3d0f21c7f636a98b7b2c49f57194f245d37b2e91
35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27
41029dfb9a1fa200f5e01d0fb2996bae07e300f1e86448fc9ada14689b2fef31
445505f062dc0af1839a8e666288a7b8285f63e10ebea4ca3a3349fb0f5628df
44a485e43d7c032784496d17e884bdc41683d3ad3d9999287fa848a2f698ac20
4efe4fc6c120627e57dad671c69e7758b6fdfdba7ad2c4dbe626ad01eadfab9e
550778f7050b2f39fc38c8e326c78e0a53921774f9f39dd3685f1c73efee2613
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
9459cfdaef9d197d1f48a2190e65dff33a3906fc7f98f6c28bcad7478c30ef47
958bac3fee20e15e22ef42677505deb90d74e7214d66a20a160a03d8c10795ad
a14c0795d3c8aa995526096002771398d1c43837b5935beeebcb460e4406296a
a3c224ed783e644193338348b27a9dc3a3269349eef351069c74b2650ae78153
f4d43829a46aca95eff47f13325a06f22c5c8c981cbe102d471508241446c581

vertrags-bestatig.online Open in urlscan Pro 2606:4700:3030::6815:4b95 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

85 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

168 kBTransfer

594 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

37 JavaScript Global Variables

2 Cookies

Indicators

vertrags-bestatig.online Open in urlscan Pro
2606:4700:3030::6815:4b95 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

85 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

168 kB
Transfer

594 kB
Size

2
Cookies

20 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!