terugroepactiesec.online Open in urlscan Pro
45.11.19.208 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM
Submission: On September 16 via api (September 16th 2019, 10:47:00 pm UTC) from BE

Summary HTTP 24 Redirects Links 46 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 24 HTTP transactions. The main IP is 45.11.19.208, located in Germany and belongs to COMBAHTON combahton GmbH, DE. The main domain is terugroepactiesec.online.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 10th 2019. Valid for: 3 months.

This is the only time terugroepactiesec.online was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Rabobank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
7	45.11.19.208 45.11.19.208	30823 (COMBAHTON...) (COMBAHTON combahton GmbH)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
14	104.111.219.172 104.111.219.172	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
24	4

7 45.11.19.208 (Germany)

ASN30823 (COMBAHTON combahton GmbH, DE)

terugroepactiesec.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.111.219.172 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-219-172.deploy.static.akamaitechnologies.com

www.rabobank.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.youtube-nocookie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	rabobank.be www.rabobank.be	409 KB
7	terugroepactiesec.online terugroepactiesec.online	121 KB
2	youtube-nocookie.com www.youtube-nocookie.com
1	jquery.com code.jquery.com	30 KB
24	4

	Domain	Requested by
14	www.rabobank.be	terugroepactiesec.online
7	terugroepactiesec.online	terugroepactiesec.online
2	www.youtube-nocookie.com	terugroepactiesec.online
1	code.jquery.com	terugroepactiesec.online
24	4

This site contains links to these domains. Also see Links.

Domain
www.rabobank.be
nl-nl.facebook.com
twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
terugroepactiesec.online Let's Encrypt Authority X3	`2019-09-10` - `2019-12-09`	3 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
www.rabobank.be DigiCert SHA2 Extended Validation Server CA	`2019-04-02` - `2020-04-06`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM
Frame ID: 2AA53821877FF96B259248EF93F44302
Requests: 22 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/tyxyZhXCkWs?rel=0&controls=1&showinfo=1
Frame ID: A5CF8CDDA30ACDE4BCB05C72BF8F662F
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/tyxyZhXCkWs?rel=0&controls=1&showinfo=1
Frame ID: BCE1368EEA8ADBA32B94A393B9CB0460
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

24
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

560 kB
Transfer

1817 kB
Size

0
Cookies

46 Outgoing links

These are links going to different origins than the main page.

URL: https://www.rabobank.be/mijn-rekeningen
Title: Mijn rekeningen

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/over-ons
Title: Over ons

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/sparen-particulier/rabo-spaarrekening
Title: Rabo Spaarrekening

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/sparen-particulier/rabo-plus-account
Title: Rabo Plus Account

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/sparen-particulier/rabo-junior-account
Title: Rabo Junior Account

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/sparen-particulier/rabo-gift-account
Title: Rabo Gift Account

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/sparen-particulier/rabo-termijnrekening
Title: Rabo Termijnrekening

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/sparen-particulier/rabo-zichtrekening
Title: Rabo Zichtrekening

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/sparen-particulier
Title: Vergelijk spaarrekeningen

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/document-center
Title: Document Center

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/veelgestelde-vragen
Title: Veelgestelde vragen

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/woordenlijst
Title: ABC-banktermen

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/essentiele-spaardersinformatie
Title: Essentiële spaardersinformatie

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/veiligheid/veilig-bankieren
Title: Veilig bankieren

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/veiligheid/alles-over-de-digipass
Title: Alles over de digipass

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/veiligheid/kredietwaardigheid
Title: Kredietwaardigheid

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/contacteer-ons
Title: Contacteer ons

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/klachten
Title: Een klacht?

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/kennis/dossiers/sparen
Title: De spaarrekening van a tot z

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/kennis/dossiers/rente-onder-de-loep
Title: Rente onder de loep

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/kennis/dossiers/psychologie
Title: Psychologie van de spaarder

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/kennis/dossiers/erfenis
Title: Erfeniskwesties

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/kennis/nieuwsbrief
Title: Meld u aan voor onze nieuwsbrief

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/kennis/auteurs/frida-deceunynck
Title: Frida Deceunynck

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/kennis/auteurs/pascal-paepen
Title: Pascal Paepen

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/kennis/auteurs/claudia-hammond
Title: Claudia Hammond

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/kennis/auteurs/cedric-boitte
Title: Cédric Boitte

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/kennis/tags/sparen
Title: #sparen

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/kennis/tags/psychologie
Title: #psychologie

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/kennis/tags/wetgeving
Title: #wetgeving

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/kennis/tags/kinderen
Title: #kinderen

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/kennis/tags/fiscaliteit
Title: #fiscaliteit

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/kennis/tags/technologie
Title: #technologie

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/kennis/tags/erfenis
Title: #erfenis

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/kennis/tags/veiligheid
Title: #veiligheid

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/kennis/tags/rabobank
Title: #rabobank

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/onze-missie
Title: #missie

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/dam/jcr:85030920-4489-4782-89cb-7d2ac09f1894/aanvraag-deblokkering-vernieuwing-digipass.pdf
Title: Vraag een nieuwe digipass aan

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/veelgestelde-vragen/digipass
Title: Bekijk alle veelgestelde vragen over de digipass

Search URL Search Domain Scan URL

URL: https://nl-nl.facebook.com/rabobank.be/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/rabobankbe
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/2817376/
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/gebruiksvoorwaarden
Title: Gebruiksvoorwaarden

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/privacy
Title: Uw privacy

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/veelgestelde-vragen/online-bankieren/cookies
Title: Cookies

Search URL Search Domain Scan URL

URL: https://www.rabobank.be/dam/jcr:2f52fa88-b14d-46bf-88b9-5c3fa24dcd51/tarievenlijst.pdf
Title: Tarievenlijst (PDF)

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
terugroepactiesec.online/rabobe-beveiliging/ 87 KB
16 KB 134ms
43ms Document
text/html 45.11.19.208
COMBAHTON combaht...

