ghftr.pages.dev Open in urlscan Pro
2a06:98c1:3120::3  Malicious Activity! Public Scan

URL: https://ghftr.pages.dev/
Submission: On November 14 via manual from PT — Scanned from NL

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 29 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is ghftr.pages.dev.
TLS certificate: Issued by E1 on November 12th 2022. Valid for: 3 months.
This is the only time ghftr.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: State Bank of India (Banking)

Domain & IP information

IP Address AS Autonomous System
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
18 41 2405:a700:14:... 45644 (SBI-EMS-N...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 54.38.211.230 16276 (OVH)
29 4
Apex Domain
Subdomains
Transfer
23 onlinesbi.sbi
retail.onlinesbi.sbi — Cisco Umbrella Rank: 191928
356 KB
18 onlinesbi.com
retail.onlinesbi.com
2 KB
3 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2222
35 KB
2 pages.dev
ghftr.pages.dev
76 KB
1 page-source.com
cdn.page-source.com — Cisco Umbrella Rank: 283729
143 B
29 5
Domain Requested by
23 retail.onlinesbi.sbi ghftr.pages.dev
retail.onlinesbi.sbi
18 retail.onlinesbi.com 18 redirects
3 stackpath.bootstrapcdn.com ghftr.pages.dev
2 ghftr.pages.dev ghftr.pages.dev
1 cdn.page-source.com
29 5

This site contains links to these domains. Also see Links.

Domain
www.sbi.co.in
homeloans.sbi
retail.onlinesbi.com
crcf.sbi.co.in
Subject Issuer Validity Valid
*.ghftr.pages.dev
E1
2022-11-12 -
2023-02-10
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-01-29 -
2023-01-29
a year crt.sh
retail.onlinesbi.sbi
DigiCert EV RSA CA G2
2022-06-29 -
2023-07-30
a year crt.sh
*.page-source.com
Sectigo RSA Domain Validation Secure Server CA
2022-01-09 -
2023-02-09
a year crt.sh

This page contains 1 frames:

Primary Page: https://ghftr.pages.dev/
Frame ID: 522329E58667E8F2CBE9AE83F8D37C03
Requests: 29 HTTP requests in this frame

Screenshot

Page Title

State Bank of India - Personal BankingState Bank of India

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

38 %
HTTPS

75 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

467 kB
Transfer

923 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://retail.onlinesbi.com/sbijava/retail/css/bootstrap.min-3.4.1.css HTTP 307
  • https://retail.onlinesbi.sbi/sbijava/retail/css/bootstrap.min-3.4.1.css
Request Chain 4
  • https://retail.onlinesbi.com/sbijava/retail/css/phishing_login_lang.css HTTP 307
  • https://retail.onlinesbi.sbi/sbijava/retail/css/phishing_login_lang.css
Request Chain 5
  • https://retail.onlinesbi.com/sbijava/retail/js/common/jquery-3.5.1.min.js HTTP 307
  • https://retail.onlinesbi.sbi/sbijava/retail/js/common/jquery-3.5.1.min.js
Request Chain 6
  • https://retail.onlinesbi.com/sbijava/retail/js/common/bootstrap.min-3.4.1.js HTTP 307
  • https://retail.onlinesbi.sbi/sbijava/retail/js/common/bootstrap.min-3.4.1.js
Request Chain 7
  • https://retail.onlinesbi.com/sbijava/retail/js/common/common_virtual.js HTTP 307
  • https://retail.onlinesbi.sbi/sbijava/retail/js/common/common_virtual.js
Request Chain 8
  • https://retail.onlinesbi.com/sbijava/retail/js/virtualkb_login.js HTTP 307
  • https://retail.onlinesbi.sbi/sbijava/retail/js/virtualkb_login.js
Request Chain 9
  • https://retail.onlinesbi.com/sbijava/retail/js/common/jquery.vticker.min.js HTTP 307
  • https://retail.onlinesbi.sbi/sbijava/retail/js/common/jquery.vticker.min.js
Request Chain 10
  • https://retail.onlinesbi.com/sbijava/retail/js/loginTrouble_5034_security.js HTTP 307
  • https://retail.onlinesbi.sbi/sbijava/retail/js/loginTrouble_5034_security.js
Request Chain 11
  • https://retail.onlinesbi.com/sbijava/retail/js/md5_5034.js HTTP 307
  • https://retail.onlinesbi.sbi/sbijava/retail/js/md5_5034.js
Request Chain 12
  • https://retail.onlinesbi.com/sbijava/retail/js/sha512.js HTTP 307
  • https://retail.onlinesbi.sbi/sbijava/retail/js/sha512.js
Request Chain 13
  • https://retail.onlinesbi.com/sbijava/retail/js/profile_sha10092020.js HTTP 307
  • https://retail.onlinesbi.sbi/sbijava/retail/js/profile_sha10092020.js
Request Chain 14
  • https://retail.onlinesbi.com/sbijava/retail/js/common.js HTTP 307
  • https://retail.onlinesbi.sbi/sbijava/retail/js/common.js
Request Chain 15
  • https://retail.onlinesbi.com/sbijava/retail/js/profile_sha_gc3_sec_260819.js HTTP 307
  • https://retail.onlinesbi.sbi/sbijava/retail/js/profile_sha_gc3_sec_260819.js
Request Chain 16
  • https://retail.onlinesbi.com/sbijava/retail/images/HomeLoanButton.png HTTP 307
  • https://retail.onlinesbi.sbi/sbijava/retail/images/HomeLoanButton.png
Request Chain 17
  • https://retail.onlinesbi.com/sbijava/retail/images/personal_banner.jpg HTTP 307
  • https://retail.onlinesbi.sbi/sbijava/retail/images/personal_banner.jpg
Request Chain 18
  • https://retail.onlinesbi.com/sbijava/retail/images/veriSign_logo.png HTTP 307
  • https://retail.onlinesbi.sbi/sbijava/retail/images/veriSign_logo.png
Request Chain 19
  • https://retail.onlinesbi.com/sbijava/retail/images/netbanking_img.png HTTP 307
  • https://retail.onlinesbi.sbi/sbijava/retail/images/netbanking_img.png
Request Chain 26
  • https://retail.onlinesbi.com/retail/simpleCaptchaServ?1668421452548 HTTP 307
  • https://retail.onlinesbi.sbi/retail/simpleCaptchaServ

