urlscan.io logo urlscan.io
SecurityTrails logo

friendly-hodgkin.37-114-62-40.plesk.page Open in urlscan Pro
37.114.62.40  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://jelink.id/mijndiensten
Effective URL: https://friendly-hodgkin.37-114-62-40.plesk.page/kill/
Submission: On July 31 via manual from TR — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 30 HTTP transactions. The main IP is 37.114.62.40, located in Germany and belongs to IP-PROJECTS, DE. The main domain is friendly-hodgkin.37-114-62-40.plesk.page.
TLS certificate: Issued by R3 on July 31st 2023. Valid for: 3 months.
This is the only time friendly-hodgkin.37-114-62-40.plesk.page was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Rabobank (Banking)

Domain & IP information

IP Address AS Autonomous System
2 2 3.1.229.209 16509 (AMAZON-02)
1 104.244.42.69 13414 (TWITTER)
3 37.114.62.40 48314 (IP-PROJECTS)
23 2600:1413:b00... 20940 (AKAMAI-ASN1)
30 4
Apex Domain
Subdomains		 Transfer
23 rabobank.nl
bankieren.rabobank.nl — Cisco Umbrella Rank: 54699
240 KB
3 plesk.page
friendly-hodgkin.37-114-62-40.plesk.page
4 KB
2 jelink.id
jelink.id
339 B
1 t.co
t.co — Cisco Umbrella Rank: 525
684 B
0 Failed
function sub() { [native code] }. Failed
30 5
Domain Requested by
23 bankieren.rabobank.nl friendly-hodgkin.37-114-62-40.plesk.page
bankieren.rabobank.nl
3 friendly-hodgkin.37-114-62-40.plesk.page t.co
friendly-hodgkin.37-114-62-40.plesk.page
2 jelink.id 2 redirects
1 t.co
0 127.0.0.1 Failed friendly-hodgkin.37-114-62-40.plesk.page
30 5

This site contains links to these domains. Also see Links.

Domain
www.rabobank.nl
bankieren.rabobank.nl
Subject Issuer Validity Valid
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-03 -
2024-01-03		 a year crt.sh
friendly-hodgkin.37-114-62-40.plesk.page
R3		 2023-07-31 -
2023-10-29		 3 months crt.sh
bankieren.rabobank.nl
DigiCert SHA2 Extended Validation Server CA		 2023-02-06 -
2024-02-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://friendly-hodgkin.37-114-62-40.plesk.page/kill/
Frame ID: 9371F2D66E4F728DFF8CF2C878DABBFA
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Rabo Internetbankieren - Rabobank

Page URL History Show full URLs

  1. http://jelink.id/mijndiensten HTTP 301
    https://jelink.id/mijndiensten HTTP 301
    https://t.co/BZSp0t64Dz Page URL
  2. https://friendly-hodgkin.37-114-62-40.plesk.page/kill/ Page URL

Page Statistics

30
Requests

90 %
HTTPS

25 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

245 kB
Transfer

488 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://jelink.id/mijndiensten HTTP 301
    https://jelink.id/mijndiensten HTTP 301
    https://t.co/BZSp0t64Dz Page URL
  2. https://friendly-hodgkin.37-114-62-40.plesk.page/kill/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://jelink.id/mijndiensten HTTP 301
  • https://jelink.id/mijndiensten HTTP 301
  • https://t.co/BZSp0t64Dz

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
BZSp0t64Dz
t.co/
Redirect Chain
  • http://jelink.id/mijndiensten
  • https://jelink.id/mijndiensten
  • https://t.co/BZSp0t64Dz
318 B
684 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/BZSp0t64Dz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_k /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
202
content-type
text/html; charset=utf-8
date
Mon, 31 Jul 2023 08:53:25 GMT
expires
Mon, 31 Jul 2023 08:58:26 GMT
perf
7626143928
server
tsa_k
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
c0f678a3adf378085c935e818071a7d9eecc67edd6e0dd859aee718f1e6b88f4
x-response-time
177
x-transaction-id
eaeff39e217bf46d
x-xss-protection
0

Redirect headers

content-type
text/html; charset=UTF-8
date
Mon, 31 Jul 2023 08:53:25 GMT
location
https://t.co/BZSp0t64Dz
server
Apache
Primary Request /
friendly-hodgkin.37-114-62-40.plesk.page/kill/ 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://friendly-hodgkin.37-114-62-40.plesk.page/kill/
Requested by
Host: t.co
URL: https://t.co/BZSp0t64Dz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.114.62.40 , Germany, ASN48314 (IP-PROJECTS, DE),
Reverse DNS
fra01.ihr-webhosting.de
Software
nginx / PHP/8.0.29 PleskLin
Resource Hash
6cedf63ac4a946713ed1e9e31eb5139c4b5dd2efe3046cbafe408090b4307607

