vervangingdigipskant.icu
Open in
urlscan Pro
185.223.28.131
Malicious Activity!
Public Scan
Effective URL: https://vervangingdigipskant.icu/UIDBXKJHGJSTYRYWTAVXBDKJDUUTEFSRYARWH/
Submission: On November 23 via api from BE
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on November 20th 2020. Valid for: 3 months.
This is the only time vervangingdigipskant.icu was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Rabobank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 208.71.169.170 208.71.169.170 | 33322 (NDCHOST) (NDCHOST) | |
1 10 | 185.223.28.131 185.223.28.131 | 30823 (COMBAHTON...) (COMBAHTON combahton GmbH) | |
5 | 51.116.97.154 51.116.97.154 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:3b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
28 | 23.201.172.108 23.201.172.108 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
3 | 2a00:1450:400... 2a00:1450:4001:803::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:824::200e | 15169 (GOOGLE) (GOOGLE) | |
51 | 8 |
ASN33322 (NDCHOST, US)
PTR: D047A9AA.ptr.provps.com
ondersteuningkant.org |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
rabodirect.containers.piwik.pro |
ASN16625 (AKAMAI-AS, US)
PTR: a23-201-172-108.deploy.static.akamaitechnologies.com
www.rabobank.be |
ASN15169 (GOOGLE, US)
www.youtube-nocookie.com | |
s.ytimg.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
28 |
rabobank.be
www.rabobank.be |
2 MB |
10 |
vervangingdigipskant.icu
1 redirects
vervangingdigipskant.icu |
127 KB |
5 |
piwik.pro
rabodirect.containers.piwik.pro |
169 KB |
2 |
youtube-nocookie.com
www.youtube-nocookie.com Failed |
|
1 |
ytimg.com
s.ytimg.com |
36 KB |
1 |
youtube.com
www.youtube.com |
1 KB |
1 |
jquery.com
code.jquery.com |
30 KB |
1 |
ondersteuningkant.org
ondersteuningkant.org |
399 B |
51 | 8 |
Domain | Requested by | |
---|---|---|
28 | www.rabobank.be |
vervangingdigipskant.icu
www.rabobank.be |
10 | vervangingdigipskant.icu |
1 redirects
vervangingdigipskant.icu
|
5 | rabodirect.containers.piwik.pro |
vervangingdigipskant.icu
rabodirect.containers.piwik.pro |
2 | www.youtube-nocookie.com |
vervangingdigipskant.icu
ondersteuningkant.org |
1 | s.ytimg.com |
www.youtube.com
|
1 | www.youtube.com |
ondersteuningkant.org
|
1 | code.jquery.com |
vervangingdigipskant.icu
|
1 | ondersteuningkant.org | |
51 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.rabobank.be |
piwik.pro |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ondersteuningkant.org Let's Encrypt Authority X3 |
2020-11-20 - 2021-02-18 |
3 months | crt.sh |
vervangingdigipskant.icu Let's Encrypt Authority X3 |
2020-11-20 - 2021-02-18 |
3 months | crt.sh |
*.containers.piwik.pro GlobeSSL DV CA |
2020-08-26 - 2021-09-08 |
a year | crt.sh |
jquery.org Sectigo RSA Domain Validation Secure Server CA |
2020-10-06 - 2021-10-16 |
a year | crt.sh |
www.rabobank.be DigiCert SHA2 Extended Validation Server CA |
2020-04-29 - 2021-05-04 |
a year | crt.sh |
*.google.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://vervangingdigipskant.icu/UIDBXKJHGJSTYRYWTAVXBDKJDUUTEFSRYARWH/
Frame ID: 2F1F1D2F87976BAA91DFC5D74C209C28
Requests: 48 HTTP requests in this frame
Frame:
https://www.youtube-nocookie.com/embed/tyxyZhXCkWs?rel=0&controls=1&showinfo=1&enablejsapi=1
Frame ID: C1192CE305A4F95725566F1CEE42FF92
Requests: 2 HTTP requests in this frame
Frame:
https://www.youtube-nocookie.com/embed/tyxyZhXCkWs?rel=0&controls=1&showinfo=1&enablejsapi=1
Frame ID: 8B1499E2263CB8FED6906CACF2D3B6B4
Requests: 2 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://ondersteuningkant.org/?El8fIQBZ29KxodRi0=AMMeafc2VfqupQz2H5z Page URL
-
https://vervangingdigipskant.icu/UIDBXKJHGJSTYRYWTAVXBDKJDUUTEFSRYARWH
HTTP 301
https://vervangingdigipskant.icu/UIDBXKJHGJSTYRYWTAVXBDKJDUUTEFSRYARWH/ Page URL
Detected technologies
Ubuntu (Operating Systems) ExpandDetected patterns