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ghftr.pages.dev/
61 KB
15 KB
Document
General
Full URL
https://ghftr.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb3fbbdf55c9402fa2c52e6111029c2716164196bb0795d7c94dbd6af4648bd6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
769f0929a8d4bbf2-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 14 Nov 2022 10:24:09 GMT
etag
W/"756a0ce7e39f2a3c208fddd3301faa7f"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ViMgvT03E2vPB%2F3F9JSUBUdcLJWkiPT0jceNWpAjai5mCtHdxuCmj3W%2BfJ4RHaU7s1yyas2drdWzo%2Be%2B1DxNxgIvMQfxNWTrJ902X0vWGVDm%2B1JKQGV9rjvNWsPunFuZ1IQkGfzVS0RG3MmYyAw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
bootstrap.min-3.4.1.css
retail.onlinesbi.sbi/sbijava/retail/css/
Redirect Chain
  • https://retail.onlinesbi.com/sbijava/retail/css/bootstrap.min-3.4.1.css
  • https://retail.onlinesbi.sbi/sbijava/retail/css/bootstrap.min-3.4.1.css
119 KB
24 KB
Stylesheet
General
Full URL
https://retail.onlinesbi.sbi/sbijava/retail/css/bootstrap.min-3.4.1.css
Requested by
Host: ghftr.pages.dev
URL: https://ghftr.pages.dev/
Protocol
HTTP/1.1
Server
2405:a700:14:12c::148 , India, ASN45644 (SBI-EMS-NET-IN IT-Networking Department, IN),
Reverse DNS
Software
/
Resource Hash
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ghftr.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 14 Nov 2022 10:24:11 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Content-Encoding
gzip
Transfer-Encoding
chunked
Server-Timing
dtSInfo;desc="1"
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 21 Jan 2020 05:32:16 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
no-cache, must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Expires
0

Redirect headers

Location
https://retail.onlinesbi.sbi/sbijava/retail/css/bootstrap.min-3.4.1.css
Content-Length
0
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/
119 KB
20 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css
Requested by
Host: ghftr.pages.dev
URL: https://ghftr.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ghftr.pages.dev/
Origin
https://ghftr.pages.dev
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 10:24:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
cdn-edgestorageid
1047
cdn-cachedat
11/11/2022 02:15:05
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"7f89537eaf606bff49f5cc1a7c24dbca"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
c0b4c527f51b1d1314f55324e578cff8
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
769f092c9a849bf2-FRA
cdn-requestpullsuccess
True
bootstrap-theme.min.css
stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/
23 KB
3 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap-theme.min.css
Requested by
Host: ghftr.pages.dev
URL: https://ghftr.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2e1cc227d6bbb4192e4a3becdfed971c7fc530d76200e43add11c98cb962c53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ghftr.pages.dev/
Origin
https://ghftr.pages.dev
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 10:24:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
cdn-edgestorageid
752
cdn-cachedat
08/20/2022 02:53:06
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"2010fa9fb07541adc78a1ec0a8a4fbbf"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
fb730da06b0bd58cba1abf197276480f
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
769f092c9a869bf2-FRA
cdn-requestpullsuccess
True
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/3.4.1/js/
39 KB
11 KB
Script
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js
Requested by
Host: ghftr.pages.dev
URL: https://ghftr.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ghftr.pages.dev/
Origin
https://ghftr.pages.dev
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 10:24:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
cdn-edgestorageid
722
cdn-cachedat
08/20/2022 02:31:33
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"2f34b630ffe30ba2ff2b91e3f3c322a1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
7848a5e7cf868d7dc3b7e3af9cbf932e
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
769f092c9a899bf2-FRA
cdn-requestpullsuccess
True
phishing_login_lang.css
retail.onlinesbi.sbi/sbijava/retail/css/
Redirect Chain
  • https://retail.onlinesbi.com/sbijava/retail/css/phishing_login_lang.css
  • https://retail.onlinesbi.sbi/sbijava/retail/css/phishing_login_lang.css
19 KB
8 KB
Stylesheet
General
Full URL
https://retail.onlinesbi.sbi/sbijava/retail/css/phishing_login_lang.css
Requested by
Host: ghftr.pages.dev
URL: https://ghftr.pages.dev/
Protocol
HTTP/1.1
Server
2405:a700:14:12c::148 , India, ASN45644 (SBI-EMS-NET-IN IT-Networking Department, IN),
Reverse DNS
Software
/
Resource Hash
5f974ff4b61f90d3c1d41ee67da06c44e2b209d5b1402ac89990680ecf24c7a5
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ghftr.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 14 Nov 2022 10:24:11 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Content-Encoding
gzip
Transfer-Encoding
chunked
Server-Timing
dtSInfo;desc="1"
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 05 Mar 2020 11:35:38 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
no-cache, must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Expires
0