General

Check archive.org

Show headers Download Go to

Full URL: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 45.11.19.208 , Germany, ASN30823 (COMBAHTON combahton GmbH, DE),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 37b070b36e2e2acfd3f795f7b77821fd8caaf6918b9ce5037ddaa7b1b52231ad

Request headers

Host: terugroepactiesec.online
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

Date: Mon, 16 Sep 2019 22:46:44 GMT
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16249
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK arm.css
terugroepactiesec.online/rabobe-beveiliging/ 260 KB
38 KB 65ms
49ms Stylesheet
text/css 45.11.19.208
COMBAHTON combaht...

General

Check archive.org

Show headers Download Go to

Full URL: https://terugroepactiesec.online/rabobe-beveiliging/arm.css
Requested by: Host: terugroepactiesec.online
URL: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 45.11.19.208 , Germany, ASN30823 (COMBAHTON combahton GmbH, DE),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a242bd104b336cb5312c363a96cef1e751c7b2c3b9b9de0991361d4afc5fdfa9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Sep 2019 22:46:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Sep 2019 04:34:07 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "4109f-5923f881c7396-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 39047

GET
H/1.1 200
OK jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 19ms
6ms Script
application/javascript 2001:4de0:ac18::1:a:2a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: terugroepactiesec.online
URL: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Sep 2019 22:46:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 May 2019 21:14:27 GMT
Server: nginx
ETag: W/"5cca0c33-15851"
Vary: Accept-Encoding
X-HW: 1568674004.dop011.fr8.shc,1568674004.dop011.fr8.t,1568674004.cds032.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 30638

GET
H/1.1 200
OK mxui.css
www.rabobank.be/apps/postlogin-be/mxclientsystem/mxui/ui/ 97 KB
31 KB 150ms
53ms Stylesheet
text/css 104.111.219.172
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rabobank.be/apps/postlogin-be/mxclientsystem/mxui/ui/mxui.css?636970695140027430

Requested by

Host: terugroepactiesec.online
URL: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.219.172 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-219-172.deploy.static.akamaitechnologies.com

Software

n/a /

Resource Hash

b44982e5d6f2f86337752c0217d792422ad4178266c29d02c067dc211bfb4368

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Apr 2019 13:29:20 GMT
Server: n/a
Date: Mon, 16 Sep 2019 22:46:44 GMT
Content-Security-Policy`: script-src 'self'; object-src 'self'
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=24560749
Connection: keep-alive
Content-Length: 31536
X-XSS-Protection: 1; mode=block
Expires: Sat, 27 Jun 2020 05:12:33 GMT

GET
H/1.1 200
OK widgets.css
www.rabobank.be//apps/postlogin-be/widgets/ 57 KB
7 KB 162ms
64ms Stylesheet
text/css 104.111.219.172
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rabobank.be//apps/postlogin-be/widgets/widgets.css?636970695140027430

Requested by

Host: terugroepactiesec.online
URL: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.219.172 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-219-172.deploy.static.akamaitechnologies.com

Software

n/a /

Resource Hash

fe2ca4a9e1bf851093e9e7fe0d12356a7588ea38229781ad629af64ae5cbb69a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 25 Jun 2019 14:26:59 GMT
Server: n/a
Date: Mon, 16 Sep 2019 22:46:44 GMT
Content-Security-Policy`: script-src 'self'; object-src 'self'
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=24561096
Connection: keep-alive
Content-Length: 6944
X-XSS-Protection: 1; mode=block
Expires: Sat, 27 Jun 2020 05:18:20 GMT

GET
H/1.1 200
OK lib.css
www.rabobank.be/apps/postlogin-be/resources/ 576 KB
110 KB 148ms
51ms Stylesheet
text/css 104.111.219.172
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rabobank.be/apps/postlogin-be/resources/lib.css?636970695140027430

Requested by

Host: terugroepactiesec.online
URL: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.219.172 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-219-172.deploy.static.akamaitechnologies.com

Software

n/a /

Resource Hash

b50455c45ac8979eb058cab64e46e89fd4f3dae81a28a9eee6194ee035b6b33e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 25 Jun 2019 14:26:59 GMT
Server: n/a
Date: Mon, 16 Sep 2019 22:46:44 GMT
Content-Security-Policy`: script-src 'self'; object-src 'self'
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=24560757
Connection: keep-alive
Content-Length: 112085
X-XSS-Protection: 1; mode=block
Expires: Sat, 27 Jun 2020 05:12:41 GMT

GET
H/1.1 200
OK custom.css
www.rabobank.be/apps/postlogin-be/resources/ 415 KB
91 KB 164ms
67ms Stylesheet
text/css 104.111.219.172
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rabobank.be/apps/postlogin-be/resources/custom.css?636970695140027430

