urlscan.io logo urlscan.io
SecurityTrails logo

online-teruggave.gq Open in urlscan Pro
31.210.20.180  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://unrl.ir/K8wFH
Effective URL: https://online-teruggave.gq/berichtenbox.php?trxid=607d258769b88
Submission: On September 07 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 13 HTTP transactions. The main IP is 31.210.20.180, located in Gambrills, United States and belongs to AS_DELIS, US. The main domain is online-teruggave.gq.
TLS certificate: Issued by R3 on September 7th 2021. Valid for: 3 months.
This is the only time online-teruggave.gq was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NL Government (Government)

Domain & IP information

IP Address AS Autonomous System
1 1 5.182.44.159 61173 (GWSN-AS)
4 31.210.20.180 211252 (AS_DELIS)
6 2a04:9a00:101... 62003 (LOGIUS)
1 2a04:9a00:101... 62003 (LOGIUS)
13 4
Apex Domain
Subdomains		 Transfer
6 digid.nl
digid.nl
154 KB
4 online-teruggave.gq
online-teruggave.gq
3 KB
1 overheid.nl
static.mijn.overheid.nl
11 KB
1 unrl.ir
unrl.ir
468 B
13 4
Domain Requested by
6 digid.nl online-teruggave.gq
digid.nl
4 online-teruggave.gq online-teruggave.gq
1 static.mijn.overheid.nl online-teruggave.gq
1 unrl.ir 1 redirects
13 4

This site contains links to these domains. Also see Links.

Domain
www.digid.nl
Subject Issuer Validity Valid
online-teruggave.gq
R3		 2021-09-07 -
2021-12-06		 3 months crt.sh
digid.nl
QuoVadis PKIoverheid Server CA 2020		 2021-06-10 -
2022-06-10		 a year crt.sh
static.mijn.overheid.nl
KPN PKIoverheid Server CA 2020		 2021-01-25 -
2022-01-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://online-teruggave.gq/berichtenbox.php?trxid=607d258769b88
Frame ID: D110AB96D35EC94F61D260E88AD63525
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MijnOverheid Berichtenbox | Teruggave

Page URL History Show full URLs

  1. https://unrl.ir/K8wFH HTTP 301
    https://online-teruggave.gq/berichtenbox.php?trxid=607d258769b88 Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

13
Requests

85 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

168 kB
Transfer

418 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://unrl.ir/K8wFH HTTP 301
    https://online-teruggave.gq/berichtenbox.php?trxid=607d258769b88 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request berichtenbox.php
online-teruggave.gq/
Redirect Chain
  • https://unrl.ir/K8wFH
  • https://online-teruggave.gq/berichtenbox.php?trxid=607d258769b88
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://online-teruggave.gq/berichtenbox.php?trxid=607d258769b88
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.210.20.180 Gambrills, United States, ASN211252 (AS_DELIS, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
06cc6a5f8ef95e8c77f7238721c770e2eed011ee3f0220977249391765e555e1

Request headers

Host
online-teruggave.gq
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 07 Sep 2021 16:33:00 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2576
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

