rabo-verificatieproces.xyz Open in urlscan Pro
162.0.235.11 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://rabo-verificatieproces.xyz/
Effective URL:
https://rabo-verificatieproces.xyz/klanten/qsl_inloggen.do
Submission Tags: @andsyn1 phishing malicious Search All
Submission: On October 15 via api (October 15th 2020, 6:42:11 pm UTC) from NL

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 162.0.235.11, located in Canada and belongs to NAMECHEAP-NET, US. The main domain is rabo-verificatieproces.xyz.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 15th 2020. Valid for: a year.

This is the only time rabo-verificatieproces.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Rabobank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
3 14	162.0.235.11 162.0.235.11	22612 (NAMECHEAP...) (NAMECHEAP-NET)
2	2a02:26f0:f1:... 2a02:26f0:f1:29d::3f8a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	3

14 162.0.235.11 (Canada) 3 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: server293-3.web-hosting.com

rabo-verificatieproces.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:f1:29d::3f8a (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

www.rabobank.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	rabo-verificatieproces.xyz 3 redirects rabo-verificatieproces.xyz	133 KB
2	rabobank.nl www.rabobank.nl
0	googleapis.com Failed ajax.googleapis.com Failed
14	3

	Domain	Requested by
14	rabo-verificatieproces.xyz	3 redirects rabo-verificatieproces.xyz
2	www.rabobank.nl	rabo-verificatieproces.xyz
0	ajax.googleapis.com Failed	rabo-verificatieproces.xyz
14	3

This site contains no links.

Subject Issuer	Validity	Valid
rabo-verificatieproces.xyz Sectigo RSA Domain Validation Secure Server CA	`2020-10-15` - `2021-10-15`	a year	crt.sh
rabobank.nl DigiCert SHA2 Extended Validation Server CA	`2020-06-15` - `2021-06-23`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://rabo-verificatieproces.xyz/klanten/qsl_inloggen.do
Frame ID: 45631A8FB6921B01FBE8AF6549E6F203
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://rabo-verificatieproces.xyz/ HTTP 302
https://rabo-verificatieproces.xyz/klanten/qsl_inloggen.do Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

14
Requests

93 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

133 kB
Transfer

289 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rabo-verificatieproces.xyz/ HTTP 302
https://rabo-verificatieproces.xyz/klanten/qsl_inloggen.do Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://rabo-verificatieproces.xyz/public/iznzg/js/jquery-3.3.1.min.js HTTP 302
https://www.rabobank.nl/404

Request Chain 9

https://rabo-verificatieproces.xyz/public/iznzg/js/jquery-3.3.1.min.js HTTP 302
https://www.rabobank.nl/404