Requested by

Host: terugroepactiesec.online
URL: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.219.172 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-219-172.deploy.static.akamaitechnologies.com

Software

n/a /

Resource Hash

a9be87b906abc247fe870dba9a0cd2d01302403fe2a9fd2bd31810dac019d0ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 25 Jun 2019 14:26:59 GMT
Server: n/a
Date: Mon, 16 Sep 2019 22:46:44 GMT
Content-Security-Policy`: script-src 'self'; object-src 'self'
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=24560708
Connection: keep-alive
Content-Length: 92199
X-XSS-Protection: 1; mode=block
Expires: Sat, 27 Jun 2020 05:11:52 GMT

GET
H/1.1 200
OK rabobank-check-white-1.svg
www.rabobank.be/.resources/rabobank-be/webresources/img/common/ 572 B
2 KB 222ms
126ms Image
image/svg+xml 104.111.219.172
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rabobank.be/.resources/rabobank-be/webresources/img/common/rabobank-check-white-1.svg

Requested by

Host: terugroepactiesec.online
URL: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.219.172 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-219-172.deploy.static.akamaitechnologies.com

Software

n/a /

Resource Hash

e150ec1939230da37fefb50a40d8766b38060db920f0823c387e57c8cceca676

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; style-src 'self' 'unsafe-inline' .piwik.pro ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .piwik.pro .piwikpro.com https://www.youtube.com https://s.ytimg.com https://www.google.com https://www.gstatic.com .doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://connect.facebook.net; img-src 'self' data: .piwik.pro .piwikpro.com .doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://www.facebook.com https://www.google.com https://www.google.nl; frame-src 'self' https://www.youtube-nocookie.com https://player.vimeo.com https://www.google.com https://savinggoals.mendixcloud.com https://savinggoals-accp.mendixcloud.com https://savinggoals-test.mendixcloud.com https://rabodirect.piwik.pro .doubleclick.net; frame-ancestors 'none' ; font-src 'self' https://rabodirect.containers.piwik.pro ; connect-src 'self' https://rabodirect.piwik.pro ;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' ; style-src 'self' 'unsafe-inline' *.piwik.pro ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.piwik.pro *.piwikpro.com https://www.youtube.com https://s.ytimg.com https://www.google.com https://www.gstatic.com *.doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://connect.facebook.net; img-src 'self' data: *.piwik.pro *.piwikpro.com *.doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://www.facebook.com https://www.google.com https://www.google.nl; frame-src 'self' https://www.youtube-nocookie.com https://player.vimeo.com https://www.google.com https://savinggoals.mendixcloud.com https://savinggoals-accp.mendixcloud.com https://savinggoals-test.mendixcloud.com https://rabodirect.piwik.pro *.doubleclick.net; frame-ancestors 'none' ; font-src 'self' https://rabodirect.containers.piwik.pro ; connect-src 'self' https://rabodirect.piwik.pro ;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 314
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 07 May 2019 13:43:18 GMT
Server: n/a
Date: Mon, 16 Sep 2019 22:46:44 GMT
X-Frame-Options: DENY
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: public, max-age=1143
Expires: Mon, 16 Sep 2019 23:05:47 GMT

GET
H/1.1 200
OK rabobank-search.svg
www.rabobank.be/.resources/rabobank-be/webresources/img/common/ 766 B
2 KB 218ms
122ms Image
image/svg+xml 104.111.219.172
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rabobank.be/.resources/rabobank-be/webresources/img/common/rabobank-search.svg

Requested by

Host: terugroepactiesec.online
URL: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.219.172 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-219-172.deploy.static.akamaitechnologies.com

Software

n/a /

Resource Hash

4ac5fd9f7108fd5b25abecbb873ef285554d5ab8ae5ba0d9e0cf863a4bee22d5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; style-src 'self' 'unsafe-inline' .piwik.pro ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .piwik.pro .piwikpro.com https://www.youtube.com https://s.ytimg.com https://www.google.com https://www.gstatic.com .doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://connect.facebook.net; img-src 'self' data: .piwik.pro .piwikpro.com .doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://www.facebook.com https://www.google.com https://www.google.nl; frame-src 'self' https://www.youtube-nocookie.com https://player.vimeo.com https://www.google.com https://savinggoals.mendixcloud.com https://savinggoals-accp.mendixcloud.com https://savinggoals-test.mendixcloud.com https://rabodirect.piwik.pro .doubleclick.net; frame-ancestors 'none' ; font-src 'self' https://rabodirect.containers.piwik.pro ; connect-src 'self' https://rabodirect.piwik.pro ;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' ; style-src 'self' 'unsafe-inline' *.piwik.pro ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.piwik.pro *.piwikpro.com https://www.youtube.com https://s.ytimg.com https://www.google.com https://www.gstatic.com *.doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://connect.facebook.net; img-src 'self' data: *.piwik.pro *.piwikpro.com *.doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://www.facebook.com https://www.google.com https://www.google.nl; frame-src 'self' https://www.youtube-nocookie.com https://player.vimeo.com https://www.google.com https://savinggoals.mendixcloud.com https://savinggoals-accp.mendixcloud.com https://savinggoals-test.mendixcloud.com https://rabodirect.piwik.pro *.doubleclick.net; frame-ancestors 'none' ; font-src 'self' https://rabodirect.containers.piwik.pro ; connect-src 'self' https://rabodirect.piwik.pro ;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 489
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 07 May 2019 13:43:18 GMT
Server: n/a
Date: Mon, 16 Sep 2019 22:46:44 GMT
X-Frame-Options: DENY
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: public, max-age=971
Expires: Mon, 16 Sep 2019 23:02:55 GMT