x-powered-by
PHP/7.4.23
set-cookie
PHPSESSID=eae51a6a733e12f13e1bb1f365bd2980; path=/; secure short_K8wFH=1; expires=Tue, 07-Sep-2021 17:02:58 GMT; Max-Age=1800; path=/; HttpOnly; secure
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
location
https://online-teruggave.gq/berichtenbox.php?trxid=607d258769b88
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
content-encoding
gzip
date
Tue, 07 Sep 2021 16:32:58 GMT
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
application-7dd5cb8de77f6c5483371b30bc01f401725a22f7335c00441a492547628e9f0e.css
digid.nl/assets/ 		67 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://digid.nl/assets/application-7dd5cb8de77f6c5483371b30bc01f401725a22f7335c00441a492547628e9f0e.css
Requested by
Host: online-teruggave.gq
URL: https://online-teruggave.gq/berichtenbox.php?trxid=607d258769b88
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a04:9a00:1010:1900::a , Netherlands, ASN62003 (LOGIUS, NL),
Reverse DNS
Software
/
Resource Hash
7dd5cb8de77f6c5483371b30bc01f401725a22f7335c00441a492547628e9f0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://online-teruggave.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Encoding
gzip
Last-Modified
Tue, 03 Dec 2019 11:35:04 GMT
Age
81706
Date
Tue, 07 Sep 2021 16:33:00 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
15046
Expires
Tue, 07 Sep 2021 17:33:00 GMT
piwik-88b8824a5f55a9bb5be3b1e48b0fe9e314196870c10116491a478817ac781065.js
online-teruggave.gq/assets/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://online-teruggave.gq/assets/piwik-88b8824a5f55a9bb5be3b1e48b0fe9e314196870c10116491a478817ac781065.js
Requested by
Host: online-teruggave.gq
URL: https://online-teruggave.gq/berichtenbox.php?trxid=607d258769b88
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.210.20.180 Gambrills, United States, ASN211252 (AS_DELIS, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
online-teruggave.gq
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://online-teruggave.gq/berichtenbox.php?trxid=607d258769b88
Connection
keep-alive
Referer
https://online-teruggave.gq/berichtenbox.php?trxid=607d258769b88
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 07 Sep 2021 16:33:00 GMT
Server
Apache/2.4.18 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
282
Content-Type
text/html; charset=iso-8859-1
piwik-88b8824a5f55a9bb5be3b1e48b0fe9e314196870c10116491a478817ac781065.js
digid.nl/assets/ 		55 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://digid.nl/assets/piwik-88b8824a5f55a9bb5be3b1e48b0fe9e314196870c10116491a478817ac781065.js
Requested by
Host: online-teruggave.gq
URL: https://online-teruggave.gq/berichtenbox.php?trxid=607d258769b88
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a04:9a00:1010:1900::a , Netherlands, ASN62003 (LOGIUS, NL),
Reverse DNS
Software
/
Resource Hash
88b8824a5f55a9bb5be3b1e48b0fe9e314196870c10116491a478817ac781065
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://online-teruggave.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Encoding
gzip
Last-Modified
Tue, 03 Sep 2019 09:05:16 GMT
Age
2526
Date
Tue, 07 Sep 2021 16:33:00 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
21981
Expires
Tue, 07 Sep 2021 17:33:00 GMT
constants_nl-7fd3f4291ae652e54567a77f6001b7eed0cee0494fb1f77d362d38bf097cfa11.js
online-teruggave.gq/assets/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://online-teruggave.gq/assets/constants_nl-7fd3f4291ae652e54567a77f6001b7eed0cee0494fb1f77d362d38bf097cfa11.js
Requested by
Host: online-teruggave.gq
URL: https://online-teruggave.gq/berichtenbox.php?trxid=607d258769b88
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.210.20.180 Gambrills, United States, ASN211252 (AS_DELIS, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
online-teruggave.gq
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://online-teruggave.gq/berichtenbox.php?trxid=607d258769b88
Connection
keep-alive
Referer
https://online-teruggave.gq/berichtenbox.php?trxid=607d258769b88
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 07 Sep 2021 16:33:00 GMT
Server
Apache/2.4.18 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
282
Content-Type
text/html; charset=iso-8859-1
application-2bf67cd1a8c2c1febbee201adac040faf651fbdc586bcb7e2f7c2f233f5ec167.js
digid.nl/assets/ 		251 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://digid.nl/assets/application-2bf67cd1a8c2c1febbee201adac040faf651fbdc586bcb7e2f7c2f233f5ec167.js
Requested by
Host: online-teruggave.gq
URL: https://online-teruggave.gq/berichtenbox.php?trxid=607d258769b88
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a04:9a00:1010:1900::a , Netherlands, ASN62003 (LOGIUS, NL),
Reverse DNS
Software
/
Resource Hash
2bf67cd1a8c2c1febbee201adac040faf651fbdc586bcb7e2f7c2f233f5ec167
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://online-teruggave.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Encoding
gzip
Last-Modified
Tue, 03 Dec 2019 11:35:04 GMT
Age
81706
Date
Tue, 07 Sep 2021 16:33:00 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
89525
Expires
Tue, 07 Sep 2021 17:33:00 GMT
RO_DigiD_Logo_Homepage-345fece8164e7c89abdcac29f20c438ca6b74414af1373642da630abd862da97.svg
digid.nl/assets/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digid.nl/assets/RO_DigiD_Logo_Homepage-345fece8164e7c89abdcac29f20c438ca6b74414af1373642da630abd862da97.svg
Requested by
Host: online-teruggave.gq
URL: https://online-teruggave.gq/berichtenbox.php?trxid=607d258769b88
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a04:9a00:1010:1900::a , Netherlands, ASN62003 (LOGIUS, NL),