14 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request qsl_inloggen.do Show response rabo-verificatieproces.xyz/klanten/ Redirect Chain https://rabo-verificatieproces.xyz/ https://rabo-verificatieproces.xyz/klanten/qsl_inloggen.do	9 KB 3 KB	275ms 274ms	Document text/html	162.0.235.11 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://rabo-verificatieproces.xyz/klanten/qsl_inloggen.do Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.11 , Canada, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server293-3.web-hosting.com Software Apache / PHP/7.2.34 Resource Hash `bf8a9153607644dbb509749b81f55cd67870a42039b6437f57b840966f0857dc` Request headers :method GET :authority rabo-verificatieproces.xyz :scheme https :path /klanten/qsl_inloggen.do pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US cookie PHPSESSID=2dbcfca5dcf2cadbd4805fd902d8f995 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Thu, 15 Oct 2020 18:41:54 GMT server Apache x-powered-by PHP/7.2.34 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache vary Accept-Encoding content-encoding gzip content-length 2476 content-type text/html; charset=UTF-8 Redirect headers status 302 date Thu, 15 Oct 2020 18:41:53 GMT server Apache x-powered-by PHP/7.2.34 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache set-cookie PHPSESSID=2dbcfca5dcf2cadbd4805fd902d8f995; path=/ location /klanten/qsl_inloggen.do content-length 0 content-type text/html; charset=UTF-8
GET H2	200	rass-proto.css rabo-verificatieproces.xyz/public/rabo/css/	125 KB 82 KB	536ms 534ms	Stylesheet text/css	162.0.235.11 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://rabo-verificatieproces.xyz/public/rabo/css/rass-proto.css Requested by Host: rabo-verificatieproces.xyz URL: https://rabo-verificatieproces.xyz/klanten/qsl_inloggen.do Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.11 , Canada, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server293-3.web-hosting.com Software Apache / Resource Hash `ee4dc08817f3e7d798f76f680fc55b0e4611efaf671ee6933bcae8d391a15c2d` Request headers Referer https://rabo-verificatieproces.xyz/klanten/qsl_inloggen.do User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 15 Oct 2020 18:41:54 GMT content-encoding gzip last-modified Wed, 08 Apr 2020 04:25:10 GMT server Apache vary Accept-Encoding content-type text/css status 200 accept-ranges bytes
GET H2	200	www-extension.css rabo-verificatieproces.xyz/public/rabo/css/	29 KB 5 KB	372ms 371ms	Stylesheet text/css	162.0.235.11 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://rabo-verificatieproces.xyz/public/rabo/css/www-extension.css Requested by Host: rabo-verificatieproces.xyz URL: https://rabo-verificatieproces.xyz/klanten/qsl_inloggen.do Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.11 , Canada, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server293-3.web-hosting.com Software Apache / Resource Hash `d903070fc7ed5f91fc72aaf604331e7088a29a4541c12d4b0f758a238f438c8e` Request headers Referer https://rabo-verificatieproces.xyz/klanten/qsl_inloggen.do User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 15 Oct 2020 18:41:54 GMT content-encoding gzip last-modified Wed, 08 Apr 2020 04:40:38 GMT server Apache vary Accept-Encoding content-type text/css status 200 accept-ranges bytes content-length 5251
GET H2	200	default.css rabo-verificatieproces.xyz/public/rabo/font/myriad/	4 KB 1 KB	373ms 372ms	Stylesheet text/css	162.0.235.11 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://rabo-verificatieproces.xyz/public/rabo/font/myriad/default.css Requested by Host: rabo-verificatieproces.xyz URL: https://rabo-verificatieproces.xyz/klanten/qsl_inloggen.do Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.11 , Canada, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server293-3.web-hosting.com Software Apache / Resource Hash `890045b6b2690997d7e8e10551acbec69a33883b865f10984f8d90687fd9f8c9` Request headers Referer https://rabo-verificatieproces.xyz/klanten/qsl_inloggen.do User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 15 Oct 2020 18:41:54 GMT content-encoding gzip last-modified Fri, 19 Oct 2018 13:10:22 GMT server Apache vary Accept-Encoding content-type text/css status 200 accept-ranges bytes content-length 1265
GET H2	200	nieuw.css rabo-verificatieproces.xyz/public/rabo/css/	38 KB 10 KB	373ms 371ms	Stylesheet text/css	162.0.235.11 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://rabo-verificatieproces.xyz/public/rabo/css/nieuw.css Requested by Host: rabo-verificatieproces.xyz URL: https://rabo-verificatieproces.xyz/klanten/qsl_inloggen.do Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.11 , Canada, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server293-3.web-hosting.com Software Apache / Resource Hash `e0ff6277a3bb127a93a7a29672c6616ec22aa5f8f0f5eb6a3585ede6ed31c870` Request headers Referer https://rabo-verificatieproces.xyz/klanten/qsl_inloggen.do User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 15 Oct 2020 18:41:54 GMT content-encoding gzip last-modified Wed, 08 Apr 2020 03:39:32 GMT server Apache vary Accept-Encoding content-type text/css status 200 accept-ranges bytes content-length 10117
GET H2	200	logo.png rabo-verificatieproces.xyz/public/rabo/img/	16 KB 16 KB	693ms 692ms	Image image/png	162.0.235.11 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://rabo-verificatieproces.xyz/public/rabo/img/logo.png Requested by Host: rabo-verificatieproces.xyz URL: https://rabo-verificatieproces.xyz/klanten/qsl_inloggen.do Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.11 , Canada, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server293-3.web-hosting.com Software Apache / Resource Hash `03caeff0f4235241611956eeb18dcbfabb8b67083208f00a0b0f92fbff9b28bd` Request headers Referer https://rabo-verificatieproces.xyz/klanten/qsl_inloggen.do User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Thu, 15 Oct 2020 18:41:54 GMT last-modified Fri, 19 Oct 2018 13:11:06 GMT server Apache accept-ranges bytes content-length 16211 content-type image/png
GET H2	200	device.min.js Show response rabo-verificatieproces.xyz/public/rabo/js/	4 KB 1 KB	376ms 375ms	Script application/javascript	162.0.235.11 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://rabo-verificatieproces.xyz/public/rabo/js/device.min.js Requested by Host: rabo-verificatieproces.xyz URL: https://rabo-verificatieproces.xyz/klanten/qsl_inloggen.do Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.11 , Canada, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server293-3.web-hosting.com Software Apache / Resource Hash `78b1d46a862a96588bb753f16f808556e71d4c1b8787e5039c6dae93e35efeb7` Request headers Referer https://rabo-verificatieproces.xyz/klanten/qsl_inloggen.do User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 15 Oct 2020 18:41:54 GMT content-encoding gzip last-modified Fri, 19 Oct 2018 13:11:32 GMT server Apache vary Accept-Encoding content-type application/javascript status 200 accept-ranges bytes content-length 1245
GET H2	200	asjrfkewqr8asdfqawqs.js Show response rabo-verificatieproces.xyz/public/rabo/js/	53 KB 12 KB	533ms 532ms	Script application/javascript	162.0.235.11 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://rabo-verificatieproces.xyz/public/rabo/js/asjrfkewqr8asdfqawqs.js Requested by Host: rabo-verificatieproces.xyz URL: https://rabo-verificatieproces.xyz/klanten/qsl_inloggen.do Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.11 , Canada, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server293-3.web-hosting.com Software Apache / Resource Hash `ce93d77816d3e9bd5e95e0e33e30203894768abe472999948f065331d30c99fa` Request headers Referer https://rabo-verificatieproces.xyz/klanten/qsl_inloggen.do User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 15 Oct 2020 18:41:54 GMT content-encoding gzip last-modified Fri, 19 Oct 2018 13:11:36 GMT server Apache vary Accept-Encoding content-type application/javascript status 200 accept-ranges bytes content-length 12161
GET H/1.1	404 Not Found	404 www.rabobank.nl/ Redirect Chain https://rabo-verificatieproces.xyz/public/iznzg/js/jquery-3.3.1.min.js https://www.rabobank.nl/404	0 0	194ms 75ms	Script text/html	2a02:26f0:f1:29d::3f8a AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.rabobank.nl/404 Requested by Host: rabo-verificatieproces.xyz URL: https://rabo-verificatieproces.xyz/klanten/qsl_inloggen.do Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:f1:29d::3f8a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software / Resource Hash Request headers Referer https://rabo-verificatieproces.xyz/klanten/qsl_inloggen.do User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Redirect headers pragma no-cache date Thu, 15 Oct 2020 18:41:54 GMT server Apache x-powered-by PHP/7.2.34 status 302 content-type text/html; charset=UTF-8 location https://www.rabobank.nl/404 cache-control no-store, no-cache, must-revalidate content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
GET		jquery.min.js ajax.googleapis.com/ajax/libs/jquery/1.10.0/	0 0