GET
H/1.1 200
OK rabobank-menu.svg
www.rabobank.be/.resources/rabobank-be/webresources/img/common/ 557 B
2 KB 196ms
196ms Image
image/svg+xml 104.111.219.172
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rabobank.be/.resources/rabobank-be/webresources/img/common/rabobank-menu.svg

Requested by

Host: terugroepactiesec.online
URL: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.219.172 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-219-172.deploy.static.akamaitechnologies.com

Software

n/a /

Resource Hash

a775ab8993c591fc06434cba0ec5a296c9f62c60823cc551ae3db5229f4e334e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; style-src 'self' 'unsafe-inline' .piwik.pro ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .piwik.pro .piwikpro.com https://www.youtube.com https://s.ytimg.com https://www.google.com https://www.gstatic.com .doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://connect.facebook.net; img-src 'self' data: .piwik.pro .piwikpro.com .doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://www.facebook.com https://www.google.com https://www.google.nl; frame-src 'self' https://www.youtube-nocookie.com https://player.vimeo.com https://www.google.com https://savinggoals.mendixcloud.com https://savinggoals-accp.mendixcloud.com https://savinggoals-test.mendixcloud.com https://rabodirect.piwik.pro .doubleclick.net; frame-ancestors 'none' ; font-src 'self' https://rabodirect.containers.piwik.pro ; connect-src 'self' https://rabodirect.piwik.pro ;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' ; style-src 'self' 'unsafe-inline' *.piwik.pro ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.piwik.pro *.piwikpro.com https://www.youtube.com https://s.ytimg.com https://www.google.com https://www.gstatic.com *.doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://connect.facebook.net; img-src 'self' data: *.piwik.pro *.piwikpro.com *.doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://www.facebook.com https://www.google.com https://www.google.nl; frame-src 'self' https://www.youtube-nocookie.com https://player.vimeo.com https://www.google.com https://savinggoals.mendixcloud.com https://savinggoals-accp.mendixcloud.com https://savinggoals-test.mendixcloud.com https://rabodirect.piwik.pro *.doubleclick.net; frame-ancestors 'none' ; font-src 'self' https://rabodirect.containers.piwik.pro ; connect-src 'self' https://rabodirect.piwik.pro ;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 354
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 07 May 2019 13:43:18 GMT
Server: n/a
Date: Mon, 16 Sep 2019 22:46:44 GMT
X-Frame-Options: DENY
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: public, max-age=3600
Expires: Mon, 16 Sep 2019 23:46:44 GMT

GET
H/1.1 200
OK rabobank-logo.svg
www.rabobank.be/dam/jcr:3dd45014-2ce3-468c-b049-9df619452322/ 20 KB
7 KB 55ms
54ms Image
image/svg+xml 104.111.219.172
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rabobank.be/dam/jcr:3dd45014-2ce3-468c-b049-9df619452322/rabobank-logo.svg

Requested by

Host: terugroepactiesec.online
URL: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.219.172 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-219-172.deploy.static.akamaitechnologies.com

Software

n/a /

Resource Hash

ed54449cd63ec194c3eaecbc5b634843a61dc32236efbbc24483c2a43a332a85

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; style-src 'self' 'unsafe-inline' .piwik.pro ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .piwik.pro .piwikpro.com https://www.youtube.com https://s.ytimg.com https://www.google.com https://www.gstatic.com .doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://connect.facebook.net; img-src 'self' data: .piwik.pro .piwikpro.com .doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://www.facebook.com https://www.google.com https://www.google.nl; frame-src 'self' https://www.youtube-nocookie.com https://player.vimeo.com https://www.google.com https://savinggoals.mendixcloud.com https://savinggoals-accp.mendixcloud.com https://savinggoals-test.mendixcloud.com https://rabodirect.piwik.pro .doubleclick.net; frame-ancestors 'none' ; font-src 'self' https://rabodirect.containers.piwik.pro ; connect-src 'self' https://rabodirect.piwik.pro ;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' ; style-src 'self' 'unsafe-inline' *.piwik.pro ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.piwik.pro *.piwikpro.com https://www.youtube.com https://s.ytimg.com https://www.google.com https://www.gstatic.com *.doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://connect.facebook.net; img-src 'self' data: *.piwik.pro *.piwikpro.com *.doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://www.facebook.com https://www.google.com https://www.google.nl; frame-src 'self' https://www.youtube-nocookie.com https://player.vimeo.com https://www.google.com https://savinggoals.mendixcloud.com https://savinggoals-accp.mendixcloud.com https://savinggoals-test.mendixcloud.com https://rabodirect.piwik.pro *.doubleclick.net; frame-ancestors 'none' ; font-src 'self' https://rabodirect.containers.piwik.pro ; connect-src 'self' https://rabodirect.piwik.pro ;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 5979
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 15 Sep 2017 12:28:47 GMT
Server: n/a
Date: Mon, 16 Sep 2019 22:46:44 GMT
X-Frame-Options: DENY
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: public, max-age=21
Expires: Mon, 16 Sep 2019 22:47:05 GMT

