rabobankpensioeninventarisatie.nl Open in urlscan Pro
62.112.239.20 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.rabobankpensioeninventarisatie.nl/
Effective URL:
https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html
Submission: On February 14 via automatic, source certstream-suspicious (February 14th 2020, 11:01:04 pm UTC)

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 19 HTTP transactions. The main IP is 62.112.239.20, located in Netherlands and belongs to SOLVINITY-, NL. The main domain is rabobankpensioeninventarisatie.nl.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on February 16th 2018. Valid for: 2 years.

This is the only time rabobankpensioeninventarisatie.nl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Rabobank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
2 20	62.112.239.20 62.112.239.20		29311 (SOLVINITY-) (SOLVINITY-)
19	2

20 62.112.239.20 (Netherlands) 2 redirects

ASN29311 (SOLVINITY-, NL)
PTR: 62-112-239-20.solvinity.net

www.rabobankpensioeninventarisatie.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rabobankpensioeninventarisatie.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	rabobankpensioeninventarisatie.nl 2 redirects www.rabobankpensioeninventarisatie.nl rabobankpensioeninventarisatie.nl	893 KB
0	rabobank.nl Failed statistiek.rabobank.nl Failed
19	2

	Domain	Requested by
18	rabobankpensioeninventarisatie.nl	rabobankpensioeninventarisatie.nl
2	www.rabobankpensioeninventarisatie.nl	2 redirects
0	statistiek.rabobank.nl Failed	rabobankpensioeninventarisatie.nl
19	3

This site contains no links.

Subject Issuer	Validity	Valid
www.rabobankpensioeninventarisatie.nl DigiCert SHA2 High Assurance Server CA	`2018-02-16` - `2020-02-21`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html
Frame ID: 9CBDEC07252B930E81A4072B18955DD8
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.rabobankpensioeninventarisatie.nl/ HTTP 302
https://www.rabobankpensioeninventarisatie.nl/landingspagina/ HTTP 302
https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

19
Requests

95 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

892 kB
Transfer

887 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.rabobankpensioeninventarisatie.nl/ HTTP 302
https://www.rabobankpensioeninventarisatie.nl/landingspagina/ HTTP 302
https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html Show response
rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/
Redirect Chain

https://www.rabobankpensioeninventarisatie.nl/
https://www.rabobankpensioeninventarisatie.nl/landingspagina/
https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html

14 KB
14 KB

145ms
44ms

Document
text/html

62.112.239.20
SOLVINITY-

General

Check archive.org

Show headers Download Go to

Full URL

https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.112.239.20 , Netherlands, ASN29311 (SOLVINITY-, NL),

Reverse DNS

62-112-239-20.solvinity.net

Software

Apache /

Resource Hash

6cd4c9dd05c06e6d74ee27f90b501a07e3947e2e202c714db4fd924c5cf1f4a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Host: rabobankpensioeninventarisatie.nl
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Date: Fri, 14 Feb 2020 23:00:41 GMT
Server: Apache
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: esrabolandingspagina=19c8rasqq8pduqmbu4efgg4e77nsk71a94je62va1p2a4urn0hres77bkt3lqfj5ofafc4juvloom5flgjp7vvhudobqmlm6bvtedl1; path=/; secure; HttpOnly
Strict-Transport-Security: max-age=31536000
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

Redirect headers

Date: Fri, 14 Feb 2020 23:00:41 GMT
Server: Apache
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: esrabolandingspagina=j4hhpto8qe299li6aepegmp23r3mrfl304otia2r3nfjafqq25fc792jabqb19vj1140bfl05i61tv3eqq8ngp5sh2096ae9iapgib1; path=/; secure; HttpOnly
Location: https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html
Strict-Transport-Security: max-age=31536000
Keep-Alive: timeout=5, max=499
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK bootstrap.min.css
rabobankpensioeninventarisatie.nl/media/inv/css/ 120 KB
120 KB 28ms
27ms Stylesheet
text/css 62.112.239.20
SOLVINITY-