Redirect headers

Location
https://retail.onlinesbi.sbi/sbijava/retail/css/phishing_login_lang.css
Content-Length
0
jquery-3.5.1.min.js
retail.onlinesbi.sbi/sbijava/retail/js/common/
Redirect Chain
  • https://retail.onlinesbi.com/sbijava/retail/js/common/jquery-3.5.1.min.js
  • https://retail.onlinesbi.sbi/sbijava/retail/js/common/jquery-3.5.1.min.js
87 KB
35 KB
Script
General
Full URL
https://retail.onlinesbi.sbi/sbijava/retail/js/common/jquery-3.5.1.min.js
Requested by
Host: ghftr.pages.dev
URL: https://ghftr.pages.dev/
Protocol
HTTP/1.1
Server
2405:a700:14:12c::148 , India, ASN45644 (SBI-EMS-NET-IN IT-Networking Department, IN),
Reverse DNS
Software
/
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ghftr.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 14 Nov 2022 10:24:11 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Content-Encoding
gzip
Transfer-Encoding
chunked
Server-Timing
dtSInfo;desc="1"
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 09 Feb 2021 08:49:01 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Cache-Control
no-cache, must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Expires
0

Redirect headers

Location
https://retail.onlinesbi.sbi/sbijava/retail/js/common/jquery-3.5.1.min.js
Content-Length
0
bootstrap.min-3.4.1.js
retail.onlinesbi.sbi/sbijava/retail/js/common/
Redirect Chain
  • https://retail.onlinesbi.com/sbijava/retail/js/common/bootstrap.min-3.4.1.js
  • https://retail.onlinesbi.sbi/sbijava/retail/js/common/bootstrap.min-3.4.1.js
39 KB
13 KB
Script
General
Full URL
https://retail.onlinesbi.sbi/sbijava/retail/js/common/bootstrap.min-3.4.1.js
Requested by
Host: ghftr.pages.dev
URL: https://ghftr.pages.dev/
Protocol
HTTP/1.1
Server
2405:a700:14:12c::148 , India, ASN45644 (SBI-EMS-NET-IN IT-Networking Department, IN),
Reverse DNS
Software
/
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ghftr.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 14 Nov 2022 10:24:11 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Content-Encoding
gzip
Transfer-Encoding
chunked
Server-Timing
dtSInfo;desc="1"
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 21 Jan 2020 05:31:58 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Cache-Control
no-cache, must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Expires
0

Redirect headers

Location
https://retail.onlinesbi.sbi/sbijava/retail/js/common/bootstrap.min-3.4.1.js
Content-Length
0
common_virtual.js
retail.onlinesbi.sbi/sbijava/retail/js/common/
Redirect Chain
  • https://retail.onlinesbi.com/sbijava/retail/js/common/common_virtual.js
  • https://retail.onlinesbi.sbi/sbijava/retail/js/common/common_virtual.js
21 KB
7 KB
Script
General
Full URL
https://retail.onlinesbi.sbi/sbijava/retail/js/common/common_virtual.js
Requested by
Host: ghftr.pages.dev
URL: https://ghftr.pages.dev/
Protocol
HTTP/1.1
Server
2405:a700:14:12c::148 , India, ASN45644 (SBI-EMS-NET-IN IT-Networking Department, IN),
Reverse DNS
Software
/
Resource Hash
0291e1e05611151da9457d0a23058d8252e291290b128595633279f708a1699d
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ghftr.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 14 Nov 2022 10:24:11 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Content-Encoding
gzip
Transfer-Encoding
chunked
Server-Timing
dtSInfo;desc="1"
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 12 Jun 2017 07:35:18 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Cache-Control
no-cache, must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Expires
0

Redirect headers

Location
https://retail.onlinesbi.sbi/sbijava/retail/js/common/common_virtual.js
Content-Length
0
virtualkb_login.js
retail.onlinesbi.sbi/sbijava/retail/js/
Redirect Chain
  • https://retail.onlinesbi.com/sbijava/retail/js/virtualkb_login.js
  • https://retail.onlinesbi.sbi/sbijava/retail/js/virtualkb_login.js
7 KB
8 KB
Script
General
Full URL
https://retail.onlinesbi.sbi/sbijava/retail/js/virtualkb_login.js
Requested by
Host: ghftr.pages.dev
URL: https://ghftr.pages.dev/
Protocol
HTTP/1.1
Server
2405:a700:14:12c::148 , India, ASN45644 (SBI-EMS-NET-IN IT-Networking Department, IN),
Reverse DNS
Software
/
Resource Hash
b28b184bb6ff20f6db190b2186dbc13acf303ff8179da3b711dff366fdcab263
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ghftr.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 14 Nov 2022 10:24:11 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Server-Timing
dtSInfo;desc="1"
Connection
Keep-Alive
Content-Length
6762
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Fri, 22 Jul 2022 09:53:22 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Cache-Control
no-cache, must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Expires
0

