ghdteuegdj.youdontcare.com Open in urlscan Pro
5.206.227.115 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ghdteuegdj.youdontcare.com/rabo/
Effective URL:
http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/
Submission: On October 27 via automatic, source openphish (October 27th 2023, 2:16:01 am UTC) — Scanned from PT

Summary HTTP 32 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 32 HTTP transactions. The main IP is 5.206.227.115, located in Miranda do Corvo, Portugal and belongs to NETSOLUTIONS, MO. The main domain is ghdteuegdj.youdontcare.com.

This is the only time ghdteuegdj.youdontcare.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Rabobank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
2 34	5.206.227.115 5.206.227.115		47674 (NETSOLUTIONS) (NETSOLUTIONS)
32	2

34 5.206.227.115 (Miranda do Corvo, Portugal) 2 redirects

ASN47674 (NETSOLUTIONS, MO)
PTR: jd.nl

ghdteuegdj.youdontcare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	youdontcare.com 2 redirects ghdteuegdj.youdontcare.com	829 KB
32	1

	Domain	Requested by
34	ghdteuegdj.youdontcare.com	2 redirects ghdteuegdj.youdontcare.com
32	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/
Frame ID: 4D066956181DC771E4713932FB894495
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rаbо Internetbаnkieren - Rаbоbаnk

Page URL History Show full URLs

http://ghdteuegdj.youdontcare.com/rabo/ Page URL
http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4 HTTP 301
http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/ HTTP 302
http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/ Page URL