Reverse DNS
Software
/
Resource Hash
345fece8164e7c89abdcac29f20c438ca6b74414af1373642da630abd862da97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://online-teruggave.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 09 May 2019 08:17:15 GMT
Age
2529
Date
Tue, 07 Sep 2021 16:33:00 GMT
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
21493
Expires
Wed, 07 Sep 2022 15:50:51 GMT
berichtenbox-app-icon.png
static.mijn.overheid.nl/v1605704404246/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mijn.overheid.nl/v1605704404246/images/berichtenbox-app-icon.png
Requested by
Host: online-teruggave.gq
URL: https://online-teruggave.gq/berichtenbox.php?trxid=607d258769b88
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a04:9a00:1010:2700::101 , Netherlands, ASN62003 (LOGIUS, NL),
Reverse DNS
Software
nginx /
Resource Hash
688824cd24e3372ff1096d4381b677d08ccae1361b2379e320c0625da6396269
Security Headers
Name Value
Content-Security-Policy report-uri https://mijn.overheid.nl/csp/report; default-src 'none'; script-src 'none'; base-uri 'none'; connect-src 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; media-src 'none'; object-src 'none'; sandbox; reflected-xss block;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://online-teruggave.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 07 Sep 2021 16:33:00 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Origin
Content-Length
10484
X-XSS-Protection
1; mode=block
Pragma
public
Referrer-Policy
no-referrer
Last-Modified
Mon, 16 Aug 2021 12:17:53 GMT
Server
nginx
X-Frame-Options
DENY
ETag
"611a5771-28f4"
Strict-Transport-Security
max-age=31536000; includeSubdomains
Content-Type
image/png
Access-Control-Allow-Origin
https://mijn.overheid.nl
Cache-Control
public, max-age=315360000
Content-Security-Policy
report-uri https://mijn.overheid.nl/csp/report; default-src 'none'; script-src 'none'; base-uri 'none'; connect-src 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; media-src 'none'; object-src 'none'; sandbox; reflected-xss block;
Accept-Ranges
bytes
Expires
Thu, 31 Dec 2037 23:55:55 GMT
info-b2f7f0f4cba483d416e7dfa44d4dd8b9c3c610953c0f4a5f70a2d6d2f34769fa.svg
digid.nl/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digid.nl/assets/info-b2f7f0f4cba483d416e7dfa44d4dd8b9c3c610953c0f4a5f70a2d6d2f34769fa.svg
Requested by
Host: digid.nl
URL: https://digid.nl/assets/application-7dd5cb8de77f6c5483371b30bc01f401725a22f7335c00441a492547628e9f0e.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a04:9a00:1010:1900::a , Netherlands, ASN62003 (LOGIUS, NL),
Reverse DNS
Software
/
Resource Hash
b2f7f0f4cba483d416e7dfa44d4dd8b9c3c610953c0f4a5f70a2d6d2f34769fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://digid.nl/assets/application-7dd5cb8de77f6c5483371b30bc01f401725a22f7335c00441a492547628e9f0e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 09 May 2019 08:17:15 GMT
Age
72089
Date
Tue, 07 Sep 2021 16:33:00 GMT
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2843
Expires
Tue, 06 Sep 2022 20:31:31 GMT
app-6ff8ab98a6bd136e396d2dd79e22b9171438438070787e355db6974bcbc53085.svg
digid.nl/assets/tiles/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digid.nl/assets/tiles/app-6ff8ab98a6bd136e396d2dd79e22b9171438438070787e355db6974bcbc53085.svg
Requested by
Host: digid.nl
URL: https://digid.nl/assets/application-7dd5cb8de77f6c5483371b30bc01f401725a22f7335c00441a492547628e9f0e.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a04:9a00:1010:1900::a , Netherlands, ASN62003 (LOGIUS, NL),
Reverse DNS
Software
/
Resource Hash
6ff8ab98a6bd136e396d2dd79e22b9171438438070787e355db6974bcbc53085
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://digid.nl/assets/application-7dd5cb8de77f6c5483371b30bc01f401725a22f7335c00441a492547628e9f0e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Tue, 03 Sep 2019 09:05:16 GMT
Age
2528
Date
Tue, 07 Sep 2021 16:33:00 GMT
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4615
Expires
Wed, 07 Sep 2022 15:50:52 GMT
ROsanswebtextregular-54039c085acfdaf5124e55514d4153752a8526dc55b1d76c3bc731bfa4c3863a.woff
digid.nl/assets/ 		0
0
ROsanswebtextbold-27c094142b294677babfd410f01ab0ef6450c30f0ced804477f1b98adfc3a591.woff
digid.nl/assets/ 		0
0
piwik-88b8824a5f55a9bb5be3b1e48b0fe9e314196870c10116491a478817ac781065.js
online-teruggave.gq/assets/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://online-teruggave.gq/assets/piwik-88b8824a5f55a9bb5be3b1e48b0fe9e314196870c10116491a478817ac781065.js
Requested by
Host: online-teruggave.gq
URL: https://online-teruggave.gq/berichtenbox.php?trxid=607d258769b88
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.210.20.180 Gambrills, United States, ASN211252 (AS_DELIS, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
online-teruggave.gq
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://online-teruggave.gq/berichtenbox.php?trxid=607d258769b88
Connection
keep-alive
Referer
https://online-teruggave.gq/berichtenbox.php?trxid=607d258769b88
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 07 Sep 2021 16:33:00 GMT
Server
Apache/2.4.18 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
282
Content-Type
text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
digid.nl
URL
https://digid.nl/assets/ROsanswebtextregular-54039c085acfdaf5124e55514d4153752a8526dc55b1d76c3bc731bfa4c3863a.woff
Domain
digid.nl
URL
https://digid.nl/assets/ROsanswebtextbold-27c094142b294677babfd410f01ab0ef6450c30f0ced804477f1b98adfc3a591.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NL Government (Government)