GET
H/1.1 200
OK Login$digipass9_2.png
www.rabobank.be//apps/postlogin-be/img/ 67 KB
68 KB 49ms
49ms Image
image/png 104.111.219.172
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rabobank.be//apps/postlogin-be/img/Login$digipass9_2.png?636970695140027430

Requested by

Host: terugroepactiesec.online
URL: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.219.172 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-219-172.deploy.static.akamaitechnologies.com

Software

n/a /

Resource Hash

b5022987c92f476c489a34d392f8dc8cae6b97971ac0be8dab712b2b75c7764b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Tue, 25 Jun 2019 14:26:59 GMT
Server: n/a
Date: Mon, 16 Sep 2019 22:46:44 GMT
Content-Security-Policy`: script-src 'self'; object-src 'self'
Content-Type: image/png
Cache-Control: max-age=24561063
Connection: keep-alive
Content-Length: 69095
X-XSS-Protection: 1; mode=block
Expires: Sat, 27 Jun 2020 05:17:47 GMT

GET
H/1.1 200
OK Login$Login_NavigationLayouts_Draft_BE_DP_Login_White.png
www.rabobank.be//apps/postlogin-be/img/ 18 KB
18 KB 57ms
56ms Image
image/png 104.111.219.172
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rabobank.be//apps/postlogin-be/img/Login$Login_NavigationLayouts_Draft_BE_DP_Login_White.png?636970695140027430

Requested by

Host: terugroepactiesec.online
URL: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.219.172 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-219-172.deploy.static.akamaitechnologies.com

Software

n/a /

Resource Hash

b8266d9c9eefffb417e537eea269e2f69dac0a5a72dbf547227fdf6c2ec2e876

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Tue, 25 Jun 2019 14:26:59 GMT
Server: n/a
Date: Mon, 16 Sep 2019 22:46:44 GMT
Content-Security-Policy`: script-src 'self'; object-src 'self'
Content-Type: image/png
Cache-Control: max-age=24561044
Connection: keep-alive
Content-Length: 18128
X-XSS-Protection: 1; mode=block
Expires: Sat, 27 Jun 2020 05:17:28 GMT

GET
H/1.1 200
OK SandyP.png
www.rabobank.be/dam/jcr:c8e32a02-1f4b-4d9d-bad2-9ed83556e588/ 31 KB
33 KB 64ms
64ms Image
image/png 104.111.219.172
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rabobank.be/dam/jcr:c8e32a02-1f4b-4d9d-bad2-9ed83556e588/SandyP.png

Requested by

Host: terugroepactiesec.online
URL: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.219.172 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-219-172.deploy.static.akamaitechnologies.com

Software

n/a /

Resource Hash

e77cdbd21d8b7329c5261bc13752744951caef0009c1ef36e20ecc43183f7dd2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; style-src 'self' 'unsafe-inline' .piwik.pro ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .piwik.pro .piwikpro.com https://www.youtube.com https://s.ytimg.com https://www.google.com https://www.gstatic.com .doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://connect.facebook.net; img-src 'self' data: .piwik.pro .piwikpro.com .doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://www.facebook.com https://www.google.com https://www.google.nl; frame-src 'self' https://www.youtube-nocookie.com https://player.vimeo.com https://www.google.com https://savinggoals.mendixcloud.com https://savinggoals-accp.mendixcloud.com https://savinggoals-test.mendixcloud.com https://rabodirect.piwik.pro .doubleclick.net; frame-ancestors 'none' ; font-src 'self' https://rabodirect.containers.piwik.pro ; connect-src 'self' https://rabodirect.piwik.pro ;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' ; style-src 'self' 'unsafe-inline' *.piwik.pro ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.piwik.pro *.piwikpro.com https://www.youtube.com https://s.ytimg.com https://www.google.com https://www.gstatic.com *.doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://connect.facebook.net; img-src 'self' data: *.piwik.pro *.piwikpro.com *.doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://www.facebook.com https://www.google.com https://www.google.nl; frame-src 'self' https://www.youtube-nocookie.com https://player.vimeo.com https://www.google.com https://savinggoals.mendixcloud.com https://savinggoals-accp.mendixcloud.com https://savinggoals-test.mendixcloud.com https://rabodirect.piwik.pro *.doubleclick.net; frame-ancestors 'none' ; font-src 'self' https://rabodirect.containers.piwik.pro ; connect-src 'self' https://rabodirect.piwik.pro ;
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 28 Jun 2019 13:51:13 GMT
Server: n/a
Date: Mon, 16 Sep 2019 22:46:44 GMT
X-Frame-Options: DENY
Content-Type: image/png; charset=UTF-8
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: none
Cache-Control: public, max-age=91
Connection: keep-alive
Content-Length: 32216
X-Content-Type-Options: nosniff
Expires: Mon, 16 Sep 2019 22:48:15 GMT

GET
H/1.1 200
OK IvyM.png
www.rabobank.be/dam/jcr:d58b9cfd-c29a-4cc3-a0da-32fbfc964a0a/ 32 KB
34 KB 45ms
45ms Image
image/png 104.111.219.172
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rabobank.be/dam/jcr:d58b9cfd-c29a-4cc3-a0da-32fbfc964a0a/IvyM.png

Requested by

Host: terugroepactiesec.online
URL: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.219.172 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-219-172.deploy.static.akamaitechnologies.com