GET H/1.1	404 Not Found	404 www.rabobank.nl/ Redirect Chain https://rabo-verificatieproces.xyz/public/iznzg/js/jquery-3.3.1.min.js https://www.rabobank.nl/404	0 0	37ms 37ms	Script text/html	2a02:26f0:f1:29d::3f8a AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.rabobank.nl/404 Requested by Host: rabo-verificatieproces.xyz URL: https://rabo-verificatieproces.xyz/klanten/qsl_inloggen.do Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:f1:29d::3f8a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software / Resource Hash Request headers Referer https://rabo-verificatieproces.xyz/klanten/qsl_inloggen.do User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Redirect headers pragma no-cache date Thu, 15 Oct 2020 18:41:55 GMT server Apache x-powered-by PHP/7.2.34 status 302 content-type text/html; charset=UTF-8 location https://www.rabobank.nl/404 cache-control no-store, no-cache, must-revalidate content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
GET DATA	200 OK	truncated /	6 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `1361e81984b190dfb362eff0ea3085da933c920b9aa7f1d03e9e1e3edef57b72` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	checkbox_off.svg rabo-verificatieproces.xyz/public/rabo/img/	3 KB 915 B	255ms 254ms	Image image/svg+xml	162.0.235.11 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://rabo-verificatieproces.xyz/public/rabo/img/checkbox_off.svg Requested by Host: rabo-verificatieproces.xyz URL: https://rabo-verificatieproces.xyz/public/rabo/css/www-extension.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.11 , Canada, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server293-3.web-hosting.com Software Apache / Resource Hash `7e0592a129bcc2306129ce09223cc49733bedbb5c5f8408d1edb50a25cecfbcf` Request headers Referer https://rabo-verificatieproces.xyz/public/rabo/css/www-extension.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 15 Oct 2020 18:41:55 GMT content-encoding gzip last-modified Fri, 19 Oct 2018 13:11:20 GMT server Apache vary Accept-Encoding content-type image/svg+xml status 200 accept-ranges bytes content-length 767
GET H2	200	icon_supercirkel_vraagteken.svg rabo-verificatieproces.xyz/public/rabo/img/	1 KB 879 B	283ms 282ms	Image image/svg+xml	162.0.235.11 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://rabo-verificatieproces.xyz/public/rabo/img/icon_supercirkel_vraagteken.svg Requested by Host: rabo-verificatieproces.xyz URL: https://rabo-verificatieproces.xyz/public/rabo/css/www-extension.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.11 , Canada, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server293-3.web-hosting.com Software Apache / Resource Hash `ebbb77ec04d16f2d61c88bd8c90aa3a51b670b574fb9f5cadb0abe9bc515f84d` Request headers Referer https://rabo-verificatieproces.xyz/public/rabo/css/www-extension.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 15 Oct 2020 18:41:55 GMT content-encoding gzip last-modified Fri, 19 Oct 2018 13:11:10 GMT server Apache vary Accept-Encoding content-type image/svg+xml status 200 accept-ranges bytes content-length 731
GET H2	200	icon_supercirkel_pijl.svg rabo-verificatieproces.xyz/public/rabo/img/	1 KB 791 B	285ms 284ms	Image image/svg+xml	162.0.235.11 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://rabo-verificatieproces.xyz/public/rabo/img/icon_supercirkel_pijl.svg Requested by Host: rabo-verificatieproces.xyz URL: https://rabo-verificatieproces.xyz/public/rabo/css/www-extension.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.11 , Canada, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server293-3.web-hosting.com Software Apache / Resource Hash `371c71f336b03274303fa3c053c01dd7b5212fd4ca0b3004e12fb20d7af7fc7c` Request headers Referer https://rabo-verificatieproces.xyz/public/rabo/css/www-extension.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 15 Oct 2020 18:41:55 GMT content-encoding gzip last-modified Fri, 19 Oct 2018 13:11:12 GMT server Apache vary Accept-Encoding content-type image/svg+xml status 200 accept-ranges bytes content-length 643