Redirect headers

Location
https://retail.onlinesbi.sbi/sbijava/retail/js/virtualkb_login.js
Content-Length
0
jquery.vticker.min.js
retail.onlinesbi.sbi/sbijava/retail/js/common/
Redirect Chain
  • https://retail.onlinesbi.com/sbijava/retail/js/common/jquery.vticker.min.js
  • https://retail.onlinesbi.sbi/sbijava/retail/js/common/jquery.vticker.min.js
2 KB
3 KB
Script
General
Full URL
https://retail.onlinesbi.sbi/sbijava/retail/js/common/jquery.vticker.min.js
Requested by
Host: ghftr.pages.dev
URL: https://ghftr.pages.dev/
Protocol
HTTP/1.1
Server
2405:a700:14:12c::148 , India, ASN45644 (SBI-EMS-NET-IN IT-Networking Department, IN),
Reverse DNS
Software
/
Resource Hash
3b29a6a9164359e6b62430255b62d2adfcfa77f2153a3aedb8ed619f5cd8a046
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ghftr.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 14 Nov 2022 10:24:11 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Server-Timing
dtSInfo;desc="1"
Connection
Keep-Alive
Content-Length
1776
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 14 Jun 2017 07:42:00 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Cache-Control
no-cache, must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Expires
0

Redirect headers

Location
https://retail.onlinesbi.sbi/sbijava/retail/js/common/jquery.vticker.min.js
Content-Length
0
loginTrouble_5034_security.js
retail.onlinesbi.sbi/sbijava/retail/js/
Redirect Chain
  • https://retail.onlinesbi.com/sbijava/retail/js/loginTrouble_5034_security.js
  • https://retail.onlinesbi.sbi/sbijava/retail/js/loginTrouble_5034_security.js
5 KB
7 KB
Script
General
Full URL
https://retail.onlinesbi.sbi/sbijava/retail/js/loginTrouble_5034_security.js
Requested by
Host: ghftr.pages.dev
URL: https://ghftr.pages.dev/
Protocol
HTTP/1.1
Server
2405:a700:14:12c::148 , India, ASN45644 (SBI-EMS-NET-IN IT-Networking Department, IN),
Reverse DNS
Software
/
Resource Hash
6fa07d8475d14e8182dda2d241e906a02fcdf9e552b9b73e87135104236f8c19
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ghftr.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 14 Nov 2022 10:24:11 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Server-Timing
dtSInfo;desc="1"
Connection
Keep-Alive
Content-Length
5006
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Fri, 23 Jun 2017 11:56:07 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Cache-Control
no-cache, must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=99
Expires
0

Redirect headers

Location
https://retail.onlinesbi.sbi/sbijava/retail/js/loginTrouble_5034_security.js
Content-Length
0
md5_5034.js
retail.onlinesbi.sbi/sbijava/retail/js/
Redirect Chain
  • https://retail.onlinesbi.com/sbijava/retail/js/md5_5034.js
  • https://retail.onlinesbi.sbi/sbijava/retail/js/md5_5034.js
7 KB
9 KB
Script
General
Full URL
https://retail.onlinesbi.sbi/sbijava/retail/js/md5_5034.js
Requested by
Host: ghftr.pages.dev
URL: https://ghftr.pages.dev/
Protocol
HTTP/1.1
Server
2405:a700:14:12c::148 , India, ASN45644 (SBI-EMS-NET-IN IT-Networking Department, IN),
Reverse DNS
Software
/
Resource Hash
2d58105906529c5e7d37d81d7f10e9fd044df4a2f6ff31411f598c8d7505ce3f
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ghftr.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 14 Nov 2022 10:24:11 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Server-Timing
dtSInfo;desc="1"
Connection
Keep-Alive
Content-Length
7414
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 05 Aug 2014 14:41:23 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Cache-Control
no-cache, must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=99
Expires
0

Redirect headers

Location
https://retail.onlinesbi.sbi/sbijava/retail/js/md5_5034.js
Content-Length
0
sha512.js
retail.onlinesbi.sbi/sbijava/retail/js/
Redirect Chain
  • https://retail.onlinesbi.com/sbijava/retail/js/sha512.js
  • https://retail.onlinesbi.sbi/sbijava/retail/js/sha512.js
12 KB
7 KB
Script
General
Full URL
https://retail.onlinesbi.sbi/sbijava/retail/js/sha512.js
Requested by
Host: ghftr.pages.dev
URL: https://ghftr.pages.dev/
Protocol
HTTP/1.1
Server
2405:a700:14:12c::148 , India, ASN45644 (SBI-EMS-NET-IN IT-Networking Department, IN),
Reverse DNS
Software
/
Resource Hash
46f61472da2ecf768076b0c23f2a888499c09b577315bce0b62798ce145af53d
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ghftr.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 14 Nov 2022 10:24:11 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Content-Encoding
gzip
Transfer-Encoding
chunked
Server-Timing
dtSInfo;desc="1"
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Sun, 19 Apr 2015 04:20:49 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Cache-Control
no-cache, must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=99
Expires
0