Request headers

Referer
https://t.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-encoding
gzip
content-length
3247
content-type
text/html; charset=UTF-8
date
Mon, 31 Jul 2023 08:53:27 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.0.29 PleskLin
force-myriad.css
bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/css/fonts/myriad/ 		121 B
987 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/css/fonts/myriad/force-myriad.css
Requested by
Host: friendly-hodgkin.37-114-62-40.plesk.page
URL: https://friendly-hodgkin.37-114-62-40.plesk.page/kill/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:6::17d5:2bc4 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5480e455fe88ae27ac083954834e86fc1ccd392e9f37872a55c13e1fd23dfbac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://friendly-hodgkin.37-114-62-40.plesk.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:53:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 27 Jul 2023 21:01:49 GMT
etag
"64c2db3d-79"
vary
Accept-Encoding
content-security-policy-report-only
default-src https://*.rabobank.nl https://*.rabobank.com http://127.0.0.1:37956 http://127.0.0.1:7070 http://127.0.0.1:5938 https://75vqvwol.filecdn.org https://www.google-analytics.com https://www.googletagmanager.com https://tags.tiqcdn.com https://d6tizftlrpuof.cloudfront.net https://w.usabilla.com https://api.usabilla.com https://*.cloud.es.io https://*.mypurecloud.de wss://*.mypurecloud.de https://*.split.io data: gap: nativebridge: blob: 'self' 'unsafe-inline' 'unsafe-eval'; report-uri /s-t-a-t-i-c/qslcsp
p3p
policyref="/rabo/w3c/p3p.xml", CP="OTI CURa ADMa OUR NOR BUS UNI COM NAV"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=7200
accept-ranges
bytes
content-length
123
rass-proto.css
bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/css/ 		124 KB
82 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/css/rass-proto.css
Requested by
Host: friendly-hodgkin.37-114-62-40.plesk.page
URL: https://friendly-hodgkin.37-114-62-40.plesk.page/kill/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:6::17d5:2bc4 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9b203466564c4b1976d4b9b6e0ff6bd068c9e06582400c2dd4fcced198e793cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://friendly-hodgkin.37-114-62-40.plesk.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:53:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 27 Jul 2023 21:01:49 GMT
etag
W/"64c2db3d-1f189"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
p3p
policyref="/rabo/w3c/p3p.xml", CP="OTI CURa ADMa OUR NOR BUS UNI COM NAV"
content-security-policy-report-only
default-src https://*.rabobank.nl https://*.rabobank.com http://127.0.0.1:37956 http://127.0.0.1:7070 http://127.0.0.1:5938 https://75vqvwol.filecdn.org https://www.google-analytics.com https://www.googletagmanager.com https://tags.tiqcdn.com https://d6tizftlrpuof.cloudfront.net https://w.usabilla.com https://api.usabilla.com https://*.cloud.es.io https://*.mypurecloud.de wss://*.mypurecloud.de https://*.split.io data: gap: nativebridge: blob: 'self' 'unsafe-inline' 'unsafe-eval'; report-uri /s-t-a-t-i-c/qslcsp
content-type
text/css
cache-control
public, max-age=7200
www-extension.css
bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/css/ 		28 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/css/www-extension.css
Requested by
Host: friendly-hodgkin.37-114-62-40.plesk.page
URL: https://friendly-hodgkin.37-114-62-40.plesk.page/kill/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:6::17d5:2bc4 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4e08e0cc4968c0819dda436a0563971979e4b0dba65bb3e2d3345b9941b35af8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://friendly-hodgkin.37-114-62-40.plesk.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:53:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 27 Jul 2023 21:01:49 GMT
etag
W/"64c2db3d-710c"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
p3p
policyref="/rabo/w3c/p3p.xml", CP="OTI CURa ADMa OUR NOR BUS UNI COM NAV"
content-security-policy-report-only
default-src https://*.rabobank.nl https://*.rabobank.com http://127.0.0.1:37956 http://127.0.0.1:7070 http://127.0.0.1:5938 https://75vqvwol.filecdn.org https://www.google-analytics.com https://www.googletagmanager.com https://tags.tiqcdn.com https://d6tizftlrpuof.cloudfront.net https://w.usabilla.com https://api.usabilla.com https://*.cloud.es.io https://*.mypurecloud.de wss://*.mypurecloud.de https://*.split.io data: gap: nativebridge: blob: 'self' 'unsafe-inline' 'unsafe-eval'; report-uri /s-t-a-t-i-c/qslcsp
content-type
text/css
cache-control
public, max-age=7200
content-length
5206
default.css
bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/css/fonts/myriad/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/css/fonts/myriad/default.css
Requested by
Host: friendly-hodgkin.37-114-62-40.plesk.page
URL: https://friendly-hodgkin.37-114-62-40.plesk.page/kill/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:6::17d5:2bc4 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1cef08125614b1fee7983a9a2b136aa5245c077fc375c473ee31e77e705c6ace
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://friendly-hodgkin.37-114-62-40.plesk.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:53:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 27 Jul 2023 21:02:37 GMT
etag
W/"64c2db6d-11ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
p3p
policyref="/rabo/w3c/p3p.xml", CP="OTI CURa ADMa OUR NOR BUS UNI COM NAV"
content-security-policy-report-only
default-src https://*.rabobank.nl https://*.rabobank.com http://127.0.0.1:37956 http://127.0.0.1:7070 http://127.0.0.1:5938 https://75vqvwol.filecdn.org https://www.google-analytics.com https://www.googletagmanager.com https://tags.tiqcdn.com https://d6tizftlrpuof.cloudfront.net https://w.usabilla.com https://api.usabilla.com https://*.cloud.es.io https://*.mypurecloud.de wss://*.mypurecloud.de https://*.split.io data: gap: nativebridge: blob: 'self' 'unsafe-inline' 'unsafe-eval'; report-uri /s-t-a-t-i-c/qslcsp
content-type
text/css
cache-control
public, max-age=7198
content-length
1492
senses2-styling.css
bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/css/senses2-styling.css
Requested by
Host: friendly-hodgkin.37-114-62-40.plesk.page
URL: https://friendly-hodgkin.37-114-62-40.plesk.page/kill/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:6::17d5:2bc4 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
aa9183beaaea835f7f70b5d2ccc01d1bf4158dfd2f9584473fa96a759d69f392
