inlog.zwitserleven.nl Open in urlscan Pro
185.76.135.19 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mijn.zwitserleven.nl/
Effective URL:
https://inlog.zwitserleven.nl/broker/selectauthnservice
Submission: On May 10 via manual (May 10th 2022, 8:43:37 pm UTC) from NL — Scanned from NL

Summary HTTP 11 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 185.76.135.19, located in Netherlands and belongs to SIDN, NL. The main domain is inlog.zwitserleven.nl.
TLS certificate: Issued by KPN PKIoverheid Server CA 2020 on November 24th 2021. Valid for: a year.

This is the only time inlog.zwitserleven.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	62.221.192.224 62.221.192.224	48635 (CLDIN-NL ...) (CLDIN-NL Total Webhosting Solutions TWS in)
2	185.137.82.18 185.137.82.18	203209 (NL-VIVAT-AS) (NL-VIVAT-AS)
1 10	185.76.135.19 185.76.135.19	1140 (SIDN) (SIDN)
11	3

2 62.221.192.224 (Netherlands) 2 redirects

ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL)
PTR: v38095.2is.nl

mijn.zwitserleven.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.137.82.18 (Heerhugowaard, Netherlands)

ASN203209 (NL-VIVAT-AS, NL)

mijnpensioen.zwitserleven.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.76.135.19 (Netherlands) 1 redirects

ASN1140 (SIDN, NL)

inlog.zwitserleven.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	zwitserleven.nl 3 redirects mijn.zwitserleven.nl mijnpensioen.zwitserleven.nl inlog.zwitserleven.nl	220 KB
11	1

	Domain	Requested by
10	inlog.zwitserleven.nl	1 redirects inlog.zwitserleven.nl
2	mijnpensioen.zwitserleven.nl	mijnpensioen.zwitserleven.nl
2	mijn.zwitserleven.nl	2 redirects
11	3

This site contains links to these domains. Also see Links.

Domain
www.zwitserleven.nl
identity.zwitserleven.nl

Subject Issuer	Validity	Valid
mijnpensioen.zwitserleven.nl KPN PKIoverheid Server CA 2020	`2021-06-10` - `2022-06-10`	a year	crt.sh
inlog.zwitserleven.nl KPN PKIoverheid Server CA 2020	`2021-11-24` - `2022-11-24`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://inlog.zwitserleven.nl/broker/selectauthnservice
Frame ID: D3446C6B009438F10F5407106FBBE9CC
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Inloggen Zwitserleven

Page URL History Show full URLs

http://mijn.zwitserleven.nl/ HTTP 301
https://mijn.zwitserleven.nl/ HTTP 301
https://mijnpensioen.zwitserleven.nl/?utm_source=mijn.zwitserleven.nl Page URL
https://inlog.zwitserleven.nl/broker/sso HTTP 302
https://inlog.zwitserleven.nl/broker/selectauthnservice Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

3
Subdomains

3
IPs

1
Countries

218 kB
Transfer

211 kB
Size

6
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.zwitserleven.nl/

Search URL Search Domain Scan URL

URL: https://identity.zwitserleven.nl/user/unprotected/aanmelden
Title: Zwitserleven account aanvragen

Search URL Search Domain Scan URL

URL: https://identity.zwitserleven.nl/user/unprotected/resetPassword
Title: Wachtwoord of gebruikersnaam vergeten?

Search URL Search Domain Scan URL

URL: https://www.zwitserleven.nl/particulier/klantenservice-en-contact/
Title: Service & Contact

Search URL Search Domain Scan URL

URL: https://www.zwitserleven.nl/werkgever/klantenservice-en-contact/
Title: Service & Contact

Search URL Search Domain Scan URL

URL: https://www.zwitserleven.nl/adviseur/klantenservice-en-contact/
Title: Service & Contact

Search URL Search Domain Scan URL

URL: https://www.zwitserleven.nl/over-zwitserleven/privacy-statement/
Title: Privacy statement

Search URL Search Domain Scan URL

URL: https://www.zwitserleven.nl/over-zwitserleven/cookie-statement/
Title: Cookie statement

Search URL Search Domain Scan URL

URL: https://www.zwitserleven.nl/over-zwitserleven/veilig-internet/
Title: Veilig internet