Redirect headers

Location
https://retail.onlinesbi.sbi/sbijava/retail/js/sha512.js
Content-Length
0
profile_sha10092020.js
retail.onlinesbi.sbi/sbijava/retail/js/
Redirect Chain
  • https://retail.onlinesbi.com/sbijava/retail/js/profile_sha10092020.js
  • https://retail.onlinesbi.sbi/sbijava/retail/js/profile_sha10092020.js
10 KB
12 KB
Script
General
Full URL
https://retail.onlinesbi.sbi/sbijava/retail/js/profile_sha10092020.js
Requested by
Host: ghftr.pages.dev
URL: https://ghftr.pages.dev/
Protocol
HTTP/1.1
Server
2405:a700:14:12c::148 , India, ASN45644 (SBI-EMS-NET-IN IT-Networking Department, IN),
Reverse DNS
Software
/
Resource Hash
67f10b9c066365803c648f8640b4d1d99d39861738c928d35bfc805f81ed3b3c
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ghftr.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 14 Nov 2022 10:24:12 GMT
Referrer-Policy
strict-origin-when-cross-origin
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Last-Modified
Tue, 25 Aug 2020 15:50:40 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Cache-Control
no-cache, must-revalidate
Server-Timing
dtSInfo;desc="1"
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
10110
X-XSS-Protection
1; mode=block
Connection
Keep-Alive

Redirect headers

Location
https://retail.onlinesbi.sbi/sbijava/retail/js/profile_sha10092020.js
Content-Length
0
common.js
retail.onlinesbi.sbi/sbijava/retail/js/
Redirect Chain
  • https://retail.onlinesbi.com/sbijava/retail/js/common.js
  • https://retail.onlinesbi.sbi/sbijava/retail/js/common.js
22 KB
8 KB
Script
General
Full URL
https://retail.onlinesbi.sbi/sbijava/retail/js/common.js
Requested by
Host: ghftr.pages.dev
URL: https://ghftr.pages.dev/
Protocol
HTTP/1.1
Server
2405:a700:14:12c::148 , India, ASN45644 (SBI-EMS-NET-IN IT-Networking Department, IN),
Reverse DNS
Software
/
Resource Hash
e5f635d9e1357f36d0d735fc4d52faf10c86bb4689949b496055b0495503e251
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ghftr.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 14 Nov 2022 10:24:11 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Content-Encoding
gzip
Transfer-Encoding
chunked
Server-Timing
dtSInfo;desc="1"
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Fri, 05 Jan 2018 06:36:18 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Cache-Control
no-cache, must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Expires
0

Redirect headers

Location
https://retail.onlinesbi.sbi/sbijava/retail/js/common.js
Content-Length
0
profile_sha_gc3_sec_260819.js
retail.onlinesbi.sbi/sbijava/retail/js/
Redirect Chain
  • https://retail.onlinesbi.com/sbijava/retail/js/profile_sha_gc3_sec_260819.js
  • https://retail.onlinesbi.sbi/sbijava/retail/js/profile_sha_gc3_sec_260819.js
13 KB
4 KB
Script
General
Full URL
https://retail.onlinesbi.sbi/sbijava/retail/js/profile_sha_gc3_sec_260819.js
Requested by
Host: ghftr.pages.dev
URL: https://ghftr.pages.dev/
Protocol
HTTP/1.1
Server
2405:a700:14:12c::148 , India, ASN45644 (SBI-EMS-NET-IN IT-Networking Department, IN),
Reverse DNS
Software
/
Resource Hash
2d2be3dbc9161fda2a81cef257a67af39f29ab4f8a09d65569ccbe3f141b566e
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ghftr.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 14 Nov 2022 10:24:11 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Content-Encoding
gzip
Transfer-Encoding
chunked
Server-Timing
dtSInfo;desc="1"
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 26 Aug 2019 13:21:24 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Cache-Control
no-cache, must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Expires
0

Redirect headers

Location
https://retail.onlinesbi.sbi/sbijava/retail/js/profile_sha_gc3_sec_260819.js
Content-Length
0
HomeLoanButton.png
retail.onlinesbi.sbi/sbijava/retail/images/
Redirect Chain
  • https://retail.onlinesbi.com/sbijava/retail/images/HomeLoanButton.png
  • https://retail.onlinesbi.sbi/sbijava/retail/images/HomeLoanButton.png
20 KB
8 KB
Image
General
Full URL
https://retail.onlinesbi.sbi/sbijava/retail/images/HomeLoanButton.png
Requested by
Host: ghftr.pages.dev
URL: https://ghftr.pages.dev/
Protocol
HTTP/1.1
Server
2405:a700:14:12c::148 , India, ASN45644 (SBI-EMS-NET-IN IT-Networking Department, IN),
Reverse DNS
Software
/
Resource Hash
a628590db5c4eece8db60001a7d58a58d866c37fdcf048aa129dac4722033606
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ghftr.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 10:24:12 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 22 May 2018 09:13:22 GMT
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Content-Encoding
gzip
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
image/png
Server-Timing
dtSInfo;desc="1"
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
X-XSS-Protection
1; mode=block
Connection
Keep-Alive