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://friendly-hodgkin.37-114-62-40.plesk.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:53:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 27 Jul 2023 21:01:49 GMT
etag
W/"64c2db3d-24a4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
p3p
policyref="/rabo/w3c/p3p.xml", CP="OTI CURa ADMa OUR NOR BUS UNI COM NAV"
content-security-policy-report-only
default-src https://*.rabobank.nl https://*.rabobank.com http://127.0.0.1:37956 http://127.0.0.1:7070 http://127.0.0.1:5938 https://75vqvwol.filecdn.org https://www.google-analytics.com https://www.googletagmanager.com https://tags.tiqcdn.com https://d6tizftlrpuof.cloudfront.net https://w.usabilla.com https://api.usabilla.com https://*.cloud.es.io https://*.mypurecloud.de wss://*.mypurecloud.de https://*.split.io data: gap: nativebridge: blob: 'self' 'unsafe-inline' 'unsafe-eval'; report-uri /s-t-a-t-i-c/qslcsp
content-type
text/css
cache-control
public, max-age=7200
content-length
2161
rass-statics.esm.js
bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v2/vrs_7160144/assets/javascript/rass/ 		0
0
common.js
friendly-hodgkin.37-114-62-40.plesk.page/dsc/web/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://friendly-hodgkin.37-114-62-40.plesk.page/dsc/web/common.js
Requested by
Host: friendly-hodgkin.37-114-62-40.plesk.page
URL: https://friendly-hodgkin.37-114-62-40.plesk.page/kill/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.114.62.40 , Germany, ASN48314 (IP-PROJECTS, DE),
Reverse DNS
fra01.ihr-webhosting.de
Software
nginx /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://friendly-hodgkin.37-114-62-40.plesk.page/kill/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:53:27 GMT
content-encoding
br
last-modified
Mon, 31 Jul 2023 07:51:17 GMT
server
nginx
etag
W/"328-601c3b20995a6"
content-type
text/html
sfc-style.css
bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v2/vrs_7160144/assets/css/ 		109 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v2/vrs_7160144/assets/css/sfc-style.css
Requested by
Host: friendly-hodgkin.37-114-62-40.plesk.page
URL: https://friendly-hodgkin.37-114-62-40.plesk.page/kill/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:6::17d5:2bc4 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6b4a437f44672b422372b6ec653723a07b37886d064b0caa0658ddc9b7343131
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://friendly-hodgkin.37-114-62-40.plesk.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:53:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 03 Jul 2023 21:03:19 GMT
etag
W/"64a33797-1b40b"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
p3p
policyref="/rabo/w3c/p3p.xml", CP="OTI CURa ADMa OUR NOR BUS UNI COM NAV"
content-security-policy-report-only
default-src https://*.rabobank.nl https://*.rabobank.com http://127.0.0.1:37956 http://127.0.0.1:7070 http://127.0.0.1:5938 https://75vqvwol.filecdn.org https://www.google-analytics.com https://www.googletagmanager.com https://tags.tiqcdn.com https://d6tizftlrpuof.cloudfront.net https://w.usabilla.com https://api.usabilla.com https://*.cloud.es.io https://*.mypurecloud.de wss://*.mypurecloud.de https://*.split.io data: gap: nativebridge: blob: 'self' 'unsafe-inline' 'unsafe-eval'; report-uri /s-t-a-t-i-c/qslcsp
content-type
text/css
cache-control
public, max-age=45
content-length
11601
default.css
bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v2/vrs_7160144/assets/fonts/myriad/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v2/vrs_7160144/assets/fonts/myriad/default.css
Requested by
Host: friendly-hodgkin.37-114-62-40.plesk.page
URL: https://friendly-hodgkin.37-114-62-40.plesk.page/kill/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:6::17d5:2bc4 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cd0681d2b6bf706a76cd2d531bca15306f22f293c2c8fbf697d698031d1577d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://friendly-hodgkin.37-114-62-40.plesk.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:53:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 03 Jul 2023 21:03:19 GMT
etag
W/"64a33797-13c5"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
p3p
policyref="/rabo/w3c/p3p.xml", CP="OTI CURa ADMa OUR NOR BUS UNI COM NAV"
content-security-policy-report-only
default-src https://*.rabobank.nl https://*.rabobank.com http://127.0.0.1:37956 http://127.0.0.1:7070 http://127.0.0.1:5938 https://75vqvwol.filecdn.org https://www.google-analytics.com https://www.googletagmanager.com https://tags.tiqcdn.com https://d6tizftlrpuof.cloudfront.net https://w.usabilla.com https://api.usabilla.com https://*.cloud.es.io https://*.mypurecloud.de wss://*.mypurecloud.de https://*.split.io data: gap: nativebridge: blob: 'self' 'unsafe-inline' 'unsafe-eval'; report-uri /s-t-a-t-i-c/qslcsp
content-type
text/css
cache-control
public, max-age=42
content-length
1627
rabobank_logo.png
bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/images/rabobank_logo.png
Requested by
Host: friendly-hodgkin.37-114-62-40.plesk.page
URL: https://friendly-hodgkin.37-114-62-40.plesk.page/kill/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:6::17d5:2bc4 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
03caeff0f4235241611956eeb18dcbfabb8b67083208f00a0b0f92fbff9b28bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://friendly-hodgkin.37-114-62-40.plesk.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:53:28 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 27 Jul 2023 21:02:37 GMT
etag
"64c2db6d-3f53"
content-security-policy-report-only
default-src https://*.rabobank.nl https://*.rabobank.com http://127.0.0.1:37956 http://127.0.0.1:7070 http://127.0.0.1:5938 https://75vqvwol.filecdn.org https://www.google-analytics.com https://www.googletagmanager.com https://tags.tiqcdn.com https://d6tizftlrpuof.cloudfront.net https://w.usabilla.com https://api.usabilla.com https://*.cloud.es.io https://*.mypurecloud.de wss://*.mypurecloud.de https://*.split.io data: gap: nativebridge: blob: 'self' 'unsafe-inline' 'unsafe-eval'; report-uri /s-t-a-t-i-c/qslcsp
x-frame-options
SAMEORIGIN
p3p
policyref="/rabo/w3c/p3p.xml", CP="OTI CURa ADMa OUR NOR BUS UNI COM NAV"
content-type
image/png
cache-control
public, max-age=4536
accept-ranges
bytes
content-length
16211
grayed-out-vc-nl.png
bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/images/grayed-out-vc-nl.png
Requested by
Host: friendly-hodgkin.37-114-62-40.plesk.page