Search URL Search Domain Scan URL

URL: https://www.zwitserleven.nl/over-zwitserleven/disclaimer/
Title: Disclaimer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mijn.zwitserleven.nl/ HTTP 301
https://mijn.zwitserleven.nl/ HTTP 301
https://mijnpensioen.zwitserleven.nl/?utm_source=mijn.zwitserleven.nl Page URL
https://inlog.zwitserleven.nl/broker/sso HTTP 302
https://inlog.zwitserleven.nl/broker/selectauthnservice Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://mijn.zwitserleven.nl/ HTTP 301
https://mijn.zwitserleven.nl/ HTTP 301
https://mijnpensioen.zwitserleven.nl/?utm_source=mijn.zwitserleven.nl

11 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
mijnpensioen.zwitserleven.nl/
Redirect Chain

http://mijn.zwitserleven.nl/
https://mijn.zwitserleven.nl/
https://mijnpensioen.zwitserleven.nl/?utm_source=mijn.zwitserleven.nl

3 KB
4 KB

3570ms
172ms

Document
text/html

185.137.82.18
NL-VIVAT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mijnpensioen.zwitserleven.nl/?utm_source=mijn.zwitserleven.nl

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.137.82.18 Heerhugowaard, Netherlands, ASN203209 (NL-VIVAT-AS, NL),

Reverse DNS

Software

Resource Hash

f40f003384036c0e7f1965d3a9cebdcab18ba2450d4be39b0a35581c3ab184f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src 'self'; img-src 'self' data:; script-src 'self'; style-src 'self'; frame-ancestors 'none'; object-src 'none'; frame-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 10 May 2022 20:43:32 GMT
Expires: 0
Feature-Policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay *; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'; midi 'none'; picture-in-picture 'none'; sync-xhr *; wake-lock 'self';
Pragma: no-cache
Referrer-Policy: no-referrer
Request-Context: appId=cid-v1:87c41070-8004-4bef-b1ce-92cc308d7a74
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
content-security-policy: default-src 'self'; font-src 'self'; img-src 'self' data:; script-src 'self'; style-src 'self'; frame-ancestors 'none'; object-src 'none'; frame-src 'self';

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 10 May 2022 20:43:28 GMT
location: https://mijnpensioen.zwitserleven.nl?utm_source=mijn.zwitserleven.nl
server: nginx
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK auto-submit.js Show response
mijnpensioen.zwitserleven.nl/resources/ 99 B
1 KB 34ms
34ms Script
application/x-javascript 185.137.82.18
NL-VIVAT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mijnpensioen.zwitserleven.nl/resources/auto-submit.js

Requested by

Host: mijnpensioen.zwitserleven.nl
URL: https://mijnpensioen.zwitserleven.nl/?utm_source=mijn.zwitserleven.nl

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.137.82.18 Heerhugowaard, Netherlands, ASN203209 (NL-VIVAT-AS, NL),

Reverse DNS

Software

Resource Hash

290ea3ee30055b461969a1fd63eb1548fd4c10a981f6ed0a8c56a9ca98122b62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 10 May 2022 20:43:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 0
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:87c41070-8004-4bef-b1ce-92cc308d7a74
Referrer-Policy: no-referrer
Last-Modified: Tue, 19 Apr 2022 10:47:36 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context
Cache-Control: public,max-age=691200
Feature-Policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay *; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'; midi 'none'; picture-in-picture 'none'; sync-xhr *; wake-lock 'self';

GET
H2

200

Primary Request selectauthnservice Show response
inlog.zwitserleven.nl/broker/
Redirect Chain

https://inlog.zwitserleven.nl/broker/sso
https://inlog.zwitserleven.nl/broker/selectauthnservice

11 KB
12 KB

62ms
62ms

Document
text/html

185.76.135.19
SIDN

General

Check archive.org

Show headers Download Go to

Full URL

https://inlog.zwitserleven.nl/broker/selectauthnservice

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.76.135.19 , Netherlands, ASN1140 (SIDN, NL),