Detected technologies

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

829 kB
Transfer

1154 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ghdteuegdj.youdontcare.com/rabo/ Page URL
http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4 HTTP 301
http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/ HTTP 302
http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response ghdteuegdj.youdontcare.com/rabo/	728 B 723 B	179ms 129ms	Document text/html	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Full URL http://ghdteuegdj.youdontcare.com/rabo/ Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `d6dbf53fceeaa7c33dba46ba199e4fdbd36ad4b0ba90443972a75d0e52aa6836` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 accept-language pt-PT,pt;q=0.9 Response headers Connection Keep-Alive Content-Encoding gzip Content-Length 450 Content-Type text/html; charset=UTF-8 Date Fri, 27 Oct 2023 02:15:57 GMT Keep-Alive timeout=5, max=100 Server Apache/2.4.29 (Ubuntu) Vary Accept-Encoding
GET H/1.1	200 OK	Primary Request / Show response ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/ Redirect Chain http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4? http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/? http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/?	14 KB 4 KB	95ms 94ms	Document text/html	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Full URL http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/ Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `694f18f6844a93ee1385e90a4d19ae40c0bad90a5764bf6377df8b1b27e85cf3` Request headers Referer http://ghdteuegdj.youdontcare.com/rabo/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 accept-language pt-PT,pt;q=0.9 Response headers Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Content-Encoding gzip Content-Length 3925 Content-Type text/html; charset=UTF-8 Date Fri, 27 Oct 2023 02:15:58 GMT Expires 0 Keep-Alive timeout=5, max=97 Pragma no-cache Server Apache/2.4.29 (Ubuntu) Vary Accept-Encoding Redirect headers Connection Keep-Alive Content-Length 0 Content-Type text/html; charset=UTF-8 Date Fri, 27 Oct 2023 02:15:58 GMT Keep-Alive timeout=5, max=98 Server Apache/2.4.29 (Ubuntu) location login/?
GET H/1.1	200 OK	jquery.min.js Show response ghdteuegdj.youdontcare.com/rabo/bower_components/jquery/dist/	85 KB 30 KB	94ms 94ms	Script application/javascript	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Full URL http://ghdteuegdj.youdontcare.com/rabo/bower_components/jquery/dist/jquery.min.js Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de` Request headers accept-language pt-PT,pt;q=0.9 Referer http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:58 GMT Content-Encoding gzip Last-Modified Tue, 07 Apr 2020 18:15:44 GMT Server Apache/2.4.29 (Ubuntu) ETag "15283-5a2b75f3b7400-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 30138
GET H/1.1	200 OK	ua-parser.min.js Show response ghdteuegdj.youdontcare.com/rabo/bower_components/ua-parser-js/dist/	17 KB 6 KB	267ms 88ms	Script application/javascript	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Full URL http://ghdteuegdj.youdontcare.com/rabo/bower_components/ua-parser-js/dist/ua-parser.min.js Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896` Request headers accept-language pt-PT,pt;q=0.9 Referer http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:58 GMT Content-Encoding gzip Last-Modified Tue, 07 Apr 2020 18:15:40 GMT Server Apache/2.4.29 (Ubuntu) ETag "4298-5a2b75efe6b00-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 6063
GET H/1.1	200 OK	font-awesome.min.css ghdteuegdj.youdontcare.com/rabo/bower_components/font-awesome/css/	30 KB 7 KB	177ms 127ms	Stylesheet text/css	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Full URL http://ghdteuegdj.youdontcare.com/rabo/bower_components/font-awesome/css/font-awesome.min.css Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd` Request headers accept-language pt-PT,pt;q=0.9 Referer http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:58 GMT Content-Encoding gzip Last-Modified Tue, 07 Apr 2020 18:15:46 GMT Server Apache/2.4.29 (Ubuntu) ETag "7918-5a2b75f59f880-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 7053
GET H/1.1	200 OK	core_form.js Show response ghdteuegdj.youdontcare.com/rabo/core/form/	61 KB 37 KB	268ms 89ms	Script application/javascript	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Full URL http://ghdteuegdj.youdontcare.com/rabo/core/form/core_form.js Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `93fa8730afd2a616370fcc5baeaf0c9bc36495a08efa57c7ae4874c91d5bdb4f` Request headers accept-language pt-PT,pt;q=0.9 Referer http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:58 GMT Content-Encoding gzip Last-Modified Tue, 07 Apr 2020 18:57:12 GMT Server Apache/2.4.29 (Ubuntu) ETag "f2ef-5a2b7f3875200-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 37765