URL: https://friendly-hodgkin.37-114-62-40.plesk.page/kill/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:6::17d5:2bc4 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cf59560647e49f765aa01b63bff1950159fc806bc2e82bb6154393f6502a18e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://friendly-hodgkin.37-114-62-40.plesk.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:53:28 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 27 Jul 2023 21:01:49 GMT
etag
"64c2db3d-3bfa"
content-security-policy-report-only
default-src https://*.rabobank.nl https://*.rabobank.com http://127.0.0.1:37956 http://127.0.0.1:7070 http://127.0.0.1:5938 https://75vqvwol.filecdn.org https://www.google-analytics.com https://www.googletagmanager.com https://tags.tiqcdn.com https://d6tizftlrpuof.cloudfront.net https://w.usabilla.com https://api.usabilla.com https://*.cloud.es.io https://*.mypurecloud.de wss://*.mypurecloud.de https://*.split.io data: gap: nativebridge: blob: 'self' 'unsafe-inline' 'unsafe-eval'; report-uri /s-t-a-t-i-c/qslcsp
x-frame-options
SAMEORIGIN
p3p
policyref="/rabo/w3c/p3p.xml", CP="OTI CURa ADMa OUR NOR BUS UNI COM NAV"
content-type
image/png
cache-control
public, max-age=4640
accept-ranges
bytes
content-length
15354
brwcook.js
bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/javascript/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/javascript/brwcook.js
Requested by
Host: friendly-hodgkin.37-114-62-40.plesk.page
URL: https://friendly-hodgkin.37-114-62-40.plesk.page/kill/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:6::17d5:2bc4 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fb0bf7d0b22e40dc90eb2dea1495ccd5db62f96904874830d2eb095d9f6677ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://friendly-hodgkin.37-114-62-40.plesk.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:53:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 27 Jul 2023 21:02:37 GMT
etag
W/"64c2db6d-931"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
p3p
policyref="/rabo/w3c/p3p.xml", CP="OTI CURa ADMa OUR NOR BUS UNI COM NAV"
content-security-policy-report-only
default-src https://*.rabobank.nl https://*.rabobank.com http://127.0.0.1:37956 http://127.0.0.1:7070 http://127.0.0.1:5938 https://75vqvwol.filecdn.org https://www.google-analytics.com https://www.googletagmanager.com https://tags.tiqcdn.com https://d6tizftlrpuof.cloudfront.net https://w.usabilla.com https://api.usabilla.com https://*.cloud.es.io https://*.mypurecloud.de wss://*.mypurecloud.de https://*.split.io data: gap: nativebridge: blob: 'self' 'unsafe-inline' 'unsafe-eval'; report-uri /s-t-a-t-i-c/qslcsp
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=7200
content-length
923
brwfunc.js
bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_15_0_2__202108271127/javascript/brw/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_15_0_2__202108271127/javascript/brw/brwfunc.js
Requested by
Host: friendly-hodgkin.37-114-62-40.plesk.page
URL: https://friendly-hodgkin.37-114-62-40.plesk.page/kill/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:6::17d5:2bc4 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e888b1f3ebee4a9a65e67096001cd64a39fba872b8e9704ec7ecb2701d721504
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://friendly-hodgkin.37-114-62-40.plesk.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:53:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 27 Jul 2023 21:02:37 GMT
etag
W/"64c2db6d-50db"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
p3p
policyref="/rabo/w3c/p3p.xml", CP="OTI CURa ADMa OUR NOR BUS UNI COM NAV"
content-security-policy-report-only
default-src https://*.rabobank.nl https://*.rabobank.com http://127.0.0.1:37956 http://127.0.0.1:7070 http://127.0.0.1:5938 https://75vqvwol.filecdn.org https://www.google-analytics.com https://www.googletagmanager.com https://tags.tiqcdn.com https://d6tizftlrpuof.cloudfront.net https://w.usabilla.com https://api.usabilla.com https://*.cloud.es.io https://*.mypurecloud.de wss://*.mypurecloud.de https://*.split.io data: gap: nativebridge: blob: 'self' 'unsafe-inline' 'unsafe-eval'; report-uri /s-t-a-t-i-c/qslcsp
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=360
content-length
6972
device.min.js
bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/scripts/device.min.js
Requested by
Host: friendly-hodgkin.37-114-62-40.plesk.page
URL: https://friendly-hodgkin.37-114-62-40.plesk.page/kill/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:6::17d5:2bc4 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
eff979b9e48677d58bca83cbe1c830ed046b4bd567a2a03d8030981c6654bf2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://friendly-hodgkin.37-114-62-40.plesk.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:53:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 27 Jul 2023 21:01:49 GMT
etag
W/"64c2db3d-ce0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
p3p
policyref="/rabo/w3c/p3p.xml", CP="OTI CURa ADMa OUR NOR BUS UNI COM NAV"
content-security-policy-report-only
default-src https://*.rabobank.nl https://*.rabobank.com http://127.0.0.1:37956 http://127.0.0.1:7070 http://127.0.0.1:5938 https://75vqvwol.filecdn.org https://www.google-analytics.com https://www.googletagmanager.com https://tags.tiqcdn.com https://d6tizftlrpuof.cloudfront.net https://w.usabilla.com https://api.usabilla.com https://*.cloud.es.io https://*.mypurecloud.de wss://*.mypurecloud.de https://*.split.io data: gap: nativebridge: blob: 'self' 'unsafe-inline' 'unsafe-eval'; report-uri /s-t-a-t-i-c/qslcsp
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=4643
content-length
1143
rass-proto.js
bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/scripts/ 		60 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/scripts/rass-proto.js
Requested by
Host: friendly-hodgkin.37-114-62-40.plesk.page
URL: https://friendly-hodgkin.37-114-62-40.plesk.page/kill/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:6::17d5:2bc4 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
753a93eaa809f45658d83b3b803f86355e9da47222ea058c8a28c30d728fdace
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://friendly-hodgkin.37-114-62-40.plesk.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:53:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 27 Jul 2023 21:01:49 GMT
etag
W/"64c2db3d-ee50"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
p3p
policyref="/rabo/w3c/p3p.xml", CP="OTI CURa ADMa OUR NOR BUS UNI COM NAV"
content-security-policy-report-only