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| JSON_PIWIK object| _paq object| Piwik object| AnalyticsTracker function| piwik_log function| QRCode function| $ function| jQuery object| keyboardeventKeyPolyfill object| constants object| TimeoutDialog object| PasswordCheck object| Validator function| InfoBox object| InfoBoxes object| CapsLock object| SpokenSms object| CodeFields object| ShowPasswordFields object| Handlers function| message_dialog object| PhoneNumberDialog object| RememberLocale function| stopPolling function| doPoll

0 Cookies

4 Console Messages

Source Level URL
Text
console-api error URL: https://digid.nl/assets/piwik-88b8824a5f55a9bb5be3b1e48b0fe9e314196870c10116491a478817ac781065.js(Line 18)
Message:
_paq.push() was used but Piwik tracker was not initialized before the piwik.js file was loaded. Make sure to configure the tracker via _paq.push before loading piwik.js. Alternatively, you can create a tracker via Piwik.addTracker() manually and then use _paq.push but it may not fully work as tracker methods may not be executed in the correct order. trackPageView
console-api error URL: https://digid.nl/assets/piwik-88b8824a5f55a9bb5be3b1e48b0fe9e314196870c10116491a478817ac781065.js(Line 18)
Message:
_paq.push() was used but Piwik tracker was not initialized before the piwik.js file was loaded. Make sure to configure the tracker via _paq.push before loading piwik.js. Alternatively, you can create a tracker via Piwik.addTracker() manually and then use _paq.push but it may not fully work as tracker methods may not be executed in the correct order. enableLinkTracking
console-api error URL: https://digid.nl/assets/piwik-88b8824a5f55a9bb5be3b1e48b0fe9e314196870c10116491a478817ac781065.js(Line 18)
Message:
_paq.push() was used but Piwik tracker was not initialized before the piwik.js file was loaded. Make sure to configure the tracker via _paq.push before loading piwik.js. Alternatively, you can create a tracker via Piwik.addTracker() manually and then use _paq.push but it may not fully work as tracker methods may not be executed in the correct order. setTrackerUrl,//statistiek.mijn.overheid.nl/piwik.php
console-api error URL: https://digid.nl/assets/piwik-88b8824a5f55a9bb5be3b1e48b0fe9e314196870c10116491a478817ac781065.js(Line 18)
Message:
_paq.push() was used but Piwik tracker was not initialized before the piwik.js file was loaded. Make sure to configure the tracker via _paq.push before loading piwik.js. Alternatively, you can create a tracker via Piwik.addTracker() manually and then use _paq.push but it may not fully work as tracker methods may not be executed in the correct order. setSiteId,17