General

Check archive.org

Show headers Download Go to

Full URL

https://rabobankpensioeninventarisatie.nl/media/inv/css/bootstrap.min.css

Requested by

Host: rabobankpensioeninventarisatie.nl
URL: https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.112.239.20 , Netherlands, ASN29311 (SOLVINITY-, NL),

Reverse DNS

62-112-239-20.solvinity.net

Software

Apache /

Resource Hash

31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 14 Feb 2020 23:00:41 GMT
Last-Modified: Wed, 17 Oct 2018 08:08:06 GMT
Server: Apache
ETag: "1deac-578682b8ac580"
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=499
Content-Length: 122540

GET
H/1.1 404
Not Found bootstrap.modal.css
rabobankpensioeninventarisatie.nl/media/inv/css/ 0
0 88ms
32ms Stylesheet
text/html 62.112.239.20
SOLVINITY-

General

Check archive.org

Show headers Download Go to

Full URL: https://rabobankpensioeninventarisatie.nl/media/inv/css/bootstrap.modal.css
Requested by: Host: rabobankpensioeninventarisatie.nl
URL: https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.112.239.20 , Netherlands, ASN29311 (SOLVINITY-, NL),
Reverse DNS: 62-112-239-20.solvinity.net
Software: Apache /
Resource Hash

Request headers

Referer: https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 14 Feb 2020 23:00:41 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=500
Content-Length: 231
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK senses-icons.css
rabobankpensioeninventarisatie.nl/media/inv/css/ 14 KB
14 KB 93ms
27ms Stylesheet
text/css 62.112.239.20
SOLVINITY-

General

Check archive.org

Show headers Download Go to

Full URL

https://rabobankpensioeninventarisatie.nl/media/inv/css/senses-icons.css

Requested by

Host: rabobankpensioeninventarisatie.nl
URL: https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.112.239.20 , Netherlands, ASN29311 (SOLVINITY-, NL),

Reverse DNS

62-112-239-20.solvinity.net

Software

Apache /

Resource Hash

f13dbeb80e66e6ed2ffd575a9675935572f8412aac748938dfb957608505c07f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 14 Feb 2020 23:00:41 GMT
Last-Modified: Wed, 17 Oct 2018 08:08:05 GMT
Server: Apache
ETag: "36ba-578682b7b8340"
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=498
Content-Length: 14010

GET
H/1.1 200
OK style.css
rabobankpensioeninventarisatie.nl/media/inv/css/ 30 KB
30 KB 119ms
30ms Stylesheet
text/css 62.112.239.20
SOLVINITY-

General

Check archive.org

Show headers Download Go to

Full URL

https://rabobankpensioeninventarisatie.nl/media/inv/css/style.css

Requested by

Host: rabobankpensioeninventarisatie.nl
URL: https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.112.239.20 , Netherlands, ASN29311 (SOLVINITY-, NL),

Reverse DNS

62-112-239-20.solvinity.net

Software

Apache /

Resource Hash

44e61731e865c319a517f14041ecf05ef69ca5d6464f2b0f6e786da5f0f2f254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 14 Feb 2020 23:00:41 GMT
Last-Modified: Wed, 17 Oct 2018 08:08:07 GMT
Server: Apache
ETag: "76a5-578682b9a07c0"
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=499
Content-Length: 30373

GET
H/1.1 200
OK logo.png
rabobankpensioeninventarisatie.nl/media/inv/images/ 16 KB
16 KB 166ms
29ms Image
image/png 62.112.239.20
SOLVINITY-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rabobankpensioeninventarisatie.nl/media/inv/images/logo.png

Requested by

Host: rabobankpensioeninventarisatie.nl
URL: https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.112.239.20 , Netherlands, ASN29311 (SOLVINITY-, NL),