default-src https://*.rabobank.nl https://*.rabobank.com http://127.0.0.1:37956 http://127.0.0.1:7070 http://127.0.0.1:5938 https://75vqvwol.filecdn.org https://www.google-analytics.com https://www.googletagmanager.com https://tags.tiqcdn.com https://d6tizftlrpuof.cloudfront.net https://w.usabilla.com https://api.usabilla.com https://*.cloud.es.io https://*.mypurecloud.de wss://*.mypurecloud.de https://*.split.io data: gap: nativebridge: blob: 'self' 'unsafe-inline' 'unsafe-eval'; report-uri /s-t-a-t-i-c/qslcsp
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=4557
content-length
12741
analyticsProxy.js
bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/javascript/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/javascript/analyticsProxy.js
Requested by
Host: friendly-hodgkin.37-114-62-40.plesk.page
URL: https://friendly-hodgkin.37-114-62-40.plesk.page/kill/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:6::17d5:2bc4 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://friendly-hodgkin.37-114-62-40.plesk.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
checkbox_off.svg
bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/css/images/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/css/images/checkbox_off.svg
Requested by
Host: bankieren.rabobank.nl
URL: https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/css/www-extension.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:6::17d5:2bc4 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
472369804eed23e731261b2a4bdc6c454a9c31ca008c393d797b95160b14276b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/css/www-extension.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:53:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 27 Jul 2023 21:01:49 GMT
etag
"64c2db3d-b90"
vary
Accept-Encoding
content-security-policy-report-only
default-src https://*.rabobank.nl https://*.rabobank.com http://127.0.0.1:37956 http://127.0.0.1:7070 http://127.0.0.1:5938 https://75vqvwol.filecdn.org https://www.google-analytics.com https://www.googletagmanager.com https://tags.tiqcdn.com https://d6tizftlrpuof.cloudfront.net https://w.usabilla.com https://api.usabilla.com https://*.cloud.es.io https://*.mypurecloud.de wss://*.mypurecloud.de https://*.split.io data: gap: nativebridge: blob: 'self' 'unsafe-inline' 'unsafe-eval'; report-uri /s-t-a-t-i-c/qslcsp
p3p
policyref="/rabo/w3c/p3p.xml", CP="OTI CURa ADMa OUR NOR BUS UNI COM NAV"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=4563
accept-ranges
bytes
content-length
768
icon_supercirkel_kruisje.svg
bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/css/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/css/images/icon_supercirkel_kruisje.svg
Requested by
Host: bankieren.rabobank.nl
URL: https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/css/www-extension.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:6::17d5:2bc4 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
828129fe18f492866bcc822c9338af9244d4677404d899f80121dbfaccefe82d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/css/www-extension.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:53:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 27 Jul 2023 21:02:37 GMT
etag
"64c2db6d-504"
vary
Accept-Encoding
content-security-policy-report-only
default-src https://*.rabobank.nl https://*.rabobank.com http://127.0.0.1:37956 http://127.0.0.1:7070 http://127.0.0.1:5938 https://75vqvwol.filecdn.org https://www.google-analytics.com https://www.googletagmanager.com https://tags.tiqcdn.com https://d6tizftlrpuof.cloudfront.net https://w.usabilla.com https://api.usabilla.com https://*.cloud.es.io https://*.mypurecloud.de wss://*.mypurecloud.de https://*.split.io data: gap: nativebridge: blob: 'self' 'unsafe-inline' 'unsafe-eval'; report-uri /s-t-a-t-i-c/qslcsp
p3p
policyref="/rabo/w3c/p3p.xml", CP="OTI CURa ADMa OUR NOR BUS UNI COM NAV"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=4561
accept-ranges
bytes
content-length
681
icon_supercirkel_vraagteken.svg
bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/css/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/css/images/icon_supercirkel_vraagteken.svg
Requested by
Host: bankieren.rabobank.nl
URL: https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/css/www-extension.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:6::17d5:2bc4 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5bc5eedf7164055f5658a7c6129ff8886564713fe82cad2ed3d9f94f6308f5f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/css/www-extension.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:53:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 27 Jul 2023 21:01:49 GMT
etag
"64c2db3d-54f"
vary
Accept-Encoding
content-security-policy-report-only
default-src https://*.rabobank.nl https://*.rabobank.com http://127.0.0.1:37956 http://127.0.0.1:7070 http://127.0.0.1:5938 https://75vqvwol.filecdn.org https://www.google-analytics.com https://www.googletagmanager.com https://tags.tiqcdn.com https://d6tizftlrpuof.cloudfront.net https://w.usabilla.com https://api.usabilla.com https://*.cloud.es.io https://*.mypurecloud.de wss://*.mypurecloud.de https://*.split.io data: gap: nativebridge: blob: 'self' 'unsafe-inline' 'unsafe-eval'; report-uri /s-t-a-t-i-c/qslcsp
p3p
policyref="/rabo/w3c/p3p.xml", CP="OTI CURa ADMa OUR NOR BUS UNI COM NAV"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=4629
accept-ranges
bytes
content-length
736
icon_supercirkel_pijl.svg
bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/css/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/css/images/icon_supercirkel_pijl.svg
Requested by
Host: bankieren.rabobank.nl
URL: https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/css/www-extension.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:6::17d5:2bc4 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c0a3bbe501ee2ef2c8bc2031667bdc41d3f4d19e1715317d6a9ef924b0d39323
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/css/www-extension.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:53:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 27 Jul 2023 21:02:37 GMT
etag
"64c2db6d-4a6"
vary
Accept-Encoding
content-security-policy-report-only
default-src https://*.rabobank.nl https://*.rabobank.com http://127.0.0.1:37956 http://127.0.0.1:7070 http://127.0.0.1:5938 https://75vqvwol.filecdn.org https://www.google-analytics.com https://www.googletagmanager.com https://tags.tiqcdn.com https://d6tizftlrpuof.cloudfront.net https://w.usabilla.com https://api.usabilla.com https://*.cloud.es.io https://*.mypurecloud.de wss://*.mypurecloud.de https://*.split.io data: gap: nativebridge: blob: 'self' 'unsafe-inline' 'unsafe-eval'; report-uri /s-t-a-t-i-c/qslcsp
