bevestiging-gelijkoversteken.info Open in urlscan Pro
195.189.96.36  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request verificatieprocess.html Show response bevestiging-gelijkoversteken.info/home/marktplaats/	14 KB 4 KB	72ms 16ms	Document text/html	195.189.96.36 CHERRYSERVERS2-AS
General Check archive.org Show headers Download Go to Full URL https://bevestiging-gelijkoversteken.info/home/marktplaats/verificatieprocess.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.189.96.36 , Lithuania, ASN59642 (CHERRYSERVERS2-AS, LT), Reverse DNS Software Apache/2.4.18 (Ubuntu) / Resource Hash 535ce630418e3cd91ce6f61c1d6604c9c466da4f2a350c52f3081af1360b5278 Request headers Host bevestiging-gelijkoversteken.info Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 12:27:42 GMT Server Apache/2.4.18 (Ubuntu) Last-Modified Wed, 21 Oct 2020 12:08:29 GMT ETag "38d9-5b22d34a0dd86-gzip" Accept-Ranges bytes Vary Accept-Encoding Content-Encoding gzip Content-Length 3252 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html
GET H/1.1	200 OK	marktplaats.css bevestiging-gelijkoversteken.info/home/content/marktplaats/	103 KB 14 KB	18ms 17ms	Stylesheet text/css	195.189.96.36 CHERRYSERVERS2-AS
General Check archive.org Show headers Download Go to Full URL https://bevestiging-gelijkoversteken.info/home/content/marktplaats/marktplaats.css Requested by Host: bevestiging-gelijkoversteken.info URL: https://bevestiging-gelijkoversteken.info/home/marktplaats/verificatieprocess.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.189.96.36 , Lithuania, ASN59642 (CHERRYSERVERS2-AS, LT), Reverse DNS Software Apache/2.4.18 (Ubuntu) / Resource Hash 677600dcfccdaf9d9e9ef1dd003285f3f20543e97274e1aa3754b7c672d431af Request headers Referer https://bevestiging-gelijkoversteken.info/home/marktplaats/verificatieprocess.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 12:27:42 GMT Content-Encoding gzip Last-Modified Wed, 21 Oct 2020 12:08:30 GMT Server Apache/2.4.18 (Ubuntu) ETag "19ab0-5b22d34ad7054-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 13600
GET H/1.1	200 OK	client.min.css bevestiging-gelijkoversteken.info/home/content/marktplaats/	120 KB 17 KB	38ms 17ms	Stylesheet text/css	195.189.96.36 CHERRYSERVERS2-AS
General Check archive.org Show headers Download Go to Full URL https://bevestiging-gelijkoversteken.info/home/content/marktplaats/client.min.css Requested by Host: bevestiging-gelijkoversteken.info URL: https://bevestiging-gelijkoversteken.info/home/marktplaats/verificatieprocess.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.189.96.36 , Lithuania, ASN59642 (CHERRYSERVERS2-AS, LT), Reverse DNS Software Apache/2.4.18 (Ubuntu) / Resource Hash 6b0eedcff94b6a63aa4726b01dd0cd284710ca8b73f35ea018e141f9b778c758 Request headers Referer https://bevestiging-gelijkoversteken.info/home/marktplaats/verificatieprocess.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 12:27:42 GMT Content-Encoding gzip Last-Modified Wed, 21 Oct 2020 12:08:30 GMT Server Apache/2.4.18 (Ubuntu) ETag "1df98-5b22d34a9c6d0-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 16711
GET		header.html 2dehands-rekeningverificatie.icu/content/marktplaats/	0 0
GET H/1.1	200 OK	normalize.112272e5.css bevestiging-gelijkoversteken.info/home/content/marktplaats/	6 KB 2 KB	44ms 15ms	Stylesheet text/css	195.189.96.36 CHERRYSERVERS2-AS
General Check archive.org Show headers Download Go to Full URL https://bevestiging-gelijkoversteken.info/home/content/marktplaats/normalize.112272e5.css Requested by Host: bevestiging-gelijkoversteken.info URL: https://bevestiging-gelijkoversteken.info/home/marktplaats/verificatieprocess.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.189.96.36 , Lithuania, ASN59642 (CHERRYSERVERS2-AS, LT), Reverse DNS Software Apache/2.4.18 (Ubuntu) / Resource Hash 580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512 Request headers Referer https://bevestiging-gelijkoversteken.info/home/marktplaats/verificatieprocess.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 12:27:42 GMT Content-Encoding gzip Last-Modified Wed, 21 Oct 2020 12:08:30 GMT Server Apache/2.4.18 (Ubuntu) ETag "17fa-5b22d34ae2bd5-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1738
GET		CssVars.e8761656.html 2dehands-rekeningverificatie.icu/content/marktplaats/	0 0
GET H/1.1	200 OK	bancontact.svg bevestiging-gelijkoversteken.info/home/content/marktplaats/	2 KB 2 KB	15ms 15ms	Image image/svg+xml	195.189.96.36 CHERRYSERVERS2-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bevestiging-gelijkoversteken.info/home/content/marktplaats/bancontact.svg Requested by Host: bevestiging-gelijkoversteken.info URL: https://bevestiging-gelijkoversteken.info/home/content/marktplaats/marktplaats.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.189.96.36 , Lithuania, ASN59642 (CHERRYSERVERS2-AS, LT), Reverse DNS Software Apache/2.4.18 (Ubuntu) / Resource Hash 608b733b4f8588a6e2d03a25e85964c3fa03468965ece04e79aafa858d0b5b30 Request headers Referer https://bevestiging-gelijkoversteken.info/home/content/marktplaats/marktplaats.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 12:27:42 GMT Last-Modified Wed, 21 Oct 2020 12:08:30 GMT Server Apache/2.4.18 (Ubuntu) ETag "873-5b22d34a590ab" Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 2163
GET H/1.1	200 OK	Marktplaats.Sprite.svg bevestiging-gelijkoversteken.info/home/content/marktplaats/	218 KB 218 KB	15ms 15ms	Image image/svg+xml	195.189.96.36 CHERRYSERVERS2-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bevestiging-gelijkoversteken.info/home/content/marktplaats/Marktplaats.Sprite.svg Requested by Host: bevestiging-gelijkoversteken.info URL: https://bevestiging-gelijkoversteken.info/home/content/marktplaats/marktplaats.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.189.96.36 , Lithuania, ASN59642 (CHERRYSERVERS2-AS, LT), Reverse DNS Software Apache/2.4.18 (Ubuntu) / Resource Hash 19016e0b1372d08aff16789dcb2c557615bd22fad7c76ffd0a9f9948c8bdc267 Request headers Referer https://bevestiging-gelijkoversteken.info/home/content/marktplaats/marktplaats.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 12:27:42 GMT Last-Modified Wed, 21 Oct 2020 12:08:30 GMT Server Apache/2.4.18 (Ubuntu) ETag "36862-5b22d34acb4d3" Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 223330
GET H/1.1	200 OK	Roboto-Light-webfont.html bevestiging-gelijkoversteken.info/home/content/marktplaats/	178 B 476 B	15ms 15ms	Font text/html	195.189.96.36 CHERRYSERVERS2-AS
General Check archive.org Show headers Download Go to Full URL https://bevestiging-gelijkoversteken.info/home/content/marktplaats/Roboto-Light-webfont.html Requested by Host: bevestiging-gelijkoversteken.info URL: https://bevestiging-gelijkoversteken.info/home/content/marktplaats/marktplaats.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.189.96.36 , Lithuania, ASN59642 (CHERRYSERVERS2-AS, LT), Reverse DNS Software Apache/2.4.18 (Ubuntu) / Resource Hash 887c8ada6058f01125a5131f1c495ba5f0171b2c40466ea824494403b87c1a22 Request headers Origin https://bevestiging-gelijkoversteken.info Referer https://bevestiging-gelijkoversteken.info/home/content/marktplaats/marktplaats.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 12:27:42 GMT Content-Encoding gzip Last-Modified Wed, 21 Oct 2020 12:08:30 GMT Server Apache/2.4.18 (Ubuntu) ETag "b2-5b22d34aef6f6-gzip" Vary Accept-Encoding Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 140
GET H/1.1	200 OK	Roboto-Regular-webfont.html bevestiging-gelijkoversteken.info/home/content/marktplaats/	178 B 475 B	30ms 14ms	Font text/html	195.189.96.36 CHERRYSERVERS2-AS
General Check archive.org Show headers Download Go to Full URL https://bevestiging-gelijkoversteken.info/home/content/marktplaats/Roboto-Regular-webfont.html Requested by Host: bevestiging-gelijkoversteken.info URL: https://bevestiging-gelijkoversteken.info/home/content/marktplaats/marktplaats.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.189.96.36 , Lithuania, ASN59642 (CHERRYSERVERS2-AS, LT), Reverse DNS Software Apache/2.4.18 (Ubuntu) / Resource Hash 887c8ada6058f01125a5131f1c495ba5f0171b2c40466ea824494403b87c1a22 Request headers Origin https://bevestiging-gelijkoversteken.info Referer https://bevestiging-gelijkoversteken.info/home/content/marktplaats/marktplaats.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 12:27:42 GMT Content-Encoding gzip Last-Modified Wed, 21 Oct 2020 12:08:30 GMT Server Apache/2.4.18 (Ubuntu) ETag "b2-5b22d34b242b9-gzip" Vary Accept-Encoding Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 140
GET H/1.1	200 OK	Roboto-Light-webfont-2.html bevestiging-gelijkoversteken.info/home/content/marktplaats/	178 B 475 B	15ms 15ms	Font text/html	195.189.96.36 CHERRYSERVERS2-AS
General Check archive.org Show headers Download Go to Full URL https://bevestiging-gelijkoversteken.info/home/content/marktplaats/Roboto-Light-webfont-2.html Requested by Host: bevestiging-gelijkoversteken.info URL: https://bevestiging-gelijkoversteken.info/home/content/marktplaats/marktplaats.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.189.96.36 , Lithuania, ASN59642 (CHERRYSERVERS2-AS, LT), Reverse DNS Software Apache/2.4.18 (Ubuntu) / Resource Hash 887c8ada6058f01125a5131f1c495ba5f0171b2c40466ea824494403b87c1a22 Request headers Origin https://bevestiging-gelijkoversteken.info Referer https://bevestiging-gelijkoversteken.info/home/content/marktplaats/marktplaats.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 12:27:42 GMT Content-Encoding gzip Last-Modified Wed, 21 Oct 2020 12:08:30 GMT Server Apache/2.4.18 (Ubuntu) ETag "b2-5b22d34ae3b75-gzip" Vary Accept-Encoding Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 140
GET H/1.1	200 OK	Roboto-Regular-webfont-2.html bevestiging-gelijkoversteken.info/home/content/marktplaats/	178 B 475 B	15ms 14ms	Font text/html	195.189.96.36 CHERRYSERVERS2-AS
General Check archive.org Show headers Download Go to Full URL https://bevestiging-gelijkoversteken.info/home/content/marktplaats/Roboto-Regular-webfont-2.html Requested by Host: bevestiging-gelijkoversteken.info URL: https://bevestiging-gelijkoversteken.info/home/content/marktplaats/marktplaats.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.189.96.36 , Lithuania, ASN59642 (CHERRYSERVERS2-AS, LT), Reverse DNS Software Apache/2.4.18 (Ubuntu) / Resource Hash 887c8ada6058f01125a5131f1c495ba5f0171b2c40466ea824494403b87c1a22 Request headers Origin https://bevestiging-gelijkoversteken.info Referer https://bevestiging-gelijkoversteken.info/home/content/marktplaats/marktplaats.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 12:27:42 GMT Content-Encoding gzip Last-Modified Wed, 21 Oct 2020 12:08:30 GMT Server Apache/2.4.18 (Ubuntu) ETag "b2-5b22d34b167f8-gzip" Vary Accept-Encoding Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 140
GET H/1.1	200 OK	Roboto-Light-webfont6654.html bevestiging-gelijkoversteken.info/home/content/marktplaats/	178 B 475 B	15ms 15ms	Font text/html	195.189.96.36 CHERRYSERVERS2-AS
General Check archive.org Show headers Download Go to Full URL https://bevestiging-gelijkoversteken.info/home/content/marktplaats/Roboto-Light-webfont6654.html?v1 Requested by Host: bevestiging-gelijkoversteken.info URL: https://bevestiging-gelijkoversteken.info/home/content/marktplaats/marktplaats.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.189.96.36 , Lithuania, ASN59642 (CHERRYSERVERS2-AS, LT), Reverse DNS Software Apache/2.4.18 (Ubuntu) / Resource Hash 887c8ada6058f01125a5131f1c495ba5f0171b2c40466ea824494403b87c1a22 Request headers Origin https://bevestiging-gelijkoversteken.info Referer https://bevestiging-gelijkoversteken.info/home/content/marktplaats/marktplaats.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 12:27:42 GMT Content-Encoding gzip Last-Modified Wed, 21 Oct 2020 12:08:30 GMT Server Apache/2.4.18 (Ubuntu) ETag "b2-5b22d34afb276-gzip" Vary Accept-Encoding Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 140
GET H/1.1	200 OK	Roboto-Regular-webfont6654.html bevestiging-gelijkoversteken.info/home/content/marktplaats/	178 B 475 B	14ms 14ms	Font text/html	195.189.96.36 CHERRYSERVERS2-AS
General Check archive.org Show headers Download Go to Full URL https://bevestiging-gelijkoversteken.info/home/content/marktplaats/Roboto-Regular-webfont6654.html?v1 Requested by Host: bevestiging-gelijkoversteken.info URL: https://bevestiging-gelijkoversteken.info/home/content/marktplaats/marktplaats.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.189.96.36 , Lithuania, ASN59642 (CHERRYSERVERS2-AS, LT), Reverse DNS Software Apache/2.4.18 (Ubuntu) / Resource Hash 887c8ada6058f01125a5131f1c495ba5f0171b2c40466ea824494403b87c1a22 Request headers Origin https://bevestiging-gelijkoversteken.info Referer https://bevestiging-gelijkoversteken.info/home/content/marktplaats/marktplaats.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 12:27:42 GMT Content-Encoding gzip Last-Modified Wed, 21 Oct 2020 12:08:30 GMT Server Apache/2.4.18 (Ubuntu) ETag "b2-5b22d34b2fe3a-gzip" Vary Accept-Encoding Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 140

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

2dehands-rekeningverificatie.icu

URL

https://2dehands-rekeningverificatie.icu/content/marktplaats/header.html

Domain

2dehands-rekeningverificatie.icu

URL

https://2dehands-rekeningverificatie.icu/content/marktplaats/CssVars.e8761656.html

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| radioselected boolean| tcsaccepted object| selectedbank function| closeselect function| openselect function| radiochange function| changevalues function| gm_authFailure

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2dehands-rekeningverificatie.icu
bevestiging-gelijkoversteken.info
2dehands-rekeningverificatie.icu
195.189.96.36
19016e0b1372d08aff16789dcb2c557615bd22fad7c76ffd0a9f9948c8bdc267
535ce630418e3cd91ce6f61c1d6604c9c466da4f2a350c52f3081af1360b5278
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512
608b733b4f8588a6e2d03a25e85964c3fa03468965ece04e79aafa858d0b5b30
677600dcfccdaf9d9e9ef1dd003285f3f20543e97274e1aa3754b7c672d431af
6b0eedcff94b6a63aa4726b01dd0cd284710ca8b73f35ea018e141f9b778c758
887c8ada6058f01125a5131f1c495ba5f0171b2c40466ea824494403b87c1a22