Reverse DNS

62-112-239-20.solvinity.net

Software

Apache /

Resource Hash

03caeff0f4235241611956eeb18dcbfabb8b67083208f00a0b0f92fbff9b28bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 14 Feb 2020 23:00:41 GMT
Last-Modified: Wed, 17 Oct 2018 08:08:09 GMT
Server: Apache
ETag: "3f53-578682bb88c40"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=498
Content-Length: 16211

GET
H/1.1 200
OK banner2.jpg
rabobankpensioeninventarisatie.nl/media/inv/images/ 321 KB
322 KB 271ms
26ms Image
image/jpeg 62.112.239.20
SOLVINITY-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rabobankpensioeninventarisatie.nl/media/inv/images/banner2.jpg

Requested by

Host: rabobankpensioeninventarisatie.nl
URL: https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.112.239.20 , Netherlands, ASN29311 (SOLVINITY-, NL),

Reverse DNS

62-112-239-20.solvinity.net

Software

Apache /

Resource Hash

34b9e60a637ee73fef46018cad4c6a7fff51f842568be7e9afc904461a27e96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 14 Feb 2020 23:00:41 GMT
Last-Modified: Wed, 17 Oct 2018 08:08:08 GMT
Server: Apache
ETag: "5057c-578682ba94a00"
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=492
Content-Length: 329084

GET
H/1.1 200
OK Rabobank-icoon-desktop-bold-64x64-RGB_29689794.svg
rabobankpensioeninventarisatie.nl/media/inv/images/ 2 KB
2 KB 232ms
29ms Image
image/svg+xml 62.112.239.20
SOLVINITY-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rabobankpensioeninventarisatie.nl/media/inv/images/Rabobank-icoon-desktop-bold-64x64-RGB_29689794.svg

Requested by

Host: rabobankpensioeninventarisatie.nl
URL: https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.112.239.20 , Netherlands, ASN29311 (SOLVINITY-, NL),

Reverse DNS

62-112-239-20.solvinity.net

Software

Apache /

Resource Hash

8c90a934780db763e137f717e083537756b22ba0e99f9d8055477c7d99413466

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 14 Feb 2020 23:00:41 GMT
Last-Modified: Wed, 17 Oct 2018 08:08:10 GMT
Server: Apache
ETag: "61f-578682bc7ce80"
Strict-Transport-Security: max-age=31536000
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=494
Content-Length: 1567

GET
H/1.1 200
OK Rabobank-icoon-desktop-bold-64x64-RGB_29689505.png
rabobankpensioeninventarisatie.nl/media/inv/images/ 526 B
840 B 192ms
26ms Image
image/png 62.112.239.20
SOLVINITY-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rabobankpensioeninventarisatie.nl/media/inv/images/Rabobank-icoon-desktop-bold-64x64-RGB_29689505.png

Requested by

Host: rabobankpensioeninventarisatie.nl
URL: https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.112.239.20 , Netherlands, ASN29311 (SOLVINITY-, NL),

Reverse DNS

62-112-239-20.solvinity.net

Software

Apache /

Resource Hash

bc4cfdd8a2d696448afe81ee44018645502a13e5d33f9e5c23235a4f8fdaaf63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 14 Feb 2020 23:00:41 GMT
Last-Modified: Wed, 17 Oct 2018 08:08:07 GMT
Server: Apache
ETag: "20e-578682b9a07c0"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=491
Content-Length: 526

GET stats-lib.js
statistiek.rabobank.nl/ 0
0

GET
H/1.1 200
OK jquery-3.0.0.min.js Show response
rabobankpensioeninventarisatie.nl/media/inv/js/ 84 KB
85 KB 55ms
26ms Script
application/javascript 62.112.239.20
SOLVINITY-

General

Check archive.org

Show headers Download Go to

Full URL

https://rabobankpensioeninventarisatie.nl/media/inv/js/jquery-3.0.0.min.js

Requested by

Host: rabobankpensioeninventarisatie.nl
URL: https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.112.239.20 , Netherlands, ASN29311 (SOLVINITY-, NL),

