URL: http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
Submission: On December 17 via manual from NL

Summary

This website contacted 6 IPs in 4 countries across 4 domains to perform 35 HTTP transactions. The main IP is 95.129.84.197, located in Netherlands and belongs to BITLIBRE-NETWORK, NL. The main domain is 95.129.84.197.
This is the only time 95.129.84.197 was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ABN Amro (Banking)

Domain & IP information

IP Address AS Autonomous System
22 95.129.84.197 25042 (BITLIBRE-...)
3 8 2a02:26f0:eb:... 20940 (AKAMAI-ASN1)
2 23.37.61.47 16625 (AKAMAI-AS)
1 5 15.237.136.106 16509 (AMAZON-02)
1 3 52.208.139.62 16509 (AMAZON-02)
35 6
Apex Domain
Subdomains
Transfer
8 abnamro.nl
www.abnamro.nl
43 KB
5 omtrdc.net
abnamro.sc.omtrdc.net
4 KB
3 demdex.net
dpm.demdex.net
2 KB
2 tiqcdn.com
tags.tiqcdn.com
61 KB
35 4
Domain Requested by
8 www.abnamro.nl 3 redirects 95.129.84.197
5 abnamro.sc.omtrdc.net 1 redirects 95.129.84.197
tags.tiqcdn.com
3 dpm.demdex.net 1 redirects tags.tiqcdn.com
2 tags.tiqcdn.com 95.129.84.197
tags.tiqcdn.com
35 4

This site contains links to these domains. Also see Links.

Domain
www.abnamro.nl
Subject Issuer Validity Valid
www.abnamro.nl
Entrust Certification Authority - L1M
2020-09-24 -
2021-09-24
a year crt.sh

This page contains 1 frames:

Primary Page: http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
Frame ID: C0D01AEEF07266AB49259E89BD603CCE
Requests: 37 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /^(?:https?:)?\/\/tags\.tiqcdn\.com\//i

Page Statistics

35
Requests

14 %
HTTPS

20 %
IPv6

4
Domains

4
Subdomains

6
IPs

4
Countries

303 kB
Transfer

831 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://www.abnamro.nl/nl/includesrara/unauthenticated/static/js/fbevents.js HTTP 301
  • https://www.abnamro.nl/nl/includesrara/unauthenticated/static/js/fbevents.js
Request Chain 3
  • http://www.abnamro.nl/nl/includesrara/unauthenticated/static/js/dtm-code.js HTTP 301
  • https://www.abnamro.nl/nl/includesrara/unauthenticated/static/js/dtm-code.js
Request Chain 4
  • http://www.abnamro.nl/nl/includes/js/s_code_extern.js HTTP 301
  • https://www.abnamro.nl/nl/includes/js/s_code_extern.js
Request Chain 9
  • http://www.abnamro.nl/nl/includesrara/unauthenticated/static/js/dtm-code.js HTTP 307
  • https://www.abnamro.nl/nl/includesrara/unauthenticated/static/js/dtm-code.js
Request Chain 16
  • http://abnamro.sc.omtrdc.net/b/ss/abnamronl/1/JS-2.9.0/s51272316913311?AQB=1&ndh=1&pf=1&t=17%2F11%2F2020%204%3A55%3A33%204%20-60&fid=7AAC2DD04BAF74C8-0223F6E6925F6D44&ce=ISO-8859-1&pageName=pri%20lene%20bereken-maximale-lening-start-iam-b&g=http%3A%2F%2F95.129.84.197%2Fapi%2F%2Findex-leencomfort.html%3Ftry-next-group%3Dtrue%26pos%3Dlenen-rekentool-superbasic%26how-much%3D99&cc=EUR&ch=lenen&server=95.129.84.197&events=event81%3D1%2Cevent82&c1=prive&v1=lenen-rekentool-superbasic&h1=nl%2Cprive%2Clene&c2=lenen&c3=bereken&c4=pri%20lene%20bereken-maximale-lening-start-iam-b&v4=lenen-rekentool-superbasic&c9=http&c15=2019-03-05%20%28Appm%202.9.0%29%20-%20extern&c25=donderdag&c26=4%3A30AM&c38=20201217045533&v38=20201217045533&v40=donderdag&v41=4%3A30AM&v47=Direct&v48=Chrome%2083&v54=1%20second&v68=Direct&v70=desktop&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
  • http://abnamro.sc.omtrdc.net/b/ss/abnamronl/1/JS-2.9.0/s51272316913311?AQB=1&pccr=true&ndh=1&pf=1&t=17%2F11%2F2020%204%3A55%3A33%204%20-60&fid=7AAC2DD04BAF74C8-0223F6E6925F6D44&ce=ISO-8859-1&pageName=pri%20lene%20bereken-maximale-lening-start-iam-b&g=http%3A%2F%2F95.129.84.197%2Fapi%2F%2Findex-leencomfort.html%3Ftry-next-group%3Dtrue%26pos%3Dlenen-rekentool-superbasic%26how-much%3D99&cc=EUR&ch=lenen&server=95.129.84.197&events=event81%3D1%2Cevent82&c1=prive&v1=lenen-rekentool-superbasic&h1=nl%2Cprive%2Clene&c2=lenen&c3=bereken&c4=pri%20lene%20bereken-maximale-lening-start-iam-b&v4=lenen-rekentool-superbasic&c9=http&c15=2019-03-05%20%28Appm%202.9.0%29%20-%20extern&c25=donderdag&c26=4%3A30AM&c38=20201217045533&v38=20201217045533&v40=donderdag&v41=4%3A30AM&v47=Direct&v48=Chrome%2083&v54=1%20second&v68=Direct&v70=desktop&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Request Chain 30
  • http://dpm.demdex.net/id?d_visid_ver=4.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0861467352782C5E0A490D45%40AdobeOrg&d_nsid=0&ts=1608177333753 HTTP 302
  • http://dpm.demdex.net/id/rd?d_visid_ver=4.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0861467352782C5E0A490D45%40AdobeOrg&d_nsid=0&ts=1608177333753