p3p
policyref="/rabo/w3c/p3p.xml", CP="OTI CURa ADMa OUR NOR BUS UNI COM NAV"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=4674
accept-ranges
bytes
content-length
648
fd5daa3f-a61a-4aed-93cd-54bc94bb59b6.woff2
bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v2/vrs_7160144/assets/fonts/myriad/files/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v2/vrs_7160144/assets/fonts/myriad/files/fd5daa3f-a61a-4aed-93cd-54bc94bb59b6.woff2
Requested by
Host: bankieren.rabobank.nl
URL: https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v2/vrs_7160144/assets/fonts/myriad/default.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:6::17d5:2bc4 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1a35e85545a55eb7a307543de45c5a73588d63d9b08fd571c22ae6ec1a2f78d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v2/vrs_7160144/assets/fonts/myriad/default.css
Origin
https://friendly-hodgkin.37-114-62-40.plesk.page
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:53:29 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 03 Jul 2023 21:03:19 GMT
etag
"64a33797-4138"
content-security-policy-report-only
default-src https://*.rabobank.nl https://*.rabobank.com http://127.0.0.1:37956 http://127.0.0.1:7070 http://127.0.0.1:5938 https://75vqvwol.filecdn.org https://www.google-analytics.com https://www.googletagmanager.com https://tags.tiqcdn.com https://d6tizftlrpuof.cloudfront.net https://w.usabilla.com https://api.usabilla.com https://*.cloud.es.io https://*.mypurecloud.de wss://*.mypurecloud.de https://*.split.io data: gap: nativebridge: blob: 'self' 'unsafe-inline' 'unsafe-eval'; report-uri /s-t-a-t-i-c/qslcsp
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
p3p
policyref="/rabo/w3c/p3p.xml", CP="OTI CURa ADMa OUR NOR BUS UNI COM NAV"
accept-ranges
bytes
content-length
16696
0b6110f9-6072-46b9-98af-7d09f7c895b8.woff2
bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v2/vrs_7160144/assets/fonts/myriad/files/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v2/vrs_7160144/assets/fonts/myriad/files/0b6110f9-6072-46b9-98af-7d09f7c895b8.woff2
Requested by
Host: bankieren.rabobank.nl
URL: https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v2/vrs_7160144/assets/fonts/myriad/default.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:6::17d5:2bc4 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2aa2c3139fe0f3233bbab4e43ef2885af045555933aef6570046e6df2f7f57f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v2/vrs_7160144/assets/fonts/myriad/default.css
Origin
https://friendly-hodgkin.37-114-62-40.plesk.page
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:53:29 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 03 Jul 2023 21:03:19 GMT
etag
"64a33797-3fe4"
content-security-policy-report-only
default-src https://*.rabobank.nl https://*.rabobank.com http://127.0.0.1:37956 http://127.0.0.1:7070 http://127.0.0.1:5938 https://75vqvwol.filecdn.org https://www.google-analytics.com https://www.googletagmanager.com https://tags.tiqcdn.com https://d6tizftlrpuof.cloudfront.net https://w.usabilla.com https://api.usabilla.com https://*.cloud.es.io https://*.mypurecloud.de wss://*.mypurecloud.de https://*.split.io data: gap: nativebridge: blob: 'self' 'unsafe-inline' 'unsafe-eval'; report-uri /s-t-a-t-i-c/qslcsp
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
p3p
policyref="/rabo/w3c/p3p.xml", CP="OTI CURa ADMa OUR NOR BUS UNI COM NAV"
accept-ranges
bytes
content-length
16356
eba438b3-9ab9-48ba-b1c5-610f83b38303.woff2
bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v2/vrs_7160144/assets/fonts/myriad/files/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v2/vrs_7160144/assets/fonts/myriad/files/eba438b3-9ab9-48ba-b1c5-610f83b38303.woff2
Requested by
Host: bankieren.rabobank.nl
URL: https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v2/vrs_7160144/assets/fonts/myriad/default.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:6::17d5:2bc4 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1a7a9cac93c013eb29540881bcbd9d36cefbfff632941ebfd4814449caec964d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v2/vrs_7160144/assets/fonts/myriad/default.css
Origin
https://friendly-hodgkin.37-114-62-40.plesk.page
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:53:29 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 03 Jul 2023 21:03:19 GMT
etag
"64a33797-3f10"
content-security-policy-report-only
default-src https://*.rabobank.nl https://*.rabobank.com http://127.0.0.1:37956 http://127.0.0.1:7070 http://127.0.0.1:5938 https://75vqvwol.filecdn.org https://www.google-analytics.com https://www.googletagmanager.com https://tags.tiqcdn.com https://d6tizftlrpuof.cloudfront.net https://w.usabilla.com https://api.usabilla.com https://*.cloud.es.io https://*.mypurecloud.de wss://*.mypurecloud.de https://*.split.io data: gap: nativebridge: blob: 'self' 'unsafe-inline' 'unsafe-eval'; report-uri /s-t-a-t-i-c/qslcsp
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
p3p
policyref="/rabo/w3c/p3p.xml", CP="OTI CURa ADMa OUR NOR BUS UNI COM NAV"
accept-ranges
bytes
content-length
16144
3b0f1c67-c2e4-4df6-976f-49d52e45aba1.woff2
bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v2/vrs_7160144/assets/fonts/myriad/files/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v2/vrs_7160144/assets/fonts/myriad/files/3b0f1c67-c2e4-4df6-976f-49d52e45aba1.woff2
Requested by
Host: bankieren.rabobank.nl
URL: https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v2/vrs_7160144/assets/fonts/myriad/default.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:6::17d5:2bc4 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
49be0df2d6bfe51dc29e0f5cebd2b99b6b1e4463c2d1250f1b1ae3ac36d0ce41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v2/vrs_7160144/assets/fonts/myriad/default.css
Origin
https://friendly-hodgkin.37-114-62-40.plesk.page
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:53:29 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 03 Jul 2023 21:03:19 GMT
etag
"64a33797-3ff8"
content-security-policy-report-only
default-src https://*.rabobank.nl https://*.rabobank.com http://127.0.0.1:37956 http://127.0.0.1:7070 http://127.0.0.1:5938 https://75vqvwol.filecdn.org https://www.google-analytics.com https://www.googletagmanager.com https://tags.tiqcdn.com https://d6tizftlrpuof.cloudfront.net https://w.usabilla.com https://api.usabilla.com https://*.cloud.es.io https://*.mypurecloud.de wss://*.mypurecloud.de https://*.split.io data: gap: nativebridge: blob: 'self' 'unsafe-inline' 'unsafe-eval'; report-uri /s-t-a-t-i-c/qslcsp