Reverse DNS

62-112-239-20.solvinity.net

Software

Apache /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 14 Feb 2020 23:00:41 GMT
Last-Modified: Wed, 17 Oct 2018 08:08:11 GMT
Server: Apache
ETag: "15145-578682bd710c0"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=497
Content-Length: 86341

GET
H/1.1 200
OK bootstrap.min.js Show response
rabobankpensioeninventarisatie.nl/media/inv/js/ 36 KB
36 KB 71ms
27ms Script
application/javascript 62.112.239.20
SOLVINITY-

General

Check archive.org

Show headers Download Go to

Full URL

https://rabobankpensioeninventarisatie.nl/media/inv/js/bootstrap.min.js

Requested by

Host: rabobankpensioeninventarisatie.nl
URL: https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.112.239.20 , Netherlands, ASN29311 (SOLVINITY-, NL),

Reverse DNS

62-112-239-20.solvinity.net

Software

Apache /

Resource Hash

4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 14 Feb 2020 23:00:41 GMT
Last-Modified: Wed, 17 Oct 2018 08:08:11 GMT
Server: Apache
ETag: "8fd0-578682bd710c0"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=496
Content-Length: 36816

GET
H/1.1 200
OK postit.png
rabobankpensioeninventarisatie.nl/media/inv/images/ 8 KB
8 KB 204ms
27ms Image
image/png 62.112.239.20
SOLVINITY-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rabobankpensioeninventarisatie.nl/media/inv/images/postit.png

Requested by

Host: rabobankpensioeninventarisatie.nl
URL: https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.112.239.20 , Netherlands, ASN29311 (SOLVINITY-, NL),

Reverse DNS

62-112-239-20.solvinity.net

Software

Apache /

Resource Hash

ffc7762cfefbc490d37ff005a92c5a1785fc3569252a3269622619b7cc06d4d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rabobankpensioeninventarisatie.nl/media/inv/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 14 Feb 2020 23:00:41 GMT
Last-Modified: Wed, 17 Oct 2018 08:08:09 GMT
Server: Apache
ETag: "1ed9-578682bb88c40"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=490
Content-Length: 7897

GET
H/1.1 200
OK rb_bg.png
rabobankpensioeninventarisatie.nl/media/inv/images/ 156 KB
156 KB 106ms
29ms Image
image/png 62.112.239.20
SOLVINITY-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rabobankpensioeninventarisatie.nl/media/inv/images/rb_bg.png

Requested by

Host: rabobankpensioeninventarisatie.nl
URL: https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.112.239.20 , Netherlands, ASN29311 (SOLVINITY-, NL),

Reverse DNS

62-112-239-20.solvinity.net

Software

Apache /

Resource Hash

1987096264228c09ca06e68b0458d3610475e44e5720ef2dfefed25f1ffcc8d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rabobankpensioeninventarisatie.nl/media/inv/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 14 Feb 2020 23:00:41 GMT
Last-Modified: Wed, 17 Oct 2018 08:08:07 GMT
Server: Apache
ETag: "26f60-578682b9a07c0"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=495
Content-Length: 159584

GET
H/1.1 200
OK e7e30ff2-3a95-49b0-bbf9-024f40ead426.woff2
rabobankpensioeninventarisatie.nl/media/inv/fonts/ 16 KB
16 KB 39ms
26ms Font
application/octet-stream 62.112.239.20
SOLVINITY-

General

Check archive.org

Show headers Download Go to

Full URL

https://rabobankpensioeninventarisatie.nl/media/inv/fonts/e7e30ff2-3a95-49b0-bbf9-024f40ead426.woff2

Requested by

Host: rabobankpensioeninventarisatie.nl
URL: https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.112.239.20 , Netherlands, ASN29311 (SOLVINITY-, NL),