Software

n/a /

Resource Hash

951ab1bb50fe72bd4586ae324af2e6444d8878983bd4b37db2badf1cc0804d78

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; style-src 'self' 'unsafe-inline' .piwik.pro ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .piwik.pro .piwikpro.com https://www.youtube.com https://s.ytimg.com https://www.google.com https://www.gstatic.com .doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://connect.facebook.net; img-src 'self' data: .piwik.pro .piwikpro.com .doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://www.facebook.com https://www.google.com https://www.google.nl; frame-src 'self' https://www.youtube-nocookie.com https://player.vimeo.com https://www.google.com https://savinggoals.mendixcloud.com https://savinggoals-accp.mendixcloud.com https://savinggoals-test.mendixcloud.com https://rabodirect.piwik.pro .doubleclick.net; frame-ancestors 'none' ; font-src 'self' https://rabodirect.containers.piwik.pro ; connect-src 'self' https://rabodirect.piwik.pro ;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' ; style-src 'self' 'unsafe-inline' *.piwik.pro ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.piwik.pro *.piwikpro.com https://www.youtube.com https://s.ytimg.com https://www.google.com https://www.gstatic.com *.doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://connect.facebook.net; img-src 'self' data: *.piwik.pro *.piwikpro.com *.doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://www.facebook.com https://www.google.com https://www.google.nl; frame-src 'self' https://www.youtube-nocookie.com https://player.vimeo.com https://www.google.com https://savinggoals.mendixcloud.com https://savinggoals-accp.mendixcloud.com https://savinggoals-test.mendixcloud.com https://rabodirect.piwik.pro *.doubleclick.net; frame-ancestors 'none' ; font-src 'self' https://rabodirect.containers.piwik.pro ; connect-src 'self' https://rabodirect.piwik.pro ;
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 28 Jun 2019 13:43:08 GMT
Server: n/a
Date: Mon, 16 Sep 2019 22:46:44 GMT
X-Frame-Options: DENY
Content-Type: image/png; charset=UTF-8
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: none
Cache-Control: public, max-age=216
Connection: keep-alive
Content-Length: 33124
X-Content-Type-Options: nosniff
Expires: Mon, 16 Sep 2019 22:50:20 GMT

GET
H/1.1 200
OK rabobank-cookies-white.svg
www.rabobank.be/.resources/rabobank-be/webresources/img/common/ 1 KB
2 KB 42ms
42ms Image
image/svg+xml 104.111.219.172
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rabobank.be/.resources/rabobank-be/webresources/img/common/rabobank-cookies-white.svg

Requested by

Host: terugroepactiesec.online
URL: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.219.172 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-219-172.deploy.static.akamaitechnologies.com

Software

n/a /

Resource Hash

ca2ff25afe9ddd9667730a1b0b9a6cb908ec05436943ca1384402626990af959

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; style-src 'self' 'unsafe-inline' .piwik.pro ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .piwik.pro .piwikpro.com https://www.youtube.com https://s.ytimg.com https://www.google.com https://www.gstatic.com .doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://connect.facebook.net; img-src 'self' data: .piwik.pro .piwikpro.com .doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://www.facebook.com https://www.google.com https://www.google.nl; frame-src 'self' https://www.youtube-nocookie.com https://player.vimeo.com https://www.google.com https://savinggoals.mendixcloud.com https://savinggoals-accp.mendixcloud.com https://savinggoals-test.mendixcloud.com https://rabodirect.piwik.pro .doubleclick.net; frame-ancestors 'none' ; font-src 'self' https://rabodirect.containers.piwik.pro ; connect-src 'self' https://rabodirect.piwik.pro ;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' ; style-src 'self' 'unsafe-inline' *.piwik.pro ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.piwik.pro *.piwikpro.com https://www.youtube.com https://s.ytimg.com https://www.google.com https://www.gstatic.com *.doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://connect.facebook.net; img-src 'self' data: *.piwik.pro *.piwikpro.com *.doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://www.facebook.com https://www.google.com https://www.google.nl; frame-src 'self' https://www.youtube-nocookie.com https://player.vimeo.com https://www.google.com https://savinggoals.mendixcloud.com https://savinggoals-accp.mendixcloud.com https://savinggoals-test.mendixcloud.com https://rabodirect.piwik.pro *.doubleclick.net; frame-ancestors 'none' ; font-src 'self' https://rabodirect.containers.piwik.pro ; connect-src 'self' https://rabodirect.piwik.pro ;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 679
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 07 May 2019 13:43:18 GMT
Server: n/a
Date: Mon, 16 Sep 2019 22:46:44 GMT
X-Frame-Options: DENY
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: public, max-age=1048
Expires: Mon, 16 Sep 2019 23:04:12 GMT

GET
H2 200 tyxyZhXCkWs
www.youtube-nocookie.com/embed/ Frame A5CF 0
0 154ms
132ms Document
text/html 2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/embed/tyxyZhXCkWs?rel=0&controls=1&showinfo=1

Requested by

Host: terugroepactiesec.online
URL: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube-nocookie.com
:scheme: https
:path: /embed/tyxyZhXCkWs?rel=0&controls=1&showinfo=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM

Response headers

status: 200
cache-control: no-cache
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
expires: Tue, 27 Apr 1971 19:44:06 EST
content-encoding: br
strict-transport-security: max-age=31536000
date: Mon, 16 Sep 2019 22:46:44 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 tyxyZhXCkWs
www.youtube-nocookie.com/embed/ Frame BCE1 0
0 140ms
123ms Document
text/html 2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/embed/tyxyZhXCkWs?rel=0&controls=1&showinfo=1