GET H/1.1	200 OK	core_token.js Show response ghdteuegdj.youdontcare.com/rabo/core/token/	10 KB 2 KB	334ms 88ms	Script application/javascript	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Full URL http://ghdteuegdj.youdontcare.com/rabo/core/token/core_token.js Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `937cd103046c69780daf70838d34a892fbb8664f5255a6d25b60db35db01287d` Request headers accept-language pt-PT,pt;q=0.9 Referer http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:58 GMT Content-Encoding gzip Last-Modified Tue, 07 Apr 2020 18:57:14 GMT Server Apache/2.4.29 (Ubuntu) ETag "298e-5a2b7f3a5d680-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 1515
GET H/1.1	200 OK	angular.min.js Show response ghdteuegdj.youdontcare.com/rabo/bower_components/angular/	165 KB 58 KB	360ms 108ms	Script application/javascript	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Full URL http://ghdteuegdj.youdontcare.com/rabo/bower_components/angular/angular.min.js Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27` Request headers accept-language pt-PT,pt;q=0.9 Referer http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:58 GMT Content-Encoding gzip Last-Modified Tue, 07 Apr 2020 18:15:40 GMT Server Apache/2.4.29 (Ubuntu) ETag "2937c-5a2b75efe6b00-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99
GET H/1.1	200 OK	core_form.css ghdteuegdj.youdontcare.com/rabo/core/form/	3 KB 1016 B	176ms 127ms	Stylesheet text/css	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Full URL http://ghdteuegdj.youdontcare.com/rabo/core/form/core_form.css Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `cdf4dc725d51fd036311ae9b026c3e20f15f937511d8c88dd23c969665380ab5` Request headers accept-language pt-PT,pt;q=0.9 Referer http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:58 GMT Content-Encoding gzip Last-Modified Tue, 07 Apr 2020 18:57:12 GMT Server Apache/2.4.29 (Ubuntu) ETag "ab5-5a2b7f3875200-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 680
GET H/1.1	200 OK	css.css ghdteuegdj.youdontcare.com/rabo/login/form/	219 B 485 B	177ms 128ms	Stylesheet text/css	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Full URL http://ghdteuegdj.youdontcare.com/rabo/login/form/css.css Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `d7fb0c004ea0b99f9d85f90a0d966f92f83eb049840170d884176a20346d80af` Request headers accept-language pt-PT,pt;q=0.9 Referer http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:58 GMT Content-Encoding gzip Last-Modified Tue, 07 Apr 2020 18:57:10 GMT Server Apache/2.4.29 (Ubuntu) ETag "db-5a2b7f368cd80-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 150
GET H/1.1	200 OK	force-myriad.css ghdteuegdj.youdontcare.com/rabo/login/	121 B 458 B	175ms 125ms	Stylesheet text/css	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Full URL http://ghdteuegdj.youdontcare.com/rabo/login/force-myriad.css Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `5480e455fe88ae27ac083954834e86fc1ccd392e9f37872a55c13e1fd23dfbac` Request headers accept-language pt-PT,pt;q=0.9 Referer http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:58 GMT Content-Encoding gzip Last-Modified Tue, 07 Apr 2020 18:56:50 GMT Server Apache/2.4.29 (Ubuntu) ETag "79-5a2b7f237a080-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 123
GET H/1.1	200 OK	rass-proto.css ghdteuegdj.youdontcare.com/rabo/login/	50 KB 29 KB	184ms 135ms	Stylesheet text/css	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Full URL http://ghdteuegdj.youdontcare.com/rabo/login/rass-proto.css Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `c29b4bb70a6a918a63501804c99dc56ca41d315deb01bc3f0589cd579c1b0627` Request headers accept-language pt-PT,pt;q=0.9 Referer http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:58 GMT Content-Encoding gzip Last-Modified Tue, 07 Apr 2020 18:56:44 GMT Server Apache/2.4.29 (Ubuntu) ETag "c8ac-5a2b7f1dc1300-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 29113
GET H/1.1	200 OK	www-extension.css ghdteuegdj.youdontcare.com/rabo/login/	28 KB 5 KB	241ms 88ms	Stylesheet text/css	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Full URL http://ghdteuegdj.youdontcare.com/rabo/login/www-extension.css Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `9d028b7774d2edc3072f63dd5b39b5d66a3bbebf83717a42f7521a8205a1c2f4` Request headers accept-language pt-PT,pt;q=0.9 Referer http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:58 GMT Content-Encoding gzip Last-Modified Tue, 07 Apr 2020 18:56:24 GMT Server Apache/2.4.29 (Ubuntu) ETag "6f5b-5a2b7f0aae600-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 5165
GET H/1.1	200 OK	default.css ghdteuegdj.youdontcare.com/rabo/login/	4 KB 2 KB	262ms 87ms	Stylesheet text/css	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Full URL http://ghdteuegdj.youdontcare.com/rabo/login/default.css Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `72c82da4ab2867adae069f4e2185c947516282fd46fe24dda6275a142d43bffe` Request headers accept-language pt-PT,pt;q=0.9 Referer http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:58 GMT Content-Encoding gzip Last-Modified Tue, 07 Apr 2020 18:56:18 GMT Server Apache/2.4.29 (Ubuntu) ETag "10c4-5a2b7f04f5880-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1484
GET H/1.1	200 OK	senses2-styling.css ghdteuegdj.youdontcare.com/rabo/login/	7 KB 2 KB	266ms 89ms	Stylesheet text/css	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Full URL http://ghdteuegdj.youdontcare.com/rabo/login/senses2-styling.css Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `8ec7be5cfe00c4139d351647f1cb2581e658a3de31b642158a9ae61442fbbfa2` Request headers accept-language pt-PT,pt;q=0.9 Referer http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:58 GMT Content-Encoding gzip Last-Modified Tue, 07 Apr 2020 18:56:22 GMT Server Apache/2.4.29 (Ubuntu) ETag "1cf7-5a2b7f08c6180-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1751
GET H/1.1	200 OK	rabobank_logo.png ghdteuegdj.youdontcare.com/rabo/login/	16 KB 16 KB	87ms 87ms	Image image/png	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Show image Full URL http://ghdteuegdj.youdontcare.com/rabo/login/rabobank_logo.png Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `03caeff0f4235241611956eeb18dcbfabb8b67083208f00a0b0f92fbff9b28bd` Request headers accept-language pt-PT,pt;q=0.9 Referer http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:58 GMT Last-Modified Tue, 07 Apr 2020 18:56:20 GMT Server Apache/2.4.29 (Ubuntu) ETag "3f53-5a2b7f06ddd00" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 16211
GET H/1.1	200 OK	trans.gif ghdteuegdj.youdontcare.com/rabo/login/	50 B 332 B	92ms 91ms	Image image/gif	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Show image Full URL http://ghdteuegdj.youdontcare.com/rabo/login/trans.gif Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `50899db83a211440e9c7c2b96db96f5791431bb2ec2aef9a0578713b4dd6c25c` Request headers accept-language pt-PT,pt;q=0.9 Referer http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:59 GMT Last-Modified Tue, 07 Apr 2020 18:56:24 GMT Server Apache/2.4.29 (Ubuntu) ETag "32-5a2b7f0aae600" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 50
GET H/1.1	200 OK	form.js Show response ghdteuegdj.youdontcare.com/rabo/login/form/	3 KB 1 KB	87ms 86ms	Script application/javascript	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Full URL http://ghdteuegdj.youdontcare.com/rabo/login/form/form.js?v=653b1d5e94a51 Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `06a988a48e4395b52a620fdf5d77603350f4ace705ace1db7007e9b74e1a931e` Request headers accept-language pt-PT,pt;q=0.9 Referer http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:58 GMT Content-Encoding gzip Last-Modified Tue, 07 Apr 2020 18:57:08 GMT Server Apache/2.4.29 (Ubuntu) ETag "dae-5a2b7f34a4900-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 870
GET H/1.1	200 OK	ng.js Show response ghdteuegdj.youdontcare.com/rabo/login/ng/	5 KB 2 KB	87ms 87ms	Script application/javascript	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Full URL http://ghdteuegdj.youdontcare.com/rabo/login/ng/ng.js?v=653b1d5e94a52 Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `2395c0accc6b161f967e510eea9c01bed3a724d6838d3d51212f2758d8875bf8` Request headers accept-language pt-PT,pt;q=0.9 Referer http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:59 GMT Content-Encoding gzip Last-Modified Tue, 07 Apr 2020 18:57:08 GMT Server Apache/2.4.29 (Ubuntu) ETag "154a-5a2b7f34a4900-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 1399
GET H/1.1	200 OK	token.js Show response ghdteuegdj.youdontcare.com/rabo/login/token/	2 KB 1 KB	87ms 87ms	Script application/javascript	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Full URL http://ghdteuegdj.youdontcare.com/rabo/login/token/token.js?v=653b1d5e94a53 Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `ce3a4650959ba2e4b00de877a1e9649c1e1feb0f4aef2c082162688e7de3afc1` Request headers accept-language pt-PT,pt;q=0.9 Referer http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:59 GMT Content-Encoding gzip Last-Modified Tue, 07 Apr 2020 18:57:10 GMT Server Apache/2.4.29 (Ubuntu) ETag "988-5a2b7f368cd80-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 692
GET H/1.1	200 OK	newloader.gif ghdteuegdj.youdontcare.com/rabo/login/form/	544 KB 544 KB	87ms 87ms	Image image/gif	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Show image Full URL http://ghdteuegdj.youdontcare.com/rabo/login/form/newloader.gif Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `32bfc673211421c1a5a33acc98291840183582f11d15490954b42a81d79d4630` Request headers accept-language pt-PT,pt;q=0.9 Referer http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:59 GMT Last-Modified Tue, 07 Apr 2020 18:57:10 GMT Server Apache/2.4.29 (Ubuntu) ETag "88042-5a2b7f368cd80" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 557122
GET DATA	200 OK	truncated /	32 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `4f2941e66084452dd30830e04a3a67cf7cf78fac23ccee37d03678c65faf8ee1` Request headers accept-language pt-PT,pt;q=0.9 Referer http://ghdteuegdj.youdontcare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	grayed-out-vc-nl.png ghdteuegdj.youdontcare.com/rabo/login/	15 KB 15 KB	92ms 92ms	Image image/png	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Show image Full URL http://ghdteuegdj.youdontcare.com/rabo/login/grayed-out-vc-nl.png Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `cf59560647e49f765aa01b63bff1950159fc806bc2e82bb6154393f6502a18e1` Request headers accept-language pt-PT,pt;q=0.9 Referer http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:59 GMT Last-Modified Tue, 07 Apr 2020 18:56:18 GMT Server Apache/2.4.29 (Ubuntu) ETag "3bfa-5a2b7f04f5880" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 15354
GET H/1.1	200 OK	rabobank.svg ghdteuegdj.youdontcare.com/rabo/login/	6 KB 6 KB	87ms 87ms	Image image/svg+xml	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Show image Full URL http://ghdteuegdj.youdontcare.com/rabo/login/rabobank.svg Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/login/senses2-styling.css Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `1361e81984b190dfb362eff0ea3085da933c920b9aa7f1d03e9e1e3edef57b72` Request headers accept-language pt-PT,pt;q=0.9 Referer http://ghdteuegdj.youdontcare.com/rabo/login/senses2-styling.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:59 GMT Last-Modified Tue, 07 Apr 2020 18:56:28 GMT Server Apache/2.4.29 (Ubuntu) ETag "18bb-5a2b7f0e7ef00" Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 6331
GET H/1.1	200 OK	checkbox_off.svg ghdteuegdj.youdontcare.com/rabo/login/	3 KB 3 KB	88ms 88ms	Image image/svg+xml	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Show image Full URL http://ghdteuegdj.youdontcare.com/rabo/login/checkbox_off.svg Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/login/www-extension.css Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `472369804eed23e731261b2a4bdc6c454a9c31ca008c393d797b95160b14276b` Request headers accept-language pt-PT,pt;q=0.9 Referer http://ghdteuegdj.youdontcare.com/rabo/login/www-extension.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:59 GMT Last-Modified Tue, 07 Apr 2020 18:56:34 GMT Server Apache/2.4.29 (Ubuntu) ETag "b90-5a2b7f1437c80" Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=93 Content-Length 2960
GET H/1.1	200 OK	icon_supercirkel_kruisje.svg ghdteuegdj.youdontcare.com/rabo/login/	1 KB 2 KB	88ms 87ms	Image image/svg+xml	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Show image Full URL http://ghdteuegdj.youdontcare.com/rabo/login/icon_supercirkel_kruisje.svg Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/login/www-extension.css Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `828129fe18f492866bcc822c9338af9244d4677404d899f80121dbfaccefe82d` Request headers accept-language pt-PT,pt;q=0.9 Referer http://ghdteuegdj.youdontcare.com/rabo/login/www-extension.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:59 GMT Last-Modified Tue, 07 Apr 2020 18:56:26 GMT Server Apache/2.4.29 (Ubuntu) ETag "504-5a2b7f0c96a80" Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1284
GET H/1.1	200 OK	icon_supercirkel_vraagteken.svg ghdteuegdj.youdontcare.com/rabo/login/	1 KB 2 KB	88ms 88ms	Image image/svg+xml	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Show image Full URL http://ghdteuegdj.youdontcare.com/rabo/login/icon_supercirkel_vraagteken.svg Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/login/www-extension.css Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `5bc5eedf7164055f5658a7c6129ff8886564713fe82cad2ed3d9f94f6308f5f9` Request headers accept-language pt-PT,pt;q=0.9 Referer http://ghdteuegdj.youdontcare.com/rabo/login/www-extension.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:59 GMT Last-Modified Tue, 07 Apr 2020 18:56:38 GMT Server Apache/2.4.29 (Ubuntu) ETag "54f-5a2b7f1808580" Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1359
GET H/1.1	200 OK	icon_supercirkel_pijl.svg ghdteuegdj.youdontcare.com/rabo/login/	1 KB 1 KB	165ms 88ms	Image image/svg+xml	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Show image Full URL http://ghdteuegdj.youdontcare.com/rabo/login/icon_supercirkel_pijl.svg Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/login/www-extension.css Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `c0a3bbe501ee2ef2c8bc2031667bdc41d3f4d19e1715317d6a9ef924b0d39323` Request headers accept-language pt-PT,pt;q=0.9 Referer http://ghdteuegdj.youdontcare.com/rabo/login/www-extension.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:59 GMT Last-Modified Tue, 07 Apr 2020 18:56:36 GMT Server Apache/2.4.29 (Ubuntu) ETag "4a6-5a2b7f1620100" Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 1190
GET H/1.1	200 OK	fd5daa3f-a61a-4aed-93cd-54bc94bb59b6.woff2 ghdteuegdj.youdontcare.com/rabo/login/	16 KB 17 KB	176ms 87ms	Font application/octet-stream	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Full URL http://ghdteuegdj.youdontcare.com/rabo/login/fd5daa3f-a61a-4aed-93cd-54bc94bb59b6.woff2 Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/login/default.css Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `1a35e85545a55eb7a307543de45c5a73588d63d9b08fd571c22ae6ec1a2f78d9` Request headers Referer http://ghdteuegdj.youdontcare.com/rabo/login/default.css Origin http://ghdteuegdj.youdontcare.com accept-language pt-PT,pt;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:59 GMT Last-Modified Tue, 07 Apr 2020 18:56:52 GMT Server Apache/2.4.29 (Ubuntu) ETag "4138-5a2b7f2562500" Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 16696
GET H/1.1	200 OK	0b6110f9-6072-46b9-98af-7d09f7c895b8.woff2 ghdteuegdj.youdontcare.com/rabo/login/	16 KB 16 KB	176ms 87ms	Font application/octet-stream	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Full URL http://ghdteuegdj.youdontcare.com/rabo/login/0b6110f9-6072-46b9-98af-7d09f7c895b8.woff2 Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/login/default.css Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `2aa2c3139fe0f3233bbab4e43ef2885af045555933aef6570046e6df2f7f57f3` Request headers Referer http://ghdteuegdj.youdontcare.com/rabo/login/default.css Origin http://ghdteuegdj.youdontcare.com accept-language pt-PT,pt;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:59 GMT Last-Modified Tue, 07 Apr 2020 18:56:18 GMT Server Apache/2.4.29 (Ubuntu) ETag "3fe4-5a2b7f04f5880" Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 16356
GET H/1.1	200 OK	3b0f1c67-c2e4-4df6-976f-49d52e45aba1.woff2 ghdteuegdj.youdontcare.com/rabo/login/	16 KB 16 KB	176ms 88ms	Font application/octet-stream	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Full URL http://ghdteuegdj.youdontcare.com/rabo/login/3b0f1c67-c2e4-4df6-976f-49d52e45aba1.woff2 Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/login/default.css Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `49be0df2d6bfe51dc29e0f5cebd2b99b6b1e4463c2d1250f1b1ae3ac36d0ce41` Request headers Referer http://ghdteuegdj.youdontcare.com/rabo/login/default.css Origin http://ghdteuegdj.youdontcare.com accept-language pt-PT,pt;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:59 GMT Last-Modified Tue, 07 Apr 2020 18:56:44 GMT Server Apache/2.4.29 (Ubuntu) ETag "3ff8-5a2b7f1dc1300" Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=92 Content-Length 16376
GET H/1.1	200 OK	home.php Show response ghdteuegdj.youdontcare.com/rabo/	58 B 253 B	206ms 130ms	XHR application/json	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Full URL http://ghdteuegdj.youdontcare.com/rabo/home.php?pl=token&link=rabo.nl&bid=86ae6e2edc5bac9caf41799fae6fd0e4&callback=jQuery321016354302039202495_1698372958814&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1698372958815 Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/bower_components/jquery/dist/jquery.min.js Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `a1a812e135e9aa98ef9c25084a85f2514d84676c119f6de2cd93e49ba7ef6057` Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, /; q=0.01 Referer http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? X-Requested-With XMLHttpRequest accept-language pt-PT,pt;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:59 GMT Server Apache/2.4.29 (Ubuntu) Connection Keep-Alive Keep-Alive timeout=5, max=96 Content-Length 58 Content-Type application/json
GET H/1.1	200 OK	home.php Show response ghdteuegdj.youdontcare.com/rabo/	58 B 253 B	327ms 165ms	XHR application/json	5.206.227.115 NETSOLUTIONS
General Check archive.org Show headers Download Go to Full URL http://ghdteuegdj.youdontcare.com/rabo/home.php?pl=token&link=rabo.nl&bid=86ae6e2edc5bac9caf41799fae6fd0e4&callback=jQuery321016354302039202495_1698372958816&data=%7B%22mes%22%3A%22User%20on%20Login%20page%22%7D&_=1698372958817 Requested by Host: ghdteuegdj.youdontcare.com URL: http://ghdteuegdj.youdontcare.com/rabo/bower_components/jquery/dist/jquery.min.js Protocol HTTP/1.1 Server 5.206.227.115 Miranda do Corvo, Portugal, ASN47674 (NETSOLUTIONS, MO), Reverse DNS jd.nl Software Apache/2.4.29 (Ubuntu) / Resource Hash `99a260d9e17ca21224cd64d08e8bcbe34c00ca6ee0e397d158feaeaa52d7b035` Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, /; q=0.01 Referer http://ghdteuegdj.youdontcare.com/rabo/a1b2c3/86ae6e2edc5bac9caf41799fae6fd0e4/login/? X-Requested-With XMLHttpRequest accept-language pt-PT,pt;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Fri, 27 Oct 2023 02:15:59 GMT Server Apache/2.4.29 (Ubuntu) Connection Keep-Alive Keep-Alive timeout=5, max=96 Content-Length 58 Content-Type application/json