Reverse DNS

62-112-239-20.solvinity.net

Software

Apache /

Resource Hash

bfcfea39ebd070e042356af77c4bc16b6170f2106744f1173c15c1fa1a243cce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rabobankpensioeninventarisatie.nl/media/inv/css/style.css
Origin: https://rabobankpensioeninventarisatie.nl
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 14 Feb 2020 23:00:41 GMT
Last-Modified: Wed, 17 Oct 2018 08:08:15 GMT
Server: Apache
ETag: "3fc0-578682c1419c0"
Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=495
Content-Length: 16320

GET
H/1.1 200
OK 3b0f1c67-c2e4-4df6-976f-49d52e45aba1.woff2
rabobankpensioeninventarisatie.nl/media/inv/fonts/ 16 KB
16 KB 49ms
29ms Font
application/octet-stream 62.112.239.20
SOLVINITY-

General

Check archive.org

Show headers Download Go to

Full URL

https://rabobankpensioeninventarisatie.nl/media/inv/fonts/3b0f1c67-c2e4-4df6-976f-49d52e45aba1.woff2

Requested by

Host: rabobankpensioeninventarisatie.nl
URL: https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.112.239.20 , Netherlands, ASN29311 (SOLVINITY-, NL),

Reverse DNS

62-112-239-20.solvinity.net

Software

Apache /

Resource Hash

49be0df2d6bfe51dc29e0f5cebd2b99b6b1e4463c2d1250f1b1ae3ac36d0ce41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rabobankpensioeninventarisatie.nl/media/inv/css/style.css
Origin: https://rabobankpensioeninventarisatie.nl
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 14 Feb 2020 23:00:41 GMT
Last-Modified: Wed, 17 Oct 2018 08:08:15 GMT
Server: Apache
ETag: "3ff8-578682c1419c0"
Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=497
Content-Length: 16376

GET
H/1.1 200
OK 0b6110f9-6072-46b9-98af-7d09f7c895b8.woff2
rabobankpensioeninventarisatie.nl/media/inv/fonts/ 16 KB
16 KB 67ms
27ms Font
application/octet-stream 62.112.239.20
SOLVINITY-

General

Check archive.org

Show headers Download Go to

Full URL

https://rabobankpensioeninventarisatie.nl/media/inv/fonts/0b6110f9-6072-46b9-98af-7d09f7c895b8.woff2

Requested by

Host: rabobankpensioeninventarisatie.nl
URL: https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.112.239.20 , Netherlands, ASN29311 (SOLVINITY-, NL),

Reverse DNS

62-112-239-20.solvinity.net

Software

Apache /

Resource Hash

2aa2c3139fe0f3233bbab4e43ef2885af045555933aef6570046e6df2f7f57f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rabobankpensioeninventarisatie.nl/media/inv/css/style.css
Origin: https://rabobankpensioeninventarisatie.nl
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 14 Feb 2020 23:00:41 GMT
Last-Modified: Wed, 17 Oct 2018 08:08:16 GMT
Server: Apache
ETag: "3fe4-578682c235c00"
Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=494
Content-Length: 16356

GET
H/1.1 200
OK senses-icons.woff
rabobankpensioeninventarisatie.nl/media/inv/fonts/ 23 KB
23 KB 82ms
29ms Font
application/font-woff 62.112.239.20
SOLVINITY-

General

Check archive.org

Show headers Download Go to

Full URL

https://rabobankpensioeninventarisatie.nl/media/inv/fonts/senses-icons.woff

Requested by

Host: rabobankpensioeninventarisatie.nl
URL: https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.112.239.20 , Netherlands, ASN29311 (SOLVINITY-, NL),

Reverse DNS

62-112-239-20.solvinity.net

Software

Apache /

Resource Hash

6211c17933c3688f72d1205370f8329b1308b7a2a0265eec73578d7b9e14bc34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rabobankpensioeninventarisatie.nl/media/inv/css/senses-icons.css
Origin: https://rabobankpensioeninventarisatie.nl
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 14 Feb 2020 23:00:41 GMT
Last-Modified: Wed, 17 Oct 2018 08:08:14 GMT
Server: Apache
ETag: "5a6c-578682c04d780"
Strict-Transport-Security: max-age=31536000
Content-Type: application/font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=496
Content-Length: 23148