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
p3p
policyref="/rabo/w3c/p3p.xml", CP="OTI CURa ADMa OUR NOR BUS UNI COM NAV"
accept-ranges
bytes
content-length
16376
trans.gif
friendly-hodgkin.37-114-62-40.plesk.page/qsl/ 		808 B
808 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friendly-hodgkin.37-114-62-40.plesk.page/qsl/trans.gif?data=MzAwMTA9YzQwYjMzYzExMTZlNDVkZWEzYTRkYTJmZTQ1N2UwODNfMTYzMTEyMzk3MTM5MSY0MDAyMD0lMkZraWxsJTJGJjQwMDMwPTE2MDAmNDAwNDA9MTIwMCY0MDA1MD0xNjAwJjQwMDYwPTEyMDAmNDAwNzA9TmV0c2NhcGUmNDAwODA9ZmFsc2UmNDAwOTA9TW96aWxsYSYyMDEwMD0yMzMmNDAxMTA9MTEwNiY0MDEyMD01LjAlMjAoV2luZG93cyUyME5UJTIwMTAuMCUzQiUyMFdpbjY0JTNCJTIweDY0KSUyMEFwcGxlV2ViS2l0JTJGNTM3LjM2JTIwKEtIVE1MJTJDJTIwbGlrZSUyMEdlY2tvKSUyMENocm9tZSUyRjExNS4wLjU3OTAuMTEwJTIwU2FmYXJpJTJGNTM3LjM2JjIwMTMwPTEyODk3JjIwMTQwPTE5OCY0MDE1MD1XaW4zMiY0MDE2MD1Nb3ppbGxhJTJGNS4wJTIwKFdpbmRvd3MlMjBOVCUyMDEwLjAlM0IlMjBXaW42NCUzQiUyMHg2NCklMjBBcHBsZVdlYktpdCUyRjUzNy4zNiUyMChLSFRNTCUyQyUyMGxpa2UlMjBHZWNrbyklMjBDaHJvbWUlMkYxMTUuMC41NzkwLjExMCUyMFNhZmFyaSUyRjUzNy4zNiY0MDE3MD10cnVlJjQwMjAwPTAwRlcxNDRXMTcxMEZVMTQ0VjE3MDFYMTRCNFkxNzAyWUoxNDRXMTcwSDNXMTQ0VjE3MTFZMTRMNFUxNzEyVTE0RjRYMTcxM05WMTQ0WTE3MDRXMTRKNFkxNzE0VUoxNDRXMTcwNVgxRjQ0VTE3MDZZMTRQNFkxNzA3WTE0UDRZMTcwTDhYMTQ0VzE3MThOVzE0NFcxNzA5WUIxNDRYMTcxUDVVMTQ0VTE3MUg2VjE0NFcxNzFMN1gxNDRYMTcmMjAyMTA9JjMwMjIwPU1vbiUyMEp1bCUyMDMxJTIwMjAyMyUyMDA4JTNBNTMlM0EyOSUyMEdNVCUyQjAwMDAlMjAoR01UKSYyMDIzMD1GYWxzZSY0MDI1MD1UT0RPJjQwMjYwPWVuLVVTJjIwMjcwPWh0dHBzJTNBJTJGJTJGYmFua2llcmVuLnJhYm9iYW5rLm5sJTJGcy10LWEtdC1pLWMlMkZtc3AlMkZhdXRoZW50aWNhdGlvbiUyRnYxJTJGcmFibyUyRnNhbSUyRnN0YXRpY2NvbnRlbnQlMkZ2cnNfMjE5Nzc3OSUyRm5ld2Rlc2lnbiUyRmltYWdlcyUyRnJhYm9iYW5rX2xvZ28ucG5nfDEyNHwxNDh8MCYyMDI3MD1odHRwcyUzQSUyRiUyRmJhbmtpZXJlbi5yYWJvYmFuay5ubCUyRnMtdC1hLXQtaS1jJTJGbXNwJTJGYXV0aGVudGljYXRpb24lMkZ2MSUyRnJhYm8lMkZzYW0lMkZzdGF0aWNjb250ZW50JTJGdnJzXzIxOTc3NzklMkZuZXdkZXNpZ24lMkZpbWFnZXMlMkZncmF5ZWQtb3V0LXZjLW5sLnBuZ3wyNTB8MjUwfDAmNDAyODA9MCYzMDI5MD0xJjQwMzAwPXVua25vd24mOTkzMjA9ZmFsc2UmMjAzMTA9aHR0cHMlM0EmNDAzMzA9dW5rbm93biY0MDM0MD1DaHJvbWUlMjBQREYlMjBQbHVnaW58Q2hyb21lJTIwUERGJTIwVmlld2VyfE5hdGl2ZSUyMENsaWVudCYyMDM1MD0lMjJVUi1kJTE5JTNEJTA0JTE1RiU1RScwMjIlMUUlMUIlNURVMCElM0VzJTVEUGZRJTIwJTJCMjIlMUUlMUImMzAzNjA9MiYyMDM3MD1BJTAzJjIwMzgwPUIlMDVMcjglNjAmMjAzOTA9JTIzV1klMjY4M2clNDAlMTIlMDclMDMhdWFiRiUxNSUwMCUwNSUyNiExJTYwJTExRFBRcCUyMjVnRUdRJTAwenclMEZiRkMlMDUlMDFwd2lkQUMlMEQlMDElM0U3JTE4ITclMTVWQiUwMSUyQyUzQiUyRiUxNiUxMVhDJzglMTElMjYlMDQlMTglN0RUJTNFOCUxMSUyNiUwNCUxOHYlNDAlMjM3JTFFISUwQyUwQ1hRJTJDJTIzJTI1MiUxNyUxNUglNUUuOCUwMzAlMTklMTRIU3Z0MiU2MEMlMTMlMDUlMDFzcjVnRSUxNFFRcSUyNWQ3JTExQlJVdnFnNiU0MEglMDdvc3JjYkFCJTA3JTA5dXVjakElMEN1RTYlMkMlMTk3JTBDJTBDdUU2JTJDJTEyJTIzJTExJTAzekIlM0U4JTIzJTFCJTAyN1FSMCUwNzg4JTBDJTFGWkw2JyUzRiUzRiUxRiUwMldfJTI2ISUyQyUxOCUxQyUxNUFCISUyQjQ2UCUxRkRYJTIzKDUlM0QlMEMlMjNXWSUyNjgzZyU0MCUxMiUwNyUwMyF1YWJGJTE1JTAwJTA1JTI2ITElNjAlMTFEUFFwJTIyNWdFR1ElMDB6dyUwRmJGQyUwNSUwMXB3aWRBQyUwRCUwMSUzRTclMTghNyUxNVZCJTAxJTJDJTNCJTJGJTE2JTExWEMnOCUxMSUyNiUwNCUxOHdUJTNFOCUyMyUyNiUxMiUxRCU1REQlM0UlMEQlM0UlM0YlMUYlMTdTVSUyQzgzMiUxRSUxM1ElNUMlM0UlMDUlM0UlM0QlMDUlMUNRQicqJTJDJTAwJTEzJTE5UEwhcCU2MDFDQ1clMDFzdWY2REVQVSUyM3cxZyUxNCUxMSUwNlYncGVkJTE1JTQwJTBDJTAzJTFEdWYlNjBBQSUwNiUwMyU3QnNhJTYwSUFIQyUwQTYlMTc2JTEyJTAyd1gpODYyJTFDJTAzUUwlMDMxJTI0JTNCOSUxNEhMJTAzMSUyNCUzQjIlMDBVQyUwQzYlMkMlMkYlMTMlMDRRVCUxMCExNyUxNSUwMkhCMDg5JyUxMyUxOEZVJTIzJTIwNSElMEM5WiU1Qy0lMjM3NiUxRVBZVTZkJTAyMiUxRSUxNCU1QiU1RGIlMTY1MiUxNCUxNUZMJjIwNDAwPUElMDIlMDlyc2klNjBGJTQwJTBEJTAwcnQmMjA0MTA9Jjk5NDIwPXA0MEJEUFNwJjEwNDMwPQ==
Requested by
Host: friendly-hodgkin.37-114-62-40.plesk.page
URL: https://friendly-hodgkin.37-114-62-40.plesk.page/kill/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.114.62.40 , Germany, ASN48314 (IP-PROJECTS, DE),
Reverse DNS
fra01.ihr-webhosting.de
Software
nginx /
Resource Hash
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://friendly-hodgkin.37-114-62-40.plesk.page/kill/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:53:29 GMT
content-encoding
br
last-modified
Mon, 31 Jul 2023 07:51:17 GMT
server
nginx
etag
W/"328-601c3b20995a6"
content-type
text/html
rabobank.svg
bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_7403571/newdesign/images/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_7403571/newdesign/images/rabobank.svg
Requested by
Host: bankieren.rabobank.nl
URL: https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/css/senses2-styling.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:6::17d5:2bc4 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1361e81984b190dfb362eff0ea3085da933c920b9aa7f1d03e9e1e3edef57b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v1/rabo/sam/staticcontent/vrs_2197779/newdesign/css/senses2-styling.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:53:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 27 Jul 2023 21:01:49 GMT
etag
"64c2db3d-18bb"
vary
Accept-Encoding
content-security-policy-report-only
default-src https://*.rabobank.nl https://*.rabobank.com http://127.0.0.1:37956 http://127.0.0.1:7070 http://127.0.0.1:5938 https://75vqvwol.filecdn.org https://www.google-analytics.com https://www.googletagmanager.com https://tags.tiqcdn.com https://d6tizftlrpuof.cloudfront.net https://w.usabilla.com https://api.usabilla.com https://*.cloud.es.io https://*.mypurecloud.de wss://*.mypurecloud.de https://*.split.io data: gap: nativebridge: blob: 'self' 'unsafe-inline' 'unsafe-eval'; report-uri /s-t-a-t-i-c/qslcsp
p3p
policyref="/rabo/w3c/p3p.xml", CP="OTI CURa ADMa OUR NOR BUS UNI COM NAV"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=4536
accept-ranges
bytes
content-length
2726
4733550385.png
127.0.0.1/ 		0
0
3372626293.png
127.0.0.1/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bankieren.rabobank.nl
URL
https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v2/vrs_7160144/assets/javascript/rass/rass-statics.esm.js
Domain
127.0.0.1
URL
http://127.0.0.1:7070/4733550385.png
Domain
127.0.0.1
URL
http://127.0.0.1:37956/3372626293.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Rabobank (Banking)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| stopError function| getCookieList function| getCookie function| setCookie function| getCookieValue function| Cookie object| varDate string| varSCID string| varUserLanguage string| varDomain string| s object| expiryDate number| varJSver object| device object| RASS