35 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request index-leencomfort.html
95.129.84.197/api//
4 KB
2 KB
Document
General
Full URL
http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
Protocol
HTTP/1.1
Server
95.129.84.197 , Netherlands, ASN25042 (BITLIBRE-NETWORK, NL),
Reverse DNS
Software
Apache /
Resource Hash
51167b3c2def14b35a74dd556976a8cf8083404bc9ca72932dc7700d95b28f08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Host
95.129.84.197
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 03:55:32 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Fri, 06 Nov 2020 10:39:31 GMT
ETag
"efc-5b36dd3e66ed8-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Frame-Options
sameorigin
X-XSS-Protection
1; mode=block
Content-Length
1411
Content-Type
text/html
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
styles-3bfddff97e.css
95.129.84.197/api//
189 KB
51 KB
Stylesheet
General
Full URL
http://95.129.84.197/api//styles-3bfddff97e.css
Requested by
Host: 95.129.84.197
URL: http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
Protocol
HTTP/1.1
Server
95.129.84.197 , Netherlands, ASN25042 (BITLIBRE-NETWORK, NL),
Reverse DNS
Software
Apache /
Resource Hash
54d806e764f9a7271f6c3a09b9b49996e435219389432adc51f6cbf0d3a96d59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 03:55:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 06 Nov 2020 10:39:31 GMT
Server
Apache
ETag
"2f474-5b36dd3e6bcf8-gzip"
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
51584
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=99
fbevents.js
www.abnamro.nl/nl/includesrara/unauthenticated/static/js/
Redirect Chain
  • http://www.abnamro.nl/nl/includesrara/unauthenticated/static/js/fbevents.js
  • https://www.abnamro.nl/nl/includesrara/unauthenticated/static/js/fbevents.js
0
0
Script
General
Full URL
https://www.abnamro.nl/nl/includesrara/unauthenticated/static/js/fbevents.js
Requested by
Host: 95.129.84.197
URL: http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb::5f64:b508 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Location
https://www.abnamro.nl/nl/includesrara/unauthenticated/static/js/fbevents.js
Date
Thu, 17 Dec 2020 03:55:33 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
r42_library.js
www.abnamro.nl/nl/includesrara/unauthenticated/static/js/
36 KB
13 KB
Script
General
Full URL
https://www.abnamro.nl/nl/includesrara/unauthenticated/static/js/r42_library.js
Requested by
Host: 95.129.84.197
URL: http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb::5f64:b508 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
548a810d3d51c4a985ee74e23734f0612776095044322d0f147e29c5881bee36
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 03:55:33 GMT
content-encoding
gzip
last-modified
Thu, 13 Apr 2017 12:51:15 GMT
x-heist
zrMBbACnsOaYdPO0HqzZsKuKrZMpeyFO4dy5KV3IGmUeyBcpgGawtE84rn0NuFoC7WxGDanDDI7QUPEWksJwq5f9jG1dJfTGCKG0Z0f9fu0ouSg5PIgXELl9UnsVXafRHNujOfvz0Hv1mmnaw9fnbJylDysLkUnG5URtsferIGEtJE6YnITBGnOKFYJJyC32LngyAEs2AFzLurBaCYvuxFvGYYu5ZIbZaoKvzf3JpOI4rnlRNtB7yK294UAWdMx7d8xUNUB7XPA3zJb6155T0sxSp5j0tt3teOu4W4UkYRwa3isEpKd3MUkxMZFRJV5uuA2xHg6MOGmHZOOSbVO9COeVLHkWtFyMD2Xpo5ycnkzIkeLGZvuPsqyor6pz7N9xkuzCDrw0mZtFqk6Y86ZAtLn2DXNzOVa7U530N8h2xTYLfjPQ5ycpBTcIZge0l5QhO8l55Tz4yFOINtSqSLrbAvPmt7g6BEm2n1GyC9ACGeZk7PQYFJOmjzZVfYcRXin
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-language
en-US
strict-transport-security
max-age=15768000
content-type
application/javascript
content-length
12483
expires
Thu, 17 Dec 2020 04:10:33 GMT
dtm-code.js
www.abnamro.nl/nl/includesrara/unauthenticated/static/js/
Redirect Chain
  • http://www.abnamro.nl/nl/includesrara/unauthenticated/static/js/dtm-code.js
  • https://www.abnamro.nl/nl/includesrara/unauthenticated/static/js/dtm-code.js
0
0
Script
General
Full URL
https://www.abnamro.nl/nl/includesrara/unauthenticated/static/js/dtm-code.js
Requested by
Host: 95.129.84.197
URL: http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb::5f64:b508 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Location
https://www.abnamro.nl/nl/includesrara/unauthenticated/static/js/dtm-code.js
Date
Thu, 17 Dec 2020 03:55:33 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
s_code_extern.js
www.abnamro.nl/nl/includes/js/
Redirect Chain
  • http://www.abnamro.nl/nl/includes/js/s_code_extern.js
  • https://www.abnamro.nl/nl/includes/js/s_code_extern.js
74 KB
30 KB
Script
General
Full URL
https://www.abnamro.nl/nl/includes/js/s_code_extern.js
Requested by
Host: 95.129.84.197
URL: http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb::5f64:b508 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
2c45896dad5d067d92cbd6b41414c6e39bb0ee96a74f5abf0bd4b6cd7fba0f84
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 03:55:33 GMT
content-encoding
gzip
last-modified
Thu, