betalings-regeling.nl Open in urlscan Pro
66.29.132.105 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://betalings-regeling.nl/pakket
Effective URL:
https://betalings-regeling.nl/pakket
Submission: On June 07 via automatic, source openphish (June 7th 2021, 1:18:18 pm UTC)

Summary HTTP 9 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 66.29.132.105, located in United States and belongs to NAMECHEAP-NET, US. The main domain is betalings-regeling.nl.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 6th 2021. Valid for: a year.

This is the only time betalings-regeling.nl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ING Group (Banking)

Domain & IP information

	IP Address		AS Autonomous System
1 10	66.29.132.105 66.29.132.105		22612 (NAMECHEAP...) (NAMECHEAP-NET)
9	1

10 66.29.132.105 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: business145-5.web-hosting.com

betalings-regeling.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	betalings-regeling.nl 1 redirects betalings-regeling.nl	187 KB
9	1

	Domain	Requested by
10	betalings-regeling.nl	1 redirects betalings-regeling.nl
9	1

This site contains links to these domains. Also see Links.

Domain
www.ing.jobs
www.facebook.com
twitter.com
instagram.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
betalings-regeling.nl Sectigo RSA Domain Validation Secure Server CA	`2021-06-06` - `2022-06-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://betalings-regeling.nl/pakket
Frame ID: E82D283A42EB7B4DDC51EF3A85A54B62
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://betalings-regeling.nl/pakket HTTP 301
https://betalings-regeling.nl/pakket Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

187 kB
Transfer

845 kB
Size

1
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ing.jobs/Nederland/Home.htm
Title: Werken bij ING

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ingbankbelgie
Title: ING op Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/ingbelgie
Title: ING op Twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/ingbelgium/
Title: ING op Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/ingbelgium
Title: ING op LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/ingbelgie
Title: ING op Youtube

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://betalings-regeling.nl/pakket HTTP 301
https://betalings-regeling.nl/pakket Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request pakket Show response
betalings-regeling.nl/
Redirect Chain

http://betalings-regeling.nl/pakket
https://betalings-regeling.nl/pakket

23 KB
4 KB

647ms
231ms

Document
text/html

66.29.132.105
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://betalings-regeling.nl/pakket

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.105 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business145-5.web-hosting.com

Software

Apache / PHP/7.2.34

Resource Hash

09e0a7fb66f12d1bce2af6b6e608181e8ecb546d5cdd7338023ef06eb1564c35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: betalings-regeling.nl
:scheme: https
:path: /pakket
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 13:17:59 GMT
server: Apache
x-powered-by: PHP/7.2.34
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=d145c7f1d99475a90e8ad577ec2f2f28; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 4097
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade

Redirect headers

date: Mon, 07 Jun 2021 13:17:58 GMT
server: Apache
location: https://betalings-regeling.nl/pakket
content-length: 244
content-type: text/html; charset=iso-8859-1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade

GET
H2 200 style.css
betalings-regeling.nl/public/verzoek/css/ 628 KB
66 KB 574ms
573ms Stylesheet
text/css 66.29.132.105
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://betalings-regeling.nl/public/verzoek/css/style.css

Requested by

Host: betalings-regeling.nl
URL: https://betalings-regeling.nl/pakket

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.105 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business145-5.web-hosting.com

Software

Apache /

Resource Hash

b214a84085054682e531e5be900d327eae0354355193c6e6581d80c411f9582e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /public/verzoek/css/style.css
pragma: no-cache
cookie: PHPSESSID=d145c7f1d99475a90e8ad577ec2f2f28
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: betalings-regeling.nl
referer: https://betalings-regeling.nl/pakket
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://betalings-regeling.nl/pakket
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 13:17:59 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 06 Jun 2021 02:11:02 GMT
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload;
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 gBetaalverzoek-algemeen.svg
betalings-regeling.nl/public/verzoek/img/ 9 KB
4 KB 572ms
572ms Image
image/svg+xml 66.29.132.105
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://betalings-regeling.nl/public/verzoek/img/gBetaalverzoek-algemeen.svg

Requested by

Host: betalings-regeling.nl
URL: https://betalings-regeling.nl/pakket

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.105 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business145-5.web-hosting.com

Software

Apache /

Resource Hash

25e4e32098c2fda90537b0c5fd524202408ff7654968b8491ce3f6e1a57ba846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /public/verzoek/img/gBetaalverzoek-algemeen.svg
pragma: no-cache
cookie: PHPSESSID=d145c7f1d99475a90e8ad577ec2f2f28
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: betalings-regeling.nl
referer: https://betalings-regeling.nl/pakket
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://betalings-regeling.nl/pakket
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 13:17:59 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 06 Jun 2021 02:11:02 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload;
accept-ranges: bytes
vary: Accept-Encoding
content-length: 4264
x-content-type-options: nosniff

GET
H2 200 ideal.png
betalings-regeling.nl/public/verzoek/img/ 25 KB
26 KB 391ms
391ms Image
image/png 66.29.132.105
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://betalings-regeling.nl/public/verzoek/img/ideal.png

Requested by

Host: betalings-regeling.nl
URL: https://betalings-regeling.nl/pakket

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.105 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business145-5.web-hosting.com

Software

Apache /

Resource Hash

0d446f32e87fa5d7bd7d2e8517a84020fad6a9441fae26b85079e700e30c13db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /public/verzoek/img/ideal.png
pragma: no-cache
cookie: PHPSESSID=d145c7f1d99475a90e8ad577ec2f2f28
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: betalings-regeling.nl
referer: https://betalings-regeling.nl/pakket
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://betalings-regeling.nl/pakket
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 13:17:59 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 06 Jun 2021 02:11:03 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/png
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 26095
x-content-type-options: nosniff

GET
H2 200 INGMeWeb-Bold.woff
betalings-regeling.nl/public/verzoek/font/ 23 KB
4 KB 403ms
403ms Font
text/html 66.29.132.105
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://betalings-regeling.nl/public/verzoek/font/INGMeWeb-Bold.woff

Requested by

Host: betalings-regeling.nl
URL: https://betalings-regeling.nl/public/verzoek/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.105 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business145-5.web-hosting.com

Software

Apache / PHP/7.2.34

Resource Hash

09e0a7fb66f12d1bce2af6b6e608181e8ecb546d5cdd7338023ef06eb1564c35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://betalings-regeling.nl
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=d145c7f1d99475a90e8ad577ec2f2f28
:path: /public/verzoek/font/INGMeWeb-Bold.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: betalings-regeling.nl
referer: https://betalings-regeling.nl/public/verzoek/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://betalings-regeling.nl
Referer: https://betalings-regeling.nl/public/verzoek/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Jun 2021 13:18:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-powered-by: PHP/7.2.34
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload;
vary: Accept-Encoding
content-length: 4097
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 INGMeWeb-Regular.woff
betalings-regeling.nl/public/verzoek/font/ 23 KB
4 KB 405ms
405ms Font
text/html 66.29.132.105
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://betalings-regeling.nl/public/verzoek/font/INGMeWeb-Regular.woff

Requested by

Host: betalings-regeling.nl
URL: https://betalings-regeling.nl/public/verzoek/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.105 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business145-5.web-hosting.com

Software

Apache / PHP/7.2.34

Resource Hash

09e0a7fb66f12d1bce2af6b6e608181e8ecb546d5cdd7338023ef06eb1564c35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://betalings-regeling.nl
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=d145c7f1d99475a90e8ad577ec2f2f28
:path: /public/verzoek/font/INGMeWeb-Regular.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: betalings-regeling.nl
referer: https://betalings-regeling.nl/public/verzoek/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://betalings-regeling.nl
Referer: https://betalings-regeling.nl/public/verzoek/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Jun 2021 13:18:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-powered-by: PHP/7.2.34
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload;
vary: Accept-Encoding
content-length: 4097
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 ing-icons-v4-6.woff
betalings-regeling.nl/public/verzoek/font/ 68 KB
69 KB 226ms
225ms Font
font/woff 66.29.132.105
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://betalings-regeling.nl/public/verzoek/font/ing-icons-v4-6.woff

Requested by

Host: betalings-regeling.nl
URL: https://betalings-regeling.nl/public/verzoek/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.105 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business145-5.web-hosting.com

Software

Apache /

Resource Hash

3b5249aa62da52d9853ebd8a7c8f43ed84b3941f10bd6cd7eff0619889daa2d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://betalings-regeling.nl
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=d145c7f1d99475a90e8ad577ec2f2f28
:path: /public/verzoek/font/ing-icons-v4-6.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: betalings-regeling.nl
referer: https://betalings-regeling.nl/public/verzoek/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://betalings-regeling.nl
Referer: https://betalings-regeling.nl/public/verzoek/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 13:18:00 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 06 Jun 2021 02:11:01 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: font/woff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 69844
x-content-type-options: nosniff

GET
H2 200 INGMeWeb-Bold.ttf
betalings-regeling.nl/public/verzoek/font/ 23 KB
4 KB 234ms
233ms Font
text/html 66.29.132.105
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://betalings-regeling.nl/public/verzoek/font/INGMeWeb-Bold.ttf

Requested by

Host: betalings-regeling.nl
URL: https://betalings-regeling.nl/public/verzoek/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.105 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business145-5.web-hosting.com

Software

Apache / PHP/7.2.34

Resource Hash

09e0a7fb66f12d1bce2af6b6e608181e8ecb546d5cdd7338023ef06eb1564c35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://betalings-regeling.nl
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=d145c7f1d99475a90e8ad577ec2f2f28
:path: /public/verzoek/font/INGMeWeb-Bold.ttf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: betalings-regeling.nl
referer: https://betalings-regeling.nl/public/verzoek/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://betalings-regeling.nl
Referer: https://betalings-regeling.nl/public/verzoek/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Jun 2021 13:18:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-powered-by: PHP/7.2.34
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload;
vary: Accept-Encoding
content-length: 4097
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 INGMeWeb-Regular.ttf
betalings-regeling.nl/public/verzoek/font/ 23 KB
4 KB 234ms
234ms Font
text/html 66.29.132.105
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://betalings-regeling.nl/public/verzoek/font/INGMeWeb-Regular.ttf

Requested by

Host: betalings-regeling.nl
URL: https://betalings-regeling.nl/public/verzoek/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.105 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business145-5.web-hosting.com

Software

Apache / PHP/7.2.34

Resource Hash

09e0a7fb66f12d1bce2af6b6e608181e8ecb546d5cdd7338023ef06eb1564c35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://betalings-regeling.nl
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=d145c7f1d99475a90e8ad577ec2f2f28
:path: /public/verzoek/font/INGMeWeb-Regular.ttf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: betalings-regeling.nl
referer: https://betalings-regeling.nl/public/verzoek/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://betalings-regeling.nl
Referer: https://betalings-regeling.nl/public/verzoek/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Jun 2021 13:18:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-powered-by: PHP/7.2.34
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload;
vary: Accept-Encoding
content-length: 4097
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ING Group (Banking)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			betalings-regeling.nl/	1969-12-31 23:59:59	Name: PHPSESSID Value: d145c7f1d99475a90e8ad577ec2f2f28

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

betalings-regeling.nl
66.29.132.105
09e0a7fb66f12d1bce2af6b6e608181e8ecb546d5cdd7338023ef06eb1564c35
0d446f32e87fa5d7bd7d2e8517a84020fad6a9441fae26b85079e700e30c13db
25e4e32098c2fda90537b0c5fd524202408ff7654968b8491ce3f6e1a57ba846
3b5249aa62da52d9853ebd8a7c8f43ed84b3941f10bd6cd7eff0619889daa2d2
b214a84085054682e531e5be900d327eae0354355193c6e6581d80c411f9582e

betalings-regeling.nl Open in urlscan Pro 66.29.132.105 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

187 kBTransfer

845 kBSize

1 Cookies

6 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

11 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

betalings-regeling.nl Open in urlscan Pro
66.29.132.105 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

187 kB
Transfer

845 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!