3 Cookies

Domain/Path Name / Value
.t.co/ Name: muc
Value: 2351860b-ceb3-45fd-bf83-7d217d59f05e
.t.co/ Name: muc_ads
Value: 2351860b-ceb3-45fd-bf83-7d217d59f05e
bankieren.rabobank.nl/ Name: QPRDBANS
Value:

6 Console Messages

Source Level URL
Text
network error URL: https://friendly-hodgkin.37-114-62-40.plesk.page/dsc/web/common.js
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://friendly-hodgkin.37-114-62-40.plesk.page/kill/
Message:
Access to script at 'https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v2/vrs_7160144/assets/javascript/rass/rass-statics.esm.js' from origin 'https://friendly-hodgkin.37-114-62-40.plesk.page' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://bankieren.rabobank.nl/s-t-a-t-i-c/msp/authentication/v2/vrs_7160144/assets/javascript/rass/rass-statics.esm.js
Message:
Failed to load resource: net::ERR_FAILED
security warning URL: https://friendly-hodgkin.37-114-62-40.plesk.page/kill/
Message:
Mixed Content: The page at 'https://friendly-hodgkin.37-114-62-40.plesk.page/kill/' was loaded over HTTPS, but requested an insecure element 'http://127.0.0.1:7070/4733550385.png'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security warning URL: https://friendly-hodgkin.37-114-62-40.plesk.page/kill/
Message:
Mixed Content: The page at 'https://friendly-hodgkin.37-114-62-40.plesk.page/kill/' was loaded over HTTPS, but requested an insecure element 'http://127.0.0.1:37956/3372626293.png'. This request was not upgraded to HTTPS because its URL's host is an IP address.
network error URL: https://friendly-hodgkin.37-114-62-40.plesk.page/qsl/trans.gif?data=MzAwMTA9YzQwYjMzYzExMTZlNDVkZWEzYTRkYTJmZTQ1N2UwODNfMTYzMTEyMzk3MTM5MSY0MDAyMD0lMkZraWxsJTJGJjQwMDMwPTE2MDAmNDAwNDA9MTIwMCY0MDA1MD0xNjAwJjQwMDYwPTEyMDAmNDAwNzA9TmV0c2NhcGUmNDAwODA9ZmFsc2UmNDAwOTA9TW96aWxsYSYyMDEwMD0yMzMmNDAxMTA9MTEwNiY0MDEyMD01LjAlMjAoV2luZG93cyUyME5UJTIwMTAuMCUzQiUyMFdpbjY0JTNCJTIweDY0KSUyMEFwcGxlV2ViS2l0JTJGNTM3LjM2JTIwKEtIVE1MJTJDJTIwbGlrZSUyMEdlY2tvKSUyMENocm9tZSUyRjExNS4wLjU3OTAuMTEwJTIwU2FmYXJpJTJGNTM3LjM2JjIwMTMwPTEyODk3JjIwMTQwPTE5OCY0MDE1MD1XaW4zMiY0MDE2MD1Nb3ppbGxhJTJGNS4wJTIwKFdpbmRvd3MlMjBOVCUyMDEwLjAlM0IlMjBXaW42NCUzQiUyMHg2NCklMjBBcHBsZVdlYktpdCUyRjUzNy4zNiUyMChLSFRNTCUyQyUyMGxpa2UlMjBHZWNrbyklMjBDaHJvbWUlMkYxMTUuMC41NzkwLjExMCUyMFNhZmFyaSUyRjUzNy4zNiY0MDE3MD10cnVlJjQwMjAwPTAwRlcxNDRXMTcxMEZVMTQ0VjE3MDFYMTRCNFkxNzAyWUoxNDRXMTcwSDNXMTQ0VjE3MTFZMTRMNFUxNzEyVTE0RjRYMTcxM05WMTQ0WTE3MDRXMTRKNFkxNzE0VUoxNDRXMTcwNVgxRjQ0VTE3MDZZMTRQNFkxNzA3WTE0UDRZMTcwTDhYMTQ0VzE3MThOVzE0NFcxNzA5WUIxNDRYMTcxUDVVMTQ0VTE3MUg2VjE0NFcxNzFMN1gxNDRYMTcmMjAyMTA9JjMwMjIwPU1vbiUyMEp1bCUyMDMxJTIwMjAyMyUyMDA4JTNBNTMlM0EyOSUyMEdNVCUyQjAwMDAlMjAoR01UKSYyMDIzMD1GYWxzZSY0MDI1MD1UT0RPJjQwMjYwPWVuLVVTJjIwMjcwPWh0dHBzJTNBJTJGJTJGYmFua2llcmVuLnJhYm9iYW5rLm5sJTJGcy10LWEtdC1pLWMlMkZtc3AlMkZhdXRoZW50aWNhdGlvbiUyRnYxJTJGcmFibyUyRnNhbSUyRnN0YXRpY2NvbnRlbnQlMkZ2cnNfMjE5Nzc3OSUyRm5ld2Rlc2lnbiUyRmltYWdlcyUyRnJhYm9iYW5rX2xvZ28ucG5nfDEyNHwxNDh8MCYyMDI3MD1odHRwcyUzQSUyRiUyRmJhbmtpZXJlbi5yYWJvYmFuay5ubCUyRnMtdC1hLXQtaS1jJTJGbXNwJTJGYXV0aGVudGljYXRpb24lMkZ2MSUyRnJhYm8lMkZzYW0lMkZzdGF0aWNjb250ZW50JTJGdnJzXzIxOTc3NzklMkZuZXdkZXNpZ24lMkZpbWFnZXMlMkZncmF5ZWQtb3V0LXZjLW5sLnBuZ3wyNTB8MjUwfDAmNDAyODA9MCYzMDI5MD0xJjQwMzAwPXVua25vd24mOTkzMjA9ZmFsc2UmMjAzMTA9aHR0cHMlM0EmNDAzMzA9dW5rbm93biY0MDM0MD1DaHJvbWUlMjBQREYlMjBQbHVnaW58Q2hyb21lJTIwUERGJTIwVmlld2VyfE5hdGl2ZSUyMENsaWVudCYyMDM1MD0lMjJVUi1kJTE5JTNEJTA0JTE1RiU1RScwMjIlMUUlMUIlNURVMCElM0VzJTVEUGZRJTIwJTJCMjIlMUUlMUImMzAzNjA9MiYyMDM3MD1BJTAzJjIwMzgwPUIlMDVMcjglNjAmMjAzOTA9JTIzV1klMjY4M2clNDAlMTIlMDclMDMhdWFiRiUxNSUwMCUwNSUyNiExJTYwJTExRFBRcCUyMjVnRUdRJTAwenclMEZiRkMlMDUlMDFwd2lkQUMlMEQlMDElM0U3JTE4ITclMTVWQiUwMSUyQyUzQiUyRiUxNiUxMVhDJzglMTElMjYlMDQlMTglN0RUJTNFOCUxMSUyNiUwNCUxOHYlNDAlMjM3JTFFISUwQyUwQ1hRJTJDJTIzJTI1MiUxNyUxNUglNUUuOCUwMzAlMTklMTRIU3Z0MiU2MEMlMTMlMDUlMDFzcjVnRSUxNFFRcSUyNWQ3JTExQlJVdnFnNiU0MEglMDdvc3JjYkFCJTA3JTA5dXVjakElMEN1RTYlMkMlMTk3JTBDJTBDdUU2JTJDJTEyJTIzJTExJTAzekIlM0U4JTIzJTFCJTAyN1FSMCUwNzg4JTBDJTFGWkw2JyUzRiUzRiUxRiUwMldfJTI2ISUyQyUxOCUxQyUxNUFCISUyQjQ2UCUxRkRYJTIzKDUlM0QlMEMlMjNXWSUyNjgzZyU0MCUxMiUwNyUwMyF1YWJGJTE1JTAwJTA1JTI2ITElNjAlMTFEUFFwJTIyNWdFR1ElMDB6dyUwRmJGQyUwNSUwMXB3aWRBQyUwRCUwMSUzRTclMTghNyUxNVZCJTAxJTJDJTNCJTJGJTE2JTExWEMnOCUxMSUyNiUwNCUxOHdUJTNFOCUyMyUyNiUxMiUxRCU1REQlM0UlMEQlM0UlM0YlMUYlMTdTVSUyQzgzMiUxRSUxM1ElNUMlM0UlMDUlM0UlM0QlMDUlMUNRQicqJTJDJTAwJTEzJTE5UEwhcCU2MDFDQ1clMDFzdWY2REVQVSUyM3cxZyUxNCUxMSUwNlYncGVkJTE1JTQwJTBDJTAzJTFEdWYlNjBBQSUwNiUwMyU3QnNhJTYwSUFIQyUwQTYlMTc2JTEyJTAyd1gpODYyJTFDJTAzUUwlMDMxJTI0JTNCOSUxNEhMJTAzMSUyNCUzQjIlMDBVQyUwQzYlMkMlMkYlMTMlMDRRVCUxMCExNyUxNSUwMkhCMDg5JyUxMyUxOEZVJTIzJTIwNSElMEM5WiU1Qy0lMjM3NiUxRVBZVTZkJTAyMiUxRSUxNCU1QiU1RGIlMTY1MiUxNCUxNUZMJjIwNDAwPUElMDIlMDlyc2klNjBGJTQwJTBEJTAwcnQmMjA0MTA9Jjk5NDIwPXA0MEJEUFNwJjEwNDMwPQ==
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

127.0.0.1
bankieren.rabobank.nl
friendly-hodgkin.37-114-62-40.plesk.page
jelink.id
t.co
127.0.0.1
bankieren.rabobank.nl
104.244.42.69
2600:1413:b000:6::17d5:2bc4
3.1.229.209
37.114.62.40
03caeff0f4235241611956eeb18dcbfabb8b67083208f00a0b0f92fbff9b28bd
1361e81984b190dfb362eff0ea3085da933c920b9aa7f1d03e9e1e3edef57b72
1a35e85545a55eb7a307543de45c5a73588d63d9b08fd571c22ae6ec1a2f78d9
1a7a9cac93c013eb29540881bcbd9d36cefbfff632941ebfd4814449caec964d
1cef08125614b1fee7983a9a2b136aa5245c077fc375c473ee31e77e705c6ace
2aa2c3139fe0f3233bbab4e43ef2885af045555933aef6570046e6df2f7f57f3
472369804eed23e731261b2a4bdc6c454a9c31ca008c393d797b95160b14276b
49be0df2d6bfe51dc29e0f5cebd2b99b6b1e4463c2d1250f1b1ae3ac36d0ce41
4e08e0cc4968c0819dda436a0563971979e4b0dba65bb3e2d3345b9941b35af8
5480e455fe88ae27ac083954834e86fc1ccd392e9f37872a55c13e1fd23dfbac
5bc5eedf7164055f5658a7c6129ff8886564713fe82cad2ed3d9f94f6308f5f9
6b4a437f44672b422372b6ec653723a07b37886d064b0caa0658ddc9b7343131
6cedf63ac4a946713ed1e9e31eb5139c4b5dd2efe3046cbafe408090b4307607
753a93eaa809f45658d83b3b803f86355e9da47222ea058c8a28c30d728fdace
828129fe18f492866bcc822c9338af9244d4677404d899f80121dbfaccefe82d
9b203466564c4b1976d4b9b6e0ff6bd068c9e06582400c2dd4fcced198e793cc
aa9183beaaea835f7f70b5d2ccc01d1bf4158dfd2f9584473fa96a759d69f392
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
c0a3bbe501ee2ef2c8bc2031667bdc41d3f4d19e1715317d6a9ef924b0d39323
cd0681d2b6bf706a76cd2d531bca15306f22f293c2c8fbf697d698031d1577d8
cf59560647e49f765aa01b63bff1950159fc806bc2e82bb6154393f6502a18e1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e888b1f3ebee4a9a65e67096001cd64a39fba872b8e9704ec7ecb2701d721504
eff979b9e48677d58bca83cbe1c830ed046b4bd567a2a03d8030981c6654bf2f
fb0bf7d0b22e40dc90eb2dea1495ccd5db62f96904874830d2eb095d9f6677ed