Reverse DNS

Software

Resource Hash

dd6c2305c6a8434043d1e73ddfc07ca7a2b10106278d90c1abb7a4ed66145055

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; upgrade-insecure-requests; base-uri 'self'; script-src 'self'; form-action https:; connect-src 'self'; style-src 'self'; font-src 'self' data:; img-src 'self' data:; navigate-to https:; frame-ancestors 'none'; frame-src 'none';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-methods: GET POST HEAD PUT PATCH DELETE OPTIONS
access-control-allow-origin: inlog.zwitserleven.nl
cache-control: no-cache, no-store, must-revalidate private
content-security-policy: default-src 'none'; upgrade-insecure-requests; base-uri 'self'; script-src 'self'; form-action https:; connect-src 'self'; style-src 'self'; font-src 'self' data:; img-src 'self' data:; navigate-to https:; frame-ancestors 'none'; frame-src 'none';
content-type: text/html;charset=UTF-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Tue, 10 May 2022 20:43:32 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
permissions-policy: geolocation=(), midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=(), interest-cohort=()
pragma: no-cache
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-frame-options: deny
x-robots-tag: noindex

Redirect headers

access-control-allow-credentials: true
access-control-allow-methods: GET POST HEAD PUT PATCH DELETE OPTIONS
access-control-allow-origin: inlog.zwitserleven.nl
cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src 'none'; upgrade-insecure-requests; base-uri 'self'; script-src 'self'; form-action https:; connect-src 'self'; style-src 'self'; font-src 'self' data:; img-src 'self' data:; navigate-to https:; frame-ancestors 'none'; frame-src 'none';
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Tue, 10 May 2022 20:43:32 GMT
location: /broker/selectauthnservice
permissions-policy: geolocation=(), midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=(), interest-cohort=()
pragma: no-cache
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-frame-options: deny
x-robots-tag: noindex

GET
H2 200 jquery.min.js Show response
inlog.zwitserleven.nl/static/zwitserleven/scripts/ 87 KB
89 KB 31ms
30ms Script
application/javascript 185.76.135.19
SIDN

General

Check archive.org

Show headers Download Go to

Full URL

https://inlog.zwitserleven.nl/static/zwitserleven/scripts/jquery.min.js

Requested by

Host: inlog.zwitserleven.nl
URL: https://inlog.zwitserleven.nl/broker/selectauthnservice

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.76.135.19 , Netherlands, ASN1140 (SIDN, NL),

Reverse DNS

Software

Resource Hash

80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; upgrade-insecure-requests; base-uri 'self'; script-src 'self'; form-action https:; connect-src 'self'; style-src 'self'; font-src 'self' data:; img-src 'self' data:; navigate-to https:; frame-ancestors 'none'; frame-src 'none';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:43:32 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
vary: User-Agent
content-length: 89500
pragma: no-cache
referrer-policy: no-referrer
last-modified: Tue, 26 Apr 2022 13:29:49 GMT
cross-origin-opener-policy: same-origin
x-frame-options: deny
etag: "15d9c-5dd8eafdacd40"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET POST HEAD PUT PATCH DELETE OPTIONS
content-type: application/javascript
access-control-allow-origin: inlog.zwitserleven.nl
cache-control: no-cache, no-store, must-revalidate, max-age=315360000
access-control-allow-credentials: true
permissions-policy: geolocation=(), midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=(), interest-cohort=()
content-security-policy: default-src 'none'; upgrade-insecure-requests; base-uri 'self'; script-src 'self'; form-action https:; connect-src 'self'; style-src 'self'; font-src 'self' data:; img-src 'self' data:; navigate-to https:; frame-ancestors 'none'; frame-src 'none';
accept-ranges: bytes
x-robots-tag: noindex

GET
H2 200 BodoniBE-Regular.woff2
inlog.zwitserleven.nl/static/zwitserleven/fonts/ 26 KB
27 KB 31ms
30ms Font
text/plain 185.76.135.19
SIDN

General

Check archive.org

Show headers Download Go to

Full URL

https://inlog.zwitserleven.nl/static/zwitserleven/fonts/BodoniBE-Regular.woff2

Requested by

Host: inlog.zwitserleven.nl
URL: https://inlog.zwitserleven.nl/broker/selectauthnservice

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.76.135.19 , Netherlands, ASN1140 (SIDN, NL),

Reverse DNS

Software

Resource Hash

00f53def2ab5841557a30656c344234c030cfdf83d11bd16601a08293d1ec84e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; upgrade-insecure-requests; base-uri 'self'; script-src 'self'; form-action https:; connect-src 'self'; style-src 'self'; font-src 'self' data:; img-src 'self' data:; navigate-to https:; frame-ancestors 'none'; frame-src 'none';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Referer
Origin: https://inlog.zwitserleven.nl
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:43:32 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
vary: User-Agent
content-length: 26228
pragma: no-cache
referrer-policy: no-referrer
last-modified: Tue, 26 Apr 2022 13:29:49 GMT
cross-origin-opener-policy: same-origin
x-frame-options: deny
etag: "6674-5dd8eafdacd40"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET POST HEAD PUT PATCH DELETE OPTIONS
access-control-allow-origin: inlog.zwitserleven.nl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: geolocation=(), midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=(), interest-cohort=()
content-security-policy: default-src 'none'; upgrade-insecure-requests; base-uri 'self'; script-src 'self'; form-action https:; connect-src 'self'; style-src 'self'; font-src 'self' data:; img-src 'self' data:; navigate-to https:; frame-ancestors 'none'; frame-src 'none';
accept-ranges: bytes
x-robots-tag: noindex

GET
H2 200 QuadraatSansComp.woff2
inlog.zwitserleven.nl/static/zwitserleven/fonts/ 20 KB
21 KB 58ms
57ms Font
text/plain 185.76.135.19
SIDN

General

Check archive.org

Show headers Download Go to

Full URL

https://inlog.zwitserleven.nl/static/zwitserleven/fonts/QuadraatSansComp.woff2

Requested by

Host: inlog.zwitserleven.nl
URL: https://inlog.zwitserleven.nl/broker/selectauthnservice

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.76.135.19 , Netherlands, ASN1140 (SIDN, NL),

Reverse DNS

Software

Resource Hash

57d63ebc369b0e70ad6e211071cda4e50807532bbc0c30b62dc7d20ae5ac1f31

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; upgrade-insecure-requests; base-uri 'self'; script-src 'self'; form-action https:; connect-src 'self'; style-src 'self'; font-src 'self' data:; img-src 'self' data:; navigate-to https:; frame-ancestors 'none'; frame-src 'none';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Referer
Origin: https://inlog.zwitserleven.nl
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:43:32 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
vary: User-Agent
content-length: 20512
pragma: no-cache
referrer-policy: no-referrer
last-modified: Tue, 26 Apr 2022 13:29:49 GMT
cross-origin-opener-policy: same-origin
x-frame-options: deny
etag: "5020-5dd8eafdacd40"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET POST HEAD PUT PATCH DELETE OPTIONS
access-control-allow-origin: inlog.zwitserleven.nl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: geolocation=(), midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=(), interest-cohort=()
content-security-policy: default-src 'none'; upgrade-insecure-requests; base-uri 'self'; script-src 'self'; form-action https:; connect-src 'self'; style-src 'self'; font-src 'self' data:; img-src 'self' data:; navigate-to https:; frame-ancestors 'none'; frame-src 'none';
accept-ranges: bytes
x-robots-tag: noindex

GET
H2 200 QuadraatSansComp-Bold.woff2
inlog.zwitserleven.nl/static/zwitserleven/fonts/ 20 KB
21 KB 58ms
57ms Font
text/plain 185.76.135.19
SIDN

General

Check archive.org

Show headers Download Go to

Full URL

https://inlog.zwitserleven.nl/static/zwitserleven/fonts/QuadraatSansComp-Bold.woff2

Requested by

Host: inlog.zwitserleven.nl
URL: https://inlog.zwitserleven.nl/broker/selectauthnservice

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.76.135.19 , Netherlands, ASN1140 (SIDN, NL),

Reverse DNS

Software

Resource Hash

fde714833ae22bece1a7da4101719acbe9b138fb0c91822811cce57ddb814c56

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; upgrade-insecure-requests; base-uri 'self'; script-src 'self'; form-action https:; connect-src 'self'; style-src 'self'; font-src 'self' data:; img-src 'self' data:; navigate-to https:; frame-ancestors 'none'; frame-src 'none';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Referer
Origin: https://inlog.zwitserleven.nl
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:43:32 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
vary: User-Agent
content-length: 20052
pragma: no-cache
referrer-policy: no-referrer
last-modified: Tue, 26 Apr 2022 13:29:49 GMT
cross-origin-opener-policy: same-origin
x-frame-options: deny
etag: "4e54-5dd8eafdacd40"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET POST HEAD PUT PATCH DELETE OPTIONS
access-control-allow-origin: inlog.zwitserleven.nl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: geolocation=(), midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=(), interest-cohort=()
content-security-policy: default-src 'none'; upgrade-insecure-requests; base-uri 'self'; script-src 'self'; form-action https:; connect-src 'self'; style-src 'self'; font-src 'self' data:; img-src 'self' data:; navigate-to https:; frame-ancestors 'none'; frame-src 'none';
accept-ranges: bytes
x-robots-tag: noindex