Redirect headers

Location
https://retail.onlinesbi.sbi/sbijava/retail/images/HomeLoanButton.png
Content-Length
0
personal_banner.jpg
retail.onlinesbi.sbi/sbijava/retail/images/
Redirect Chain
  • https://retail.onlinesbi.com/sbijava/retail/images/personal_banner.jpg
  • https://retail.onlinesbi.sbi/sbijava/retail/images/personal_banner.jpg
74 KB
67 KB
Image
General
Full URL
https://retail.onlinesbi.sbi/sbijava/retail/images/personal_banner.jpg
Requested by
Host: ghftr.pages.dev
URL: https://ghftr.pages.dev/
Protocol
HTTP/1.1
Server
2405:a700:14:12c::148 , India, ASN45644 (SBI-EMS-NET-IN IT-Networking Department, IN),
Reverse DNS
Software
/
Resource Hash
0c37ce37550aacf3097f908793a152f355c492f50581fee55699e940b0c21008
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ghftr.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 14 Nov 2022 10:24:13 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Content-Encoding
gzip
Transfer-Encoding
chunked
Server-Timing
dtSInfo;desc="1"
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 29 Jun 2017 05:14:52 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
no-cache, must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Expires
0

Redirect headers

Location
https://retail.onlinesbi.sbi/sbijava/retail/images/personal_banner.jpg
Content-Length
0
veriSign_logo.png
retail.onlinesbi.sbi/sbijava/retail/images/
Redirect Chain
  • https://retail.onlinesbi.com/sbijava/retail/images/veriSign_logo.png
  • https://retail.onlinesbi.sbi/sbijava/retail/images/veriSign_logo.png
2 KB
4 KB
Image
General
Full URL
https://retail.onlinesbi.sbi/sbijava/retail/images/veriSign_logo.png
Requested by
Host: ghftr.pages.dev
URL: https://ghftr.pages.dev/
Protocol
HTTP/1.1
Server
2405:a700:14:12c::148 , India, ASN45644 (SBI-EMS-NET-IN IT-Networking Department, IN),
Reverse DNS
Software
/
Resource Hash
9e6f202ec2e66324d37eab78a4884fc70375db0497f9ae00d87ab21a982a1288
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ghftr.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 14 Nov 2022 10:24:13 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Server-Timing
dtSInfo;desc="1"
Connection
Keep-Alive
Content-Length
2228
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Fri, 05 May 2017 10:43:38 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
no-cache, must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Expires
0

Redirect headers

Location
https://retail.onlinesbi.sbi/sbijava/retail/images/veriSign_logo.png
Content-Length
0
netbanking_img.png
retail.onlinesbi.sbi/sbijava/retail/images/
Redirect Chain
  • https://retail.onlinesbi.com/sbijava/retail/images/netbanking_img.png
  • https://retail.onlinesbi.sbi/sbijava/retail/images/netbanking_img.png
78 KB
80 KB
Image
General
Full URL
https://retail.onlinesbi.sbi/sbijava/retail/images/netbanking_img.png
Requested by
Host: ghftr.pages.dev
URL: https://ghftr.pages.dev/
Protocol
HTTP/1.1
Server
2405:a700:14:12c::148 , India, ASN45644 (SBI-EMS-NET-IN IT-Networking Department, IN),
Reverse DNS
Software
/
Resource Hash
029b23e41ef448a89ae5a11f57f82981fd39bc1f041f2efd59ce7b04a847d314
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ghftr.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 10:24:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Fri, 09 Jun 2017 13:00:12 GMT
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Content-Encoding
gzip
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
image/png
Server-Timing
dtSInfo;desc="1"
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
X-XSS-Protection
1; mode=block
Connection
Keep-Alive