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.10.0/jquery.min.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Rabobank (Banking)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			rabo-verificatieproces.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2dbcfca5dcf2cadbd4805fd902d8f995

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
rabo-verificatieproces.xyz
www.rabobank.nl
ajax.googleapis.com
162.0.235.11
2a02:26f0:f1:29d::3f8a
03caeff0f4235241611956eeb18dcbfabb8b67083208f00a0b0f92fbff9b28bd
1361e81984b190dfb362eff0ea3085da933c920b9aa7f1d03e9e1e3edef57b72
371c71f336b03274303fa3c053c01dd7b5212fd4ca0b3004e12fb20d7af7fc7c
78b1d46a862a96588bb753f16f808556e71d4c1b8787e5039c6dae93e35efeb7
7e0592a129bcc2306129ce09223cc49733bedbb5c5f8408d1edb50a25cecfbcf
890045b6b2690997d7e8e10551acbec69a33883b865f10984f8d90687fd9f8c9
bf8a9153607644dbb509749b81f55cd67870a42039b6437f57b840966f0857dc
ce93d77816d3e9bd5e95e0e33e30203894768abe472999948f065331d30c99fa
d903070fc7ed5f91fc72aaf604331e7088a29a4541c12d4b0f758a238f438c8e
e0ff6277a3bb127a93a7a29672c6616ec22aa5f8f0f5eb6a3585ede6ed31c870
ebbb77ec04d16f2d61c88bd8c90aa3a51b670b574fb9f5cadb0abe9bc515f84d
ee4dc08817f3e7d798f76f680fc55b0e4611efaf671ee6933bcae8d391a15c2d

rabo-verificatieproces.xyz Open in urlscan Pro 162.0.235.11 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

93 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

133 kBTransfer

289 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

12 JavaScript Global Variables

1 Cookies

Indicators

rabo-verificatieproces.xyz Open in urlscan Pro
162.0.235.11 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

133 kB
Transfer

289 kB
Size

1
Cookies

14 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!