GET
H2 200 index.processed.css
inlog.zwitserleven.nl/static/zwitserleven/styles/ 36 KB
37 KB 83ms
82ms Stylesheet
text/css 185.76.135.19
SIDN

General

Check archive.org

Show headers Download Go to

Full URL

https://inlog.zwitserleven.nl/static/zwitserleven/styles/index.processed.css

Requested by

Host: inlog.zwitserleven.nl
URL: https://inlog.zwitserleven.nl/broker/selectauthnservice

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.76.135.19 , Netherlands, ASN1140 (SIDN, NL),

Reverse DNS

Software

Resource Hash

e2dbd8d3d2f0d1574c0229d98d7e0e9031c3a4d38c423e847adfb3a1259036ba

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; upgrade-insecure-requests; base-uri 'self'; script-src 'self'; form-action https:; connect-src 'self'; style-src 'self'; font-src 'self' data:; img-src 'self' data:; navigate-to https:; frame-ancestors 'none'; frame-src 'none';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:43:32 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
vary: User-Agent
content-length: 36653
pragma: no-cache
referrer-policy: no-referrer
last-modified: Tue, 26 Apr 2022 13:29:49 GMT
cross-origin-opener-policy: same-origin
x-frame-options: deny
etag: "8f2d-5dd8eafdacd40"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET POST HEAD PUT PATCH DELETE OPTIONS
content-type: text/css
access-control-allow-origin: inlog.zwitserleven.nl
cache-control: no-cache, no-store, must-revalidate, max-age=315360000
access-control-allow-credentials: true
permissions-policy: geolocation=(), midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=(), interest-cohort=()
content-security-policy: default-src 'none'; upgrade-insecure-requests; base-uri 'self'; script-src 'self'; form-action https:; connect-src 'self'; style-src 'self'; font-src 'self' data:; img-src 'self' data:; navigate-to https:; frame-ancestors 'none'; frame-src 'none';
accept-ranges: bytes
x-robots-tag: noindex

GET
H2 200 connectis.css
inlog.zwitserleven.nl/static/zwitserleven/styles/ 1 KB
2 KB 84ms
84ms Stylesheet
text/css 185.76.135.19
SIDN

General

Check archive.org

Show headers Download Go to

Full URL

https://inlog.zwitserleven.nl/static/zwitserleven/styles/connectis.css

Requested by

Host: inlog.zwitserleven.nl
URL: https://inlog.zwitserleven.nl/broker/selectauthnservice

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.76.135.19 , Netherlands, ASN1140 (SIDN, NL),

Reverse DNS

Software

Resource Hash

b5a43053c2613284628b67b576dd02e59714fefdc93a2f221d67c9ddde8b9c30

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; upgrade-insecure-requests; base-uri 'self'; script-src 'self'; form-action https:; connect-src 'self'; style-src 'self'; font-src 'self' data:; img-src 'self' data:; navigate-to https:; frame-ancestors 'none'; frame-src 'none';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:43:32 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
vary: User-Agent
content-length: 1105
pragma: no-cache
referrer-policy: no-referrer
last-modified: Tue, 26 Apr 2022 13:29:49 GMT
cross-origin-opener-policy: same-origin
x-frame-options: deny
etag: "451-5dd8eafdacd40"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET POST HEAD PUT PATCH DELETE OPTIONS
content-type: text/css
access-control-allow-origin: inlog.zwitserleven.nl
cache-control: no-cache, no-store, must-revalidate, max-age=315360000
access-control-allow-credentials: true
permissions-policy: geolocation=(), midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=(), interest-cohort=()
content-security-policy: default-src 'none'; upgrade-insecure-requests; base-uri 'self'; script-src 'self'; form-action https:; connect-src 'self'; style-src 'self'; font-src 'self' data:; img-src 'self' data:; navigate-to https:; frame-ancestors 'none'; frame-src 'none';
accept-ranges: bytes
x-robots-tag: noindex

GET
H2 200 close-message.js Show response
inlog.zwitserleven.nl/static/zwitserleven/scripts/ 139 B
1 KB 83ms
82ms Script
application/javascript 185.76.135.19
SIDN