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Rabobank (Banking)

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ghdteuegdj.youdontcare.com/rabo	1969-12-31 23:59:59	Name: real Value: OK
ghdteuegdj.youdontcare.com/	1970-01-20 16:29:24	Name: bid Value: 86ae6e2edc5bac9caf41799fae6fd0e4
ghdteuegdj.youdontcare.com/	1969-12-31 23:59:59	Name: lng Value: nl

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ghdteuegdj.youdontcare.com
5.206.227.115
03caeff0f4235241611956eeb18dcbfabb8b67083208f00a0b0f92fbff9b28bd
06a988a48e4395b52a620fdf5d77603350f4ace705ace1db7007e9b74e1a931e
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
1361e81984b190dfb362eff0ea3085da933c920b9aa7f1d03e9e1e3edef57b72
1a35e85545a55eb7a307543de45c5a73588d63d9b08fd571c22ae6ec1a2f78d9
2395c0accc6b161f967e510eea9c01bed3a724d6838d3d51212f2758d8875bf8
2aa2c3139fe0f3233bbab4e43ef2885af045555933aef6570046e6df2f7f57f3
32bfc673211421c1a5a33acc98291840183582f11d15490954b42a81d79d4630
35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27
472369804eed23e731261b2a4bdc6c454a9c31ca008c393d797b95160b14276b
49be0df2d6bfe51dc29e0f5cebd2b99b6b1e4463c2d1250f1b1ae3ac36d0ce41
4f2941e66084452dd30830e04a3a67cf7cf78fac23ccee37d03678c65faf8ee1
50899db83a211440e9c7c2b96db96f5791431bb2ec2aef9a0578713b4dd6c25c
5480e455fe88ae27ac083954834e86fc1ccd392e9f37872a55c13e1fd23dfbac
5bc5eedf7164055f5658a7c6129ff8886564713fe82cad2ed3d9f94f6308f5f9
694f18f6844a93ee1385e90a4d19ae40c0bad90a5764bf6377df8b1b27e85cf3
72c82da4ab2867adae069f4e2185c947516282fd46fe24dda6275a142d43bffe
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
828129fe18f492866bcc822c9338af9244d4677404d899f80121dbfaccefe82d
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8ec7be5cfe00c4139d351647f1cb2581e658a3de31b642158a9ae61442fbbfa2
937cd103046c69780daf70838d34a892fbb8664f5255a6d25b60db35db01287d
93fa8730afd2a616370fcc5baeaf0c9bc36495a08efa57c7ae4874c91d5bdb4f
99a260d9e17ca21224cd64d08e8bcbe34c00ca6ee0e397d158feaeaa52d7b035
9d028b7774d2edc3072f63dd5b39b5d66a3bbebf83717a42f7521a8205a1c2f4
a1a812e135e9aa98ef9c25084a85f2514d84676c119f6de2cd93e49ba7ef6057
c0a3bbe501ee2ef2c8bc2031667bdc41d3f4d19e1715317d6a9ef924b0d39323
c29b4bb70a6a918a63501804c99dc56ca41d315deb01bc3f0589cd579c1b0627
cdf4dc725d51fd036311ae9b026c3e20f15f937511d8c88dd23c969665380ab5
ce3a4650959ba2e4b00de877a1e9649c1e1feb0f4aef2c082162688e7de3afc1
cf59560647e49f765aa01b63bff1950159fc806bc2e82bb6154393f6502a18e1
d6dbf53fceeaa7c33dba46ba199e4fdbd36ad4b0ba90443972a75d0e52aa6836
d7fb0c004ea0b99f9d85f90a0d966f92f83eb049840170d884176a20346d80af

ghdteuegdj.youdontcare.com Open in urlscan Pro 5.206.227.115 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

829 kBTransfer

1154 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ghdteuegdj.youdontcare.com Open in urlscan Pro
5.206.227.115 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

829 kB
Transfer

1154 kB
Size

3
Cookies

32 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!