- headers server /Ubuntu/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Meer informatie over cookies vindt u hier.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://ondersteuningkant.org/?El8fIQBZ29KxodRi0=AMMeafc2VfqupQz2H5z Page URL
-
https://vervangingdigipskant.icu/UIDBXKJHGJSTYRYWTAVXBDKJDUUTEFSRYARWH
HTTP 301
https://vervangingdigipskant.icu/UIDBXKJHGJSTYRYWTAVXBDKJDUUTEFSRYARWH/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
51 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
ondersteuningkant.org/ |
137 B 399 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
/
vervangingdigipskant.icu/UIDBXKJHGJSTYRYWTAVXBDKJDUUTEFSRYARWH/ Redirect Chain
|
92 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
74b38f95-6a27-4161-a3cb-72ab97895bee.js
rabodirect.containers.piwik.pro/ |
245 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.4.1.min.js
code.jquery.com/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gregorian.js
www.rabobank.be/apps/postlogin-be/mxclientsystem/dojo/cldr/nls/nl/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
buddhist.js
www.rabobank.be/apps/postlogin-be/mxclientsystem/dojo/cldr/nls/nl/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widgets.js
www.rabobank.be/apps/postlogin-be/widgets/ |
3 MB 909 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widgets_ROOT.js
www.rabobank.be/apps/postlogin-be/widgets/nls/ |
416 B 772 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loading.js
www.rabobank.be/apps/postlogin-be/mxclientsystem/dijit/nls/nl/ |
117 B 672 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
number.js
www.rabobank.be/apps/postlogin-be/mxclientsystem/dojo/cldr/nls/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
number.js
www.rabobank.be/apps/postlogin-be/mxclientsystem/dojo/cldr/nls/nl/ |
617 B 961 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cache.css
vervangingdigipskant.icu/UIDBXKJHGJSTYRYWTAVXBDKJDUUTEFSRYARWH/ |
231 KB 36 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mxui.css
www.rabobank.be/apps/postlogin-be/mclientsystem/mxui/ui/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widgets.css
www.rabobank.be/apps/postlogin-be/widgets/ |
111 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lib.css
www.rabobank.be/apps/postlogin-be/resources/ |
111 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
custom.css
www.rabobank.be/apps/postlogin-be/resources/ |
86 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
picturefill.min.js
www.rabobank.be/.resources/rabobank-be/webresources/js/ |
11 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lang.min~2020-10-09-10-00-30-000~cache.js
www.rabobank.be/.resources/rabobank-be/webresources/js/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
print.css
www.rabobank.be/dam/jcr:89be99a5-d8ba-4a14-84e2-5a80e9d566c3/ |
957 B 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
phishing-modal-polo.css
www.rabobank.be/dam/jcr:19bc2d20-7101-468e-9627-7c27d3db5f8f/ |
3 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
custom.css
www.rabobank.be/dam/jcr:356aeda3-cb97-4c7a-8298-81e2b5baeeae/ |
10 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rabobank-check-white-1.svg
www.rabobank.be/.resources/rabobank-be/webresources/img/common/ |
572 B 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rabobank-search.svg
www.rabobank.be/.resources/rabobank-be/webresources/img/common/ |
766 B 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rabobank-menu.svg
www.rabobank.be/.resources/rabobank-be/webresources/img/common/ |
557 B 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rabobank-logo.svg
www.rabobank.be/dam/jcr:3dd45014-2ce3-468c-b049-9df619452322/ |
20 KB 8 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
digipass.2019-10-09-14-39-35.png
www.rabobank.be/dam/jcr:86217533-cbf0-443e-b405-a20f7fa8c2b1/ |