General

Check archive.org

Show headers Download Go to

Full URL

https://inlog.zwitserleven.nl/static/zwitserleven/scripts/close-message.js

Requested by

Host: inlog.zwitserleven.nl
URL: https://inlog.zwitserleven.nl/broker/selectauthnservice

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.76.135.19 , Netherlands, ASN1140 (SIDN, NL),

Reverse DNS

Software

Resource Hash

0afe9ea4542dcc7a8cb8c0a28a46791c2f479a7ca46f39cbcc2797df9c803d40

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; upgrade-insecure-requests; base-uri 'self'; script-src 'self'; form-action https:; connect-src 'self'; style-src 'self'; font-src 'self' data:; img-src 'self' data:; navigate-to https:; frame-ancestors 'none'; frame-src 'none';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:43:32 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
vary: User-Agent
content-length: 139
pragma: no-cache
referrer-policy: no-referrer
last-modified: Tue, 26 Apr 2022 13:29:49 GMT
cross-origin-opener-policy: same-origin
x-frame-options: deny
etag: "8b-5dd8eafdacd40"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET POST HEAD PUT PATCH DELETE OPTIONS
content-type: application/javascript
access-control-allow-origin: inlog.zwitserleven.nl
cache-control: no-cache, no-store, must-revalidate, max-age=315360000
access-control-allow-credentials: true
permissions-policy: geolocation=(), midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=(), interest-cohort=()
content-security-policy: default-src 'none'; upgrade-insecure-requests; base-uri 'self'; script-src 'self'; form-action https:; connect-src 'self'; style-src 'self'; font-src 'self' data:; img-src 'self' data:; navigate-to https:; frame-ancestors 'none'; frame-src 'none';
accept-ranges: bytes
x-robots-tag: noindex

GET
H2 200 index.js Show response
inlog.zwitserleven.nl/static/zwitserleven/scripts/ 2 KB
3 KB 84ms
83ms Script
application/javascript 185.76.135.19
SIDN

General

Check archive.org

Show headers Download Go to

Full URL

https://inlog.zwitserleven.nl/static/zwitserleven/scripts/index.js

Requested by

Host: inlog.zwitserleven.nl
URL: https://inlog.zwitserleven.nl/broker/selectauthnservice

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.76.135.19 , Netherlands, ASN1140 (SIDN, NL),

Reverse DNS

Software

Resource Hash

67f084e43ae8234ab4c39ad4c1e36da39a4279e1e3233c71b30e6d7ce88712a8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; upgrade-insecure-requests; base-uri 'self'; script-src 'self'; form-action https:; connect-src 'self'; style-src 'self'; font-src 'self' data:; img-src 'self' data:; navigate-to https:; frame-ancestors 'none'; frame-src 'none';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:43:32 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
vary: User-Agent
content-length: 2324
pragma: no-cache
referrer-policy: no-referrer
last-modified: Tue, 26 Apr 2022 13:29:49 GMT
cross-origin-opener-policy: same-origin
x-frame-options: deny
etag: "914-5dd8eafdacd40"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET POST HEAD PUT PATCH DELETE OPTIONS
content-type: application/javascript
access-control-allow-origin: inlog.zwitserleven.nl
cache-control: no-cache, no-store, must-revalidate, max-age=315360000
access-control-allow-credentials: true
permissions-policy: geolocation=(), midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=(), interest-cohort=()
content-security-policy: default-src 'none'; upgrade-insecure-requests; base-uri 'self'; script-src 'self'; form-action https:; connect-src 'self'; style-src 'self'; font-src 'self' data:; img-src 'self' data:; navigate-to https:; frame-ancestors 'none'; frame-src 'none';
accept-ranges: bytes
x-robots-tag: noindex

GET
DATA 200
OK truncated
/ 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72c33597e379e0467b61701aef93b452a0b0dfbd96dbd7ffbde55b4f65b49937

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc51e080cf852289dc5956dddb9467afa57d56d78df41198114c2c56f07ff3da