Requested by

Host: terugroepactiesec.online
URL: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube-nocookie.com
:scheme: https
:path: /embed/tyxyZhXCkWs?rel=0&controls=1&showinfo=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM

Response headers

status: 200
strict-transport-security: max-age=31536000
cache-control: no-cache
expires: Tue, 27 Apr 1971 19:44:06 EST
content-type: text/html; charset=utf-8
content-encoding: br
x-content-type-options: nosniff
date: Mon, 16 Sep 2019 22:46:44 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H/1.1 404
Not Found rabobank-arrow.svg
terugroepactiesec.online/img/common/ 287 B
287 B 31ms
31ms Image
text/html 45.11.19.208
COMBAHTON combaht...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://terugroepactiesec.online/img/common/rabobank-arrow.svg
Requested by: Host: terugroepactiesec.online
URL: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 45.11.19.208 , Germany, ASN30823 (COMBAHTON combahton GmbH, DE),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 18a9b0b7c4bb91a99b7485ecaf3031e21e1f8beafc196d2fbf14d49ce20d325e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://terugroepactiesec.online/rabobe-beveiliging/arm.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Sep 2019 22:46:44 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 287
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found rabobank-close.svg
terugroepactiesec.online/img/common/ 287 B
287 B 31ms
31ms Image
text/html 45.11.19.208
COMBAHTON combaht...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://terugroepactiesec.online/img/common/rabobank-close.svg
Requested by: Host: terugroepactiesec.online
URL: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 45.11.19.208 , Germany, ASN30823 (COMBAHTON combahton GmbH, DE),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 18a9b0b7c4bb91a99b7485ecaf3031e21e1f8beafc196d2fbf14d49ce20d325e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://terugroepactiesec.online/rabobe-beveiliging/arm.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Sep 2019 22:46:44 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 287
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK rabobank-arrow.svg
www.rabobank.be/.resources/rabobank-be/webresources/img/common/ 498 B
2 KB 49ms
42ms Image
image/svg+xml 104.111.219.172
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rabobank.be/.resources/rabobank-be/webresources/img/common/rabobank-arrow.svg

Requested by

Host: terugroepactiesec.online
URL: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.219.172 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-219-172.deploy.static.akamaitechnologies.com

Software

n/a /

Resource Hash

4397d32e821e8562fa6a208393d1c47d9ee07d333c64b3e84e5ab92ee136c004

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; style-src 'self' 'unsafe-inline' .piwik.pro ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .piwik.pro .piwikpro.com https://www.youtube.com https://s.ytimg.com https://www.google.com https://www.gstatic.com .doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://connect.facebook.net; img-src 'self' data: .piwik.pro .piwikpro.com .doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://www.facebook.com https://www.google.com https://www.google.nl; frame-src 'self' https://www.youtube-nocookie.com https://player.vimeo.com https://www.google.com https://savinggoals.mendixcloud.com https://savinggoals-accp.mendixcloud.com https://savinggoals-test.mendixcloud.com https://rabodirect.piwik.pro .doubleclick.net; frame-ancestors 'none' ; font-src 'self' https://rabodirect.containers.piwik.pro ; connect-src 'self' https://rabodirect.piwik.pro ;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.rabobank.be/apps/postlogin-be/resources/custom.css?636970695140027430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' ; style-src 'self' 'unsafe-inline' *.piwik.pro ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.piwik.pro *.piwikpro.com https://www.youtube.com https://s.ytimg.com https://www.google.com https://www.gstatic.com *.doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://connect.facebook.net; img-src 'self' data: *.piwik.pro *.piwikpro.com *.doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com https://www.facebook.com https://www.google.com https://www.google.nl; frame-src 'self' https://www.youtube-nocookie.com https://player.vimeo.com https://www.google.com https://savinggoals.mendixcloud.com https://savinggoals-accp.mendixcloud.com https://savinggoals-test.mendixcloud.com https://rabodirect.piwik.pro *.doubleclick.net; frame-ancestors 'none' ; font-src 'self' https://rabodirect.containers.piwik.pro ; connect-src 'self' https://rabodirect.piwik.pro ;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 357
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 07 May 2019 13:43:18 GMT
Server: n/a
Date: Mon, 16 Sep 2019 22:46:44 GMT
X-Frame-Options: DENY
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: public, max-age=1722
Expires: Mon, 16 Sep 2019 23:15:26 GMT

GET
H/1.1 200
OK myriadpro-regular-webfont.woff
terugroepactiesec.online/rabobe-beveiliging/ 22 KB
22 KB 61ms
32ms Font
application/font-woff 45.11.19.208
COMBAHTON combaht...