72 KB 74 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Login$Images$Login_NavigationLayouts_Draft_BE_DP_Login_White.png
www.rabobank.be/apps/postlogin-be/img/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Login$Images$_1.png
www.rabobank.be/apps/postlogin-be/img/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SandyP.png
www.rabobank.be/dam/jcr:c8e32a02-1f4b-4d9d-bad2-9ed83556e588/ |
31 KB 33 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
IvyM.png
www.rabobank.be/dam/jcr:d58b9cfd-c29a-4cc3-a0da-32fbfc964a0a/ |
32 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.min~2020-10-09-10-00-30-000~cache.js
www.rabobank.be/.resources/rabobank-be/webresources/js/ |
269 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mxui.js
www.rabobank.be/apps/postlogin-be/mxclientsystem/mxui/ |
1 MB 358 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
privacy-templates.js
rabodirect.containers.piwik.pro/74b38f95-6a27-4161-a3cb-72ab97895bee/ |
446 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mxui.css
www.rabobank.be/apps/postlogin-be/mclientsystem/mxui/ui/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
stats
rabodirect.containers.piwik.pro/consent/ |
2 B 327 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
tyxyZhXCkWs
www.youtube-nocookie.com/embed/ Frame C119 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
tyxyZhXCkWs
www.youtube-nocookie.com/embed/ Frame 8B14 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rabobank-arrow.svg
vervangingdigipskant.icu/img/common/ |
287 B 287 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rabobank-close.svg
vervangingdigipskant.icu/img/common/ |
287 B 287 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
question-circle.svg
vervangingdigipskant.icu/dam/jcr:c2c8a7f4-125f-4162-8136-85705d9cbbe5/ |
287 B 287 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
myriadpro-bold-webfont.woff
vervangingdigipskant.icu/UIDBXKJHGJSTYRYWTAVXBDKJDUUTEFSRYARWH/ |
22 KB 22 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
myriadpro-regular-webfont.woff
vervangingdigipskant.icu/UIDBXKJHGJSTYRYWTAVXBDKJDUUTEFSRYARWH/ |
22 KB 22 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
myriadpro-light-webfont.woff
vervangingdigipskant.icu/UIDBXKJHGJSTYRYWTAVXBDKJDUUTEFSRYARWH/ |
22 KB 22 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
rabo.woff
www.rabobank.be/apps/postlogin-be/styles/css/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
privacy-templates.js
rabodirect.containers.piwik.pro/74b38f95-6a27-4161-a3cb-72ab97895bee/ |
446 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tyxyZhXCkWs
www.youtube-nocookie.com/embed/ Frame 8B14 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tyxyZhXCkWs
www.youtube-nocookie.com/embed/ Frame C119 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
iframe_api
www.youtube.com/ |
859 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rabo-icons.woff
vervangingdigipskant.icu/UIDBXKJHGJSTYRYWTAVXBDKJDUUTEFSRYARWH/ |
6 KB 7 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflkHHIwh/ |
100 KB 36 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
stats
rabodirect.containers.piwik.pro/consent/ |
2 B 327 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.youtube-nocookie.com
- URL
- https://www.youtube-nocookie.com/embed/tyxyZhXCkWs?rel=0&controls=1&showinfo=1
- Domain
- www.youtube-nocookie.com
- URL
- https://www.youtube-nocookie.com/embed/tyxyZhXCkWs?rel=0&controls=1&showinfo=1
- Domain
- www.rabobank.be
- URL