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db870aae2028ae4e5f44911201165a14306927802e27a7dff6604f053250f8bd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mijnpensioen.zwitserleven.nl/connectis-saml2	1970-01-20 02:56:57	Name: connectis-saml2 Value: JD9R4LKoW77Ts2x9Loj5m7Ng2go9reQmBCb40B1q7yv2u9DbV8nTRubjq43JdLeY-xPRQpOm5YlGQRAdGXVUefEOUsRRP5REsh09RSSRtkLldK8Ucn-QdVIZufCqwf1ZozEhNBHiPHKvRTeXsYXV9-sifSZWBFwU040Hbrq0E4DQIhSbdBKobNvhNHYeZdp4ybg2_w8oj1yor-X4U3L_suB1BAJWHHo2C4he1qqHBSXrC0n-78XNtdRKtOETwLvZmR9XyimRTdynvNBqrngvgVwPgFc4cTVJ4qrnqFJzIZ8G_nHX8C0So6QQiOwZG82UDCtMxoqeFMGS0KHvAEcNAz6Xm5Jd8hmh6SGOlLiZxwM9ub93iuA_8Ar-qsgUcH24oDPhBcP1CQQ7WhZH2aiiY0zBST33pZb8eS9Kg_HU7eI18mWE4HX9o_rLsKoxU4a9
inlog.zwitserleven.nl/broker	1969-12-31 23:59:59	Name: JSESSIONID Value: 2~FE401B1C49C18B007D1734749028FF8C
mijnpensioen.zwitserleven.nl/	1970-01-20 04:36:55	Name: .ASPXANONYMOUS Value: NOD3WTfWHY_ElH3UsZSTpCkspTFXhamQZNSNeTNoz3-CVqKU3WMPE8LWhlqprpeaPlBa76zBg74iIChK6oO9ivKRPXPAxrFB5tuOFXCPBK652DZmSTCAJFJ2zLBIN2c_L3AUGy8xiuwW-kTZzpE-Ug2
mijnpensioen.zwitserleven.nl/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: mpjq0bzkkor3fvvsnitssrfp
.zwitserleven.nl/	1970-01-20 02:56:59	Name: BC_HA_50eb6616124f9c89_734C3374 Value: 227A3CA
.zwitserleven.nl/	1970-01-20 02:56:56	Name: _TRAID Value: B62ECCF265EF73985915A2FEA41E122CF8C345297978506A789A2EA030A83360

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'wake-lock'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'notifications'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'push'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'speaker'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'vibrate'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; font-src 'self'; img-src 'self' data:; script-src 'self'; style-src 'self'; frame-ancestors 'none'; object-src 'none'; frame-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

inlog.zwitserleven.nl
mijn.zwitserleven.nl
mijnpensioen.zwitserleven.nl
185.137.82.18
185.76.135.19
62.221.192.224
00f53def2ab5841557a30656c344234c030cfdf83d11bd16601a08293d1ec84e
0afe9ea4542dcc7a8cb8c0a28a46791c2f479a7ca46f39cbcc2797df9c803d40
290ea3ee30055b461969a1fd63eb1548fd4c10a981f6ed0a8c56a9ca98122b62
57d63ebc369b0e70ad6e211071cda4e50807532bbc0c30b62dc7d20ae5ac1f31
67f084e43ae8234ab4c39ad4c1e36da39a4279e1e3233c71b30e6d7ce88712a8
72c33597e379e0467b61701aef93b452a0b0dfbd96dbd7ffbde55b4f65b49937
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0
b5a43053c2613284628b67b576dd02e59714fefdc93a2f221d67c9ddde8b9c30
db870aae2028ae4e5f44911201165a14306927802e27a7dff6604f053250f8bd
dc51e080cf852289dc5956dddb9467afa57d56d78df41198114c2c56f07ff3da
dd6c2305c6a8434043d1e73ddfc07ca7a2b10106278d90c1abb7a4ed66145055
e2dbd8d3d2f0d1574c0229d98d7e0e9031c3a4d38c423e847adfb3a1259036ba
f40f003384036c0e7f1965d3a9cebdcab18ba2450d4be39b0a35581c3ab184f3
fde714833ae22bece1a7da4101719acbe9b138fb0c91822811cce57ddb814c56

inlog.zwitserleven.nl Open in urlscan Pro 185.76.135.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

0 %IPv6

1 Domains

3 Subdomains

3 IPs

1 Countries

218 kBTransfer

211 kBSize

6 Cookies

10 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

6 Cookies

7 Console Messages

Security Headers

Indicators

inlog.zwitserleven.nl Open in urlscan Pro
185.76.135.19 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

3
Subdomains

3
IPs

1
Countries

218 kB
Transfer

211 kB
Size

6
Cookies

11 HTTP transactions
3 data transactions