GET
H/1.1 200
OK 2cc3ff2f-19fe-458d-99da-2fb1acb43d81.woff2
rabobankpensioeninventarisatie.nl/media/inv/fonts/ 16 KB
17 KB 93ms
26ms Font
application/octet-stream 62.112.239.20
SOLVINITY-

General

Check archive.org

Show headers Download Go to

Full URL

https://rabobankpensioeninventarisatie.nl/media/inv/fonts/2cc3ff2f-19fe-458d-99da-2fb1acb43d81.woff2

Requested by

Host: rabobankpensioeninventarisatie.nl
URL: https://rabobankpensioeninventarisatie.nl/landingspagina/pagina/987/vraag+de+link+aan+naar+uw+persoonlijke+omgeving.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.112.239.20 , Netherlands, ASN29311 (SOLVINITY-, NL),

Reverse DNS

62-112-239-20.solvinity.net

Software

Apache /

Resource Hash

9978c7504f5d95149404fe19bfaed705f60cf3dacba5b2b1b6548d52a88c1e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rabobankpensioeninventarisatie.nl/media/inv/css/style.css
Origin: https://rabobankpensioeninventarisatie.nl
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 14 Feb 2020 23:00:41 GMT
Last-Modified: Wed, 17 Oct 2018 08:08:15 GMT
Server: Apache
ETag: "41fc-578682c1419c0"
Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=493
Content-Length: 16892

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: statistiek.rabobank.nl
URL: https://statistiek.rabobank.nl/stats-lib.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Rabobank (Banking)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			rabobankpensioeninventarisatie.nl/	1969-12-31 23:59:59	Name: esrabolandingspagina Value: 19c8rasqq8pduqmbu4efgg4e77nsk71a94je62va1p2a4urn0hres77bkt3lqfj5ofafc4juvloom5flgjp7vvhudobqmlm6bvtedl1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

rabobankpensioeninventarisatie.nl
statistiek.rabobank.nl
www.rabobankpensioeninventarisatie.nl
statistiek.rabobank.nl
62.112.239.20
03caeff0f4235241611956eeb18dcbfabb8b67083208f00a0b0f92fbff9b28bd
1987096264228c09ca06e68b0458d3610475e44e5720ef2dfefed25f1ffcc8d5
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2aa2c3139fe0f3233bbab4e43ef2885af045555933aef6570046e6df2f7f57f3
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
34b9e60a637ee73fef46018cad4c6a7fff51f842568be7e9afc904461a27e96e
44e61731e865c319a517f14041ecf05ef69ca5d6464f2b0f6e786da5f0f2f254
49be0df2d6bfe51dc29e0f5cebd2b99b6b1e4463c2d1250f1b1ae3ac36d0ce41
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
6211c17933c3688f72d1205370f8329b1308b7a2a0265eec73578d7b9e14bc34
6cd4c9dd05c06e6d74ee27f90b501a07e3947e2e202c714db4fd924c5cf1f4a8
8c90a934780db763e137f717e083537756b22ba0e99f9d8055477c7d99413466
9978c7504f5d95149404fe19bfaed705f60cf3dacba5b2b1b6548d52a88c1e55
bc4cfdd8a2d696448afe81ee44018645502a13e5d33f9e5c23235a4f8fdaaf63
bfcfea39ebd070e042356af77c4bc16b6170f2106744f1173c15c1fa1a243cce
f13dbeb80e66e6ed2ffd575a9675935572f8412aac748938dfb957608505c07f
ffc7762cfefbc490d37ff005a92c5a1785fc3569252a3269622619b7cc06d4d5

rabobankpensioeninventarisatie.nl Open in urlscan Pro 62.112.239.20 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

95 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

2 IPs

1 Countries

892 kBTransfer

887 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

rabobankpensioeninventarisatie.nl Open in urlscan Pro
62.112.239.20 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

95 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

892 kB
Transfer

887 kB
Size

1
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!