General

Check archive.org

Show headers Download Go to

Full URL: https://terugroepactiesec.online/rabobe-beveiliging/myriadpro-regular-webfont.woff
Requested by: Host: terugroepactiesec.online
URL: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 45.11.19.208 , Germany, ASN30823 (COMBAHTON combahton GmbH, DE),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: fb0bccc37a1e1032fb54e1cf8f7d8f3b316c38927388cc24dafceb5bae618336

Request headers

Sec-Fetch-Mode: cors
Referer: https://terugroepactiesec.online/rabobe-beveiliging/arm.css
Origin: https://terugroepactiesec.online
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Sep 2019 22:46:44 GMT
Last-Modified: Wed, 11 Sep 2019 04:34:09 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "56f4-5923f8833d3a7"
Content-Type: application/font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 22260

GET
H/1.1 200
OK myriadpro-bold-webfont.woff
terugroepactiesec.online/rabobe-beveiliging/ 22 KB
22 KB 57ms
33ms Font
application/font-woff 45.11.19.208
COMBAHTON combaht...

General

Check archive.org

Show headers Download Go to

Full URL: https://terugroepactiesec.online/rabobe-beveiliging/myriadpro-bold-webfont.woff
Requested by: Host: terugroepactiesec.online
URL: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 45.11.19.208 , Germany, ASN30823 (COMBAHTON combahton GmbH, DE),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 9b0b7e1ec2e1bde8dbf465142c65c35c2795fd95f5a7edacd091fe2b50aa8c76

Request headers

Sec-Fetch-Mode: cors
Referer: https://terugroepactiesec.online/rabobe-beveiliging/arm.css
Origin: https://terugroepactiesec.online
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Sep 2019 22:46:44 GMT
Last-Modified: Wed, 11 Sep 2019 04:34:08 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "5648-5923f882fbcd5"
Content-Type: application/font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 22088

GET
H/1.1 200
OK myriadpro-light-webfont.woff
terugroepactiesec.online/rabobe-beveiliging/ 22 KB
22 KB 92ms
32ms Font
application/font-woff 45.11.19.208
COMBAHTON combaht...

General

Check archive.org

Show headers Download Go to

Full URL: https://terugroepactiesec.online/rabobe-beveiliging/myriadpro-light-webfont.woff
Requested by: Host: terugroepactiesec.online
URL: https://terugroepactiesec.online/rabobe-beveiliging/?55mZqXg9F2Qr7ffEq=DjoCTbsYYVIfz8pWIYM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 45.11.19.208 , Germany, ASN30823 (COMBAHTON combahton GmbH, DE),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 6342bffe43e2d8c9fab3503e7f2f0eb3b0d5c30a74c2c911a72993dd9e7c45ba

Request headers

Sec-Fetch-Mode: cors
Referer: https://terugroepactiesec.online/rabobe-beveiliging/arm.css
Origin: https://terugroepactiesec.online
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Sep 2019 22:46:44 GMT
Last-Modified: Wed, 11 Sep 2019 04:34:09 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "56a8-5923f8831724f"
Content-Type: application/font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 22184

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Rabobank (Banking)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
terugroepactiesec.online
www.rabobank.be
www.youtube-nocookie.com
104.111.219.172
2001:4de0:ac18::1:a:2a
2a00:1450:4001:81d::200e
45.11.19.208
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
18a9b0b7c4bb91a99b7485ecaf3031e21e1f8beafc196d2fbf14d49ce20d325e
37b070b36e2e2acfd3f795f7b77821fd8caaf6918b9ce5037ddaa7b1b52231ad
4397d32e821e8562fa6a208393d1c47d9ee07d333c64b3e84e5ab92ee136c004
4ac5fd9f7108fd5b25abecbb873ef285554d5ab8ae5ba0d9e0cf863a4bee22d5
6342bffe43e2d8c9fab3503e7f2f0eb3b0d5c30a74c2c911a72993dd9e7c45ba
951ab1bb50fe72bd4586ae324af2e6444d8878983bd4b37db2badf1cc0804d78
9b0b7e1ec2e1bde8dbf465142c65c35c2795fd95f5a7edacd091fe2b50aa8c76
a242bd104b336cb5312c363a96cef1e751c7b2c3b9b9de0991361d4afc5fdfa9
a775ab8993c591fc06434cba0ec5a296c9f62c60823cc551ae3db5229f4e334e
a9be87b906abc247fe870dba9a0cd2d01302403fe2a9fd2bd31810dac019d0ec
b44982e5d6f2f86337752c0217d792422ad4178266c29d02c067dc211bfb4368
b5022987c92f476c489a34d392f8dc8cae6b97971ac0be8dab712b2b75c7764b
b50455c45ac8979eb058cab64e46e89fd4f3dae81a28a9eee6194ee035b6b33e
b8266d9c9eefffb417e537eea269e2f69dac0a5a72dbf547227fdf6c2ec2e876
ca2ff25afe9ddd9667730a1b0b9a6cb908ec05436943ca1384402626990af959
e150ec1939230da37fefb50a40d8766b38060db920f0823c387e57c8cceca676
e77cdbd21d8b7329c5261bc13752744951caef0009c1ef36e20ecc43183f7dd2
ed54449cd63ec194c3eaecbc5b634843a61dc32236efbbc24483c2a43a332a85
fb0bccc37a1e1032fb54e1cf8f7d8f3b316c38927388cc24dafceb5bae618336
fe2ca4a9e1bf851093e9e7fe0d12356a7588ea38229781ad629af64ae5cbb69a

terugroepactiesec.online Open in urlscan Pro 45.11.19.208 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

560 kBTransfer

1817 kBSize

0 Cookies

46 Outgoing links

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

0 Cookies

Indicators

terugroepactiesec.online Open in urlscan Pro
45.11.19.208 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

560 kB
Transfer

1817 kB
Size

0
Cookies

24 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!