urlscan.io logo urlscan.io
SecurityTrails logo

custom.yapikredi.nl Open in urlscan Pro
51.105.97.225  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://custom.yapikredi.nl/mgmt/tm/util/bash
Effective URL: https://custom.yapikredi.nl/blocked
Submission: On August 23 via api from TR — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 2 HTTP transactions. The main IP is 51.105.97.225, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is custom.yapikredi.nl.
TLS certificate: Issued by DigiCert EV RSA CA G2 on February 14th 2024. Valid for: a year.
This is the only time custom.yapikredi.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 51.105.97.225 8075 (MICROSOFT...)
2 1
Apex Domain
Subdomains		 Transfer
3 yapikredi.nl
custom.yapikredi.nl
33 KB
2 1
Domain Requested by
3 custom.yapikredi.nl 1 redirects
2 1

This site contains no links.

Subject Issuer Validity Valid
www.yapikredi.nl
DigiCert EV RSA CA G2		 2024-02-14 -
2025-03-16		 a year crt.sh

This page contains 1 frames:

Primary Page: https://custom.yapikredi.nl/blocked
Frame ID: 71D3B3473DE6A65CDE1EC4B01F5C6836
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://custom.yapikredi.nl/mgmt/tm/util/bash HTTP 307
    https://custom.yapikredi.nl/mgmt/tm/util/bash HTTP 302
    https://custom.yapikredi.nl/blocked Page URL

Page Statistics

2
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

32 kB
Transfer

31 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://custom.yapikredi.nl/mgmt/tm/util/bash HTTP 307
    https://custom.yapikredi.nl/mgmt/tm/util/bash HTTP 302
    https://custom.yapikredi.nl/blocked Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request blocked
custom.yapikredi.nl/
Redirect Chain
  • http://custom.yapikredi.nl/mgmt/tm/util/bash
  • https://custom.yapikredi.nl/mgmt/tm/util/bash
  • https://custom.yapikredi.nl/blocked
8 B
482 B 		Document
General
Check archive.org
Download Go to
Full URL
https://custom.yapikredi.nl/blocked
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.105.97.225 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0fbfc1fd537aa5ae035dd09b7cde691706b7535d9878b39e797c4cd9abd2593f
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' *; font-src 'unsafe-inline' *;img-src 'unsafe-inline' * data:; script-src 'unsafe-inline' *; style-src 'unsafe-inline' *;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST
Cache-Control
private
Content-Length
8
Content-Security-Policy
default-src 'unsafe-inline' *; font-src 'unsafe-inline' *;img-src 'unsafe-inline' * data:; script-src 'unsafe-inline' *; style-src 'unsafe-inline' *;
Content-Type
text/html; charset=utf-8
Date
Fri, 23 Aug 2024 20:46:08 GMT
Strict-Transport-Security
max-age=31536000
X-Frame-Options
SAMEORIGIN

Redirect headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST
Cache-Control
private
Content-Security-Policy
default-src 'unsafe-inline' *; font-src 'unsafe-inline' *;img-src 'unsafe-inline' * data:; script-src 'unsafe-inline' *; style-src 'unsafe-inline' *;
Content-Type
text/html; charset=utf-8
Date
Fri, 23 Aug 2024 20:46:08 GMT
Location
/blocked
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
favicon.ico
custom.yapikredi.nl/ 		31 KB
32 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://custom.yapikredi.nl/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.105.97.225 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a94f8a8553caea8430dd4ca3cc01d4e318d19828f74cb65453ffb7f5d9e2f44d
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' *; font-src 'unsafe-inline' *;img-src 'unsafe-inline' * data:; script-src 'unsafe-inline' *; style-src 'unsafe-inline' *;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://custom.yapikredi.nl/blocked
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src 'unsafe-inline' *; font-src 'unsafe-inline' *;img-src 'unsafe-inline' * data:; script-src 'unsafe-inline' *; style-src 'unsafe-inline' *;
Date
Fri, 23 Aug 2024 20:46:08 GMT
Last-Modified
Wed, 16 Dec 2020 09:22:58 GMT
ETag
"90f7e3a8dd3d61:0"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST
Content-Type
image/x-icon
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
32038

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
custom.yapikredi.nl/ Name: ASP.NET_SessionId
Value: 1hg4s5gdbp1efjrrnwicf4b2
custom.yapikredi.nl/ Name: NSC_xxxzbqjlsfejom
Value: ffffffff090e3c1445525d5f4f58455e445a4a423660
custom.yapikredi.nl/ Name: TS01e112b4
Value: 0136ca6c1f0bd6ee51adbb0b8e1106a539015619f1baf2982fb7d3de13dff54fabc9baa9c8cfaf00175dcb48589522fdc9d48d60b6979825b1da545a969ef7da1247b7e3edc50d507d4a5c6968d3a7dbeb8eba426f

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'unsafe-inline' *; font-src 'unsafe-inline' *;img-src 'unsafe-inline' * data:; script-src 'unsafe-inline' *; style-src 'unsafe-inline' *;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

custom.yapikredi.nl
51.105.97.225
0fbfc1fd537aa5ae035dd09b7cde691706b7535d9878b39e797c4cd9abd2593f
a94f8a8553caea8430dd4ca3cc01d4e318d19828f74cb65453ffb7f5d9e2f44d