Redirect headers

Location
https://retail.onlinesbi.sbi/sbijava/retail/images/netbanking_img.png
Content-Length
0
logo_sprite.png
retail.onlinesbi.sbi/sbijava/retail/images/
38 KB
26 KB
Image
General
Full URL
https://retail.onlinesbi.sbi/sbijava/retail/images/logo_sprite.png
Requested by
Host: retail.onlinesbi.sbi
URL: https://retail.onlinesbi.sbi/sbijava/retail/css/phishing_login_lang.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2405:a700:14:12c::148 , India, ASN45644 (SBI-EMS-NET-IN IT-Networking Department, IN),
Reverse DNS
Software
/
Resource Hash
894c7dd5b82eb62abe7578e84bb55a8bddd064761dfa1941e142ead5172b4355
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retail.onlinesbi.sbi/sbijava/retail/css/phishing_login_lang.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 14 Nov 2022 10:24:12 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Content-Encoding
gzip
Transfer-Encoding
chunked
Server-Timing
dtSInfo;desc="1"
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 29 Jun 2017 04:56:16 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
no-cache, must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
footer_separator.png
retail.onlinesbi.sbi/sbijava/retail/images/
1 KB
3 KB
Image
General
Full URL
https://retail.onlinesbi.sbi/sbijava/retail/images/footer_separator.png
Requested by
Host: retail.onlinesbi.sbi
URL: https://retail.onlinesbi.sbi/sbijava/retail/css/phishing_login_lang.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2405:a700:14:12c::148 , India, ASN45644 (SBI-EMS-NET-IN IT-Networking Department, IN),
Reverse DNS
Software
/
Resource Hash
d7a665ab777788e73f5e8dc29734cffaa30dbfa1919bb8deab64fbe169785755
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retail.onlinesbi.sbi/sbijava/retail/css/phishing_login_lang.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 14 Nov 2022 10:24:12 GMT
Referrer-Policy
strict-origin-when-cross-origin
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Last-Modified
Thu, 10 Nov 2016 06:13:44 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
no-cache, must-revalidate
Server-Timing
dtSInfo;desc="1"
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
1038
X-XSS-Protection
1; mode=block
Connection
Keep-Alive
green_smiley.png
retail.onlinesbi.sbi/sbijava/retail/images/
19 KB
7 KB
Image
General
Full URL
https://retail.onlinesbi.sbi/sbijava/retail/images/green_smiley.png
Requested by
Host: retail.onlinesbi.sbi
URL: https://retail.onlinesbi.sbi/sbijava/retail/css/phishing_login_lang.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2405:a700:14:12c::148 , India, ASN45644 (SBI-EMS-NET-IN IT-Networking Department, IN),
Reverse DNS
Software
/
Resource Hash
e9a1d7f4f4905e3131676291515cc122232cda23fbc106cfca5f9a24739e29c6
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retail.onlinesbi.sbi/sbijava/retail/css/phishing_login_lang.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 10:24:12 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Thu, 29 Jun 2017 05:22:10 GMT
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Content-Encoding
gzip
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
image/png
Server-Timing
dtSInfo;desc="1"
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
X-XSS-Protection
1; mode=block
Connection
Keep-Alive
red_smiley.png
retail.onlinesbi.sbi/sbijava/retail/images/
20 KB
8 KB
Image
General
Full URL
https://retail.onlinesbi.sbi/sbijava/retail/images/red_smiley.png
Requested by
Host: retail.onlinesbi.sbi
URL: https://retail.onlinesbi.sbi/sbijava/retail/css/phishing_login_lang.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2405:a700:14:12c::148 , India, ASN45644 (SBI-EMS-NET-IN IT-Networking Department, IN),
Reverse DNS
Software
/
Resource Hash
8d713897b10bac1e8642e21bebaca16a7d5afec6db669c498252d1f781fd9dd0
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retail.onlinesbi.sbi/sbijava/retail/css/phishing_login_lang.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 14 Nov 2022 10:24:12 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Content-Encoding
gzip
Transfer-Encoding
chunked
Server-Timing
dtSInfo;desc="1"
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 29 Jun 2017 05:22:30 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
no-cache, must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
list_arrow.png
retail.onlinesbi.sbi/sbijava/retail/images/
981 B
3 KB
Image
General
Full URL
https://retail.onlinesbi.sbi/sbijava/retail/images/list_arrow.png
Requested by
Host: retail.onlinesbi.sbi
URL: https://retail.onlinesbi.sbi/sbijava/retail/css/phishing_login_lang.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2405:a700:14:12c::148 , India, ASN45644 (SBI-EMS-NET-IN IT-Networking Department, IN),
Reverse DNS
Software
/
Resource Hash
ed662dca5eed9bd75ca1496307ad7ce5d797ab2359e47350bdbe075a422dbce2
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retail.onlinesbi.sbi/sbijava/retail/css/phishing_login_lang.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 14 Nov 2022 10:24:12 GMT
Referrer-Policy
strict-origin-when-cross-origin
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Last-Modified
Tue, 18 Apr 2017 10:08:58 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
no-cache, must-revalidate
Server-Timing
dtSInfo;desc="1"
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
981
X-XSS-Protection
1; mode=block
Connection
Keep-Alive
login_img.png
ghftr.pages.dev/sbijava/retail/images/
61 KB
61 KB
Image
General
Full URL
https://ghftr.pages.dev/sbijava/retail/images/login_img.png
Requested by
Host: ghftr.pages.dev
URL: https://ghftr.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ghftr.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 10:24:12 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"756a0ce7e39f2a3c208fddd3301faa7f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vZ0p4nC8GyrGXpO5TRdrirztat%2BEh1ppJdjRfIbMv0rgC9liVt2xUVZdOq%2BqtXPGWROjpeFP5fbHC%2F%2F6hGAF%2Flr7nJS%2By5eiIBtd7Ok7cLQRYreUkQ99CON3xFVATuMKAIhe3Fail7ftJ0EBdM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
769f093e7809bbf2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
simpleCaptchaServ
retail.onlinesbi.sbi/retail/
Redirect Chain
  • https://retail.onlinesbi.com/retail/simpleCaptchaServ?1668421452548
  • https://retail.onlinesbi.sbi/retail/simpleCaptchaServ
5 KB
7 KB
Image
General
Full URL
https://retail.onlinesbi.sbi/retail/simpleCaptchaServ
Requested by
Host: ghftr.pages.dev
URL: https://ghftr.pages.dev/
Protocol
HTTP/1.1
Server
2405:a700:14:12c::148 , India, ASN45644 (SBI-EMS-NET-IN IT-Networking Department, IN),
Reverse DNS
Software
/
Resource Hash
cc7a776b4f4667e9b8c21f0b1ca6c5352ec8dd2f18a22dce23195633362fd33b
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ghftr.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 14 Nov 2022 10:24:13 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval', default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' ws: rmvideoprod1.onlinesbi.com rmvideoprod2.onlinesbi.com;
Content-Encoding
gzip
Transfer-Encoding
chunked
Server-Timing
dtSInfo;desc="0", dtRpid;desc="867831613"
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Content-Language
en-US
Cache-Control
no-cache, must-revalidate
Keep-Alive
timeout=10, max=100
Expires
0