- https://www.rabobank.be/apps/postlogin-be/styles/css/fonts/rabo.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Rabobank (Banking)26 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery string| SYNC_EVENT string| ONCE_PER_PAGE_VIEW_ACTION string| ONCE_PER_SESSION_ACTION string| VARIABLE_NAME string| COOKIE_PREFIX string| GLOBAL_CONFIG_NAME function| ppmsWebStorage object| sevenTag object| dataLayer function| PPTM_JSONP_Callback_0 boolean| __disableDappDetectionInsertion object| RaboDirect function| sendUserDataSubjectRequest object| picturefillCFG function| picturefill1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
vervangingdigipskant.icu/ | Name: ppms_privacy_74b38f95-6a27-4161-a3cb-72ab97895bee Value: {%22consents%22:{%22analytics%22:{%22status%22:-1%2C%22historyId%22:%22f18cd735-0456-4cb1-8971-d25388cf88db%22%2C%22updatedAt%22:%222020-11-23T01:18:37.995Z%22}}%2C%22visitorId%22:%22604bbb45-bbb2-98d2-a853-22e7ac94cd7e%22%2C%22domain%22:{%22normalized%22:%22vervangingdigipskant.icu%22%2C%22isWildcard%22:false%2C%22pattern%22:%22vervangingdigipskant.icu%22}%2C%22staleCheckpoint%22:%222020-11-23T01:18:37.994Z%22} |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
ondersteuningkant.org
rabodirect.containers.piwik.pro
s.ytimg.com
vervangingdigipskant.icu
www.rabobank.be
www.youtube-nocookie.com
www.youtube.com
www.rabobank.be
www.youtube-nocookie.com
185.223.28.131
2001:4de0:ac19::1:b:3b
208.71.169.170
23.201.172.108
2a00:1450:4001:803::200e
2a00:1450:4001:824::200e
51.116.97.154
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
100835187f09f0424e4d2b3b64ed24be9bed29753af75ef65d07f5cdb5202f8a
261b15f26e15825617e47900a6f49c983cccd7510468615a0df18232357c680f
271ffa3bae84eee178d662f27daafa41d099c47427f9b449e407982c6518c8e1
292ddd04d512606bfec1e5b1f151748c7f1ad90e95b74874410f1764227aff98
3ddb20d5222ea3f56b46960839b0a97b61b911c8312672e93606f6a9b8235e38
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a8c8e8bb0f215c041880843b3a2aa5d7a70e7f252a9ca59c63803d5105faa3e
4ac5fd9f7108fd5b25abecbb873ef285554d5ab8ae5ba0d9e0cf863a4bee22d5
5b0aee6067d938c0923f50b15fac97628c474bbfa906c879c0499313aa5b0e6d
6342bffe43e2d8c9fab3503e7f2f0eb3b0d5c30a74c2c911a72993dd9e7c45ba
6362dbd7b240ec4009b08a4394e1757c07632b06a7cae08eaecb689bf999c290
71245aeb2a9150a7608b8714df354c94647a9799ddc65e0794d6dcc249794b01
765bfe45c4574467588c02d176db1fcc35c5eae03d4d375d7a5d5243f1e0cab1
85b75892aa28fbd6ce13688c182fd3a849416b344e0dba345f85bf23e09dba0c
8e843164b94890c11c36a87e493a61418f8c1a34c0333d7945018bb9c4cf84f2
951ab1bb50fe72bd4586ae324af2e6444d8878983bd4b37db2badf1cc0804d78
9618bea1aa0ab34b3f3d9607a2071c920c29151168300f3ec977522c41959457
96535f531029d30dab513e72e7c21b940b0638db6b578c04a1626fbaaa01a275
9a56c632529139db67a82f9c16b93c8319d4eef5d2305d4f869ad2daea2611e2
9b0b7e1ec2e1bde8dbf465142c65c35c2795fd95f5a7edacd091fe2b50aa8c76
a5ed31b1843d5d31c94ad172da36c5b0460728332aa069501ac6bdb7f614565e
a775ab8993c591fc06434cba0ec5a296c9f62c60823cc551ae3db5229f4e334e
adf1e1f3b4b570e767553c6db283ec3d84253c85e4094f2e542611b2709b3f3b
aead89cc18cab615b458a289276c35a24141b8297a48d20ffddd0860f73d87f2
b8266d9c9eefffb417e537eea269e2f69dac0a5a72dbf547227fdf6c2ec2e876
bc232bb33a2f3e9f167dd67c8156d320eec847e132dca74b3c054d005006e94f
c77794cfdda99b8dadf5183ae9e0069cfd31879a119f52f8e142790c460d1e6e
cf5fbd7aa765c5fb367915eeee7c51f247270249e98d3140183c642de74415c3
cf8caa4bc984e80bedaf7605fcba8eeb393144855916ca37a9e3878776f4099d
d3a038b41259b27643fea56c913dab5dbd2320f52089921e7865d09c9a5c25aa
dbc508aa6692e3f6793405c80c11c160f0e78cd76ac9258890c869fa0c4c9b48
e150ec1939230da37fefb50a40d8766b38060db920f0823c387e57c8cceca676
e44f1281ab876f91c2f60a771f12d4d3453821e253915576e09cd1beea27f9bd
e77cdbd21d8b7329c5261bc13752744951caef0009c1ef36e20ecc43183f7dd2
e84cb27ad0136974f285076213e9080b24cb3bac2d850ebf768ba52754116aba
ed54449cd63ec194c3eaecbc5b634843a61dc32236efbbc24483c2a43a332a85
f05bdcad2ba1454d0f0db653b13cecad84b88aa8331dc6af4d929d30f82b824e
f426ae0be9f5d29baff04654569e7084ff8ce9439f907d6cf8c98ffb9ba9fabd
fb0bccc37a1e1032fb54e1cf8f7d8f3b316c38927388cc24dafceb5bae618336
fb40a1349173e4f98d1010bc578c3aaac127d98cad21f45dca02b54c88180557