Redirect headers

Location
https://retail.onlinesbi.sbi/retail/simpleCaptchaServ
Content-Length
0
resizeimage.ashx
cdn.page-source.com/
0
143 B
Image
General
Full URL
https://cdn.page-source.com/resizeimage.ashx?ig=ghftr.pages.dev&sz=105411
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.211.230 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-54-38-211.eu
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ghftr.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Mon, 14 Nov 2022 10:24:12 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/plain
cache-control
private
content-length
0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: State Bank of India (Banking)

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| disableautocompletion function| checkSpecial function| selectAddress function| selectPaymentMode function| addressValidation function| onSubmitCheckbook function| selectAccountNo function| changeButton function| validateTransfers function| standOnSubmitValidate6 function| standOnSubmitValidate5 function| standOnSubmitValidate4 function| standOnSubmitValidate2 function| standOnSubmitValidate1 function| rTrim function| dateValidation function| displayNo function| dateValidation1 function| getBankSystem function| setBankSystem function| validateTransfersForAccount function| openpopup undefined| fieldObj boolean| bCaps number| focus_count string| sHTML string| tempVk function| getArr function| getFocus function| constructKeyboard function| putChar function| setCaretTo function| changeCase function| setCaps function| toggleCap function| setClearAll function| backspacevk function| vkClear function| shuffle function| submitLogin function| submitRSupportLogin object| troubleID function| showForm function| submitPPK function| submitSupportLogin function| disableCtrlKeyCombination function| MD5 function| encryptPassword function| encryptLoginPassword object| CryptoJS function| encryptSha2LoginPassword function| encryptSha2ProfilePassword function| encryptShaPassCode function| verifyProfilePasswordSha function| profilePWDValidationSha function| validateSetPasswordSha function| submitLoginSha function| verifyProfilePasswordShaSalt function| encryptSha2ProfilePasswordVerify function| profilePWDValidationShaRetail function| setFocus function| disableSubmitButton function| statusChange function| selectAccountNoDD function| isNumberCheck function| submitLoginShagc function| isNumber string| message function| clickIE4 function| clickNS4 function| getUrlParameter function| init function| fnShowContent function| fnNewUserClick function| openemail boolean| isOpera boolean| isFirefox boolean| isSafari boolean| isIE boolean| isEdge boolean| isChrome boolean| isBlink function| getUserSelImgCaptcha function| getUserSelAudCaptcha function| refreshImg function| moveUp function| moveDown

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.page-source.com
ghftr.pages.dev
retail.onlinesbi.com
retail.onlinesbi.sbi
stackpath.bootstrapcdn.com
2405:a700:14:12c::148
2606:4700::6812:bcf
2a06:98c1:3120::3
54.38.211.230
0291e1e05611151da9457d0a23058d8252e291290b128595633279f708a1699d
029b23e41ef448a89ae5a11f57f82981fd39bc1f041f2efd59ce7b04a847d314
0c37ce37550aacf3097f908793a152f355c492f50581fee55699e940b0c21008
2d2be3dbc9161fda2a81cef257a67af39f29ab4f8a09d65569ccbe3f141b566e
2d58105906529c5e7d37d81d7f10e9fd044df4a2f6ff31411f598c8d7505ce3f
3b29a6a9164359e6b62430255b62d2adfcfa77f2153a3aedb8ed619f5cd8a046
46f61472da2ecf768076b0c23f2a888499c09b577315bce0b62798ce145af53d
5f974ff4b61f90d3c1d41ee67da06c44e2b209d5b1402ac89990680ecf24c7a5
67f10b9c066365803c648f8640b4d1d99d39861738c928d35bfc805f81ed3b3c
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6fa07d8475d14e8182dda2d241e906a02fcdf9e552b9b73e87135104236f8c19
894c7dd5b82eb62abe7578e84bb55a8bddd064761dfa1941e142ead5172b4355
8d713897b10bac1e8642e21bebaca16a7d5afec6db669c498252d1f781fd9dd0
9e6f202ec2e66324d37eab78a4884fc70375db0497f9ae00d87ab21a982a1288
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a628590db5c4eece8db60001a7d58a58d866c37fdcf048aa129dac4722033606
b28b184bb6ff20f6db190b2186dbc13acf303ff8179da3b711dff366fdcab263
bb3fbbdf55c9402fa2c52e6111029c2716164196bb0795d7c94dbd6af4648bd6
cc7a776b4f4667e9b8c21f0b1ca6c5352ec8dd2f18a22dce23195633362fd33b
d7a665ab777788e73f5e8dc29734cffaa30dbfa1919bb8deab64fbe169785755
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f635d9e1357f36d0d735fc4d52faf10c86bb4689949b496055b0495503e251
e9a1d7f4f4905e3131676291515cc122232cda23fbc106cfca5f9a24739e29c6
ed662dca5eed9bd75ca1496307ad7ce5d797ab2359e47350bdbe075a422dbce2
f2e1cc227d6bbb4192e4a3becdfed971c7fc530d76200e43add11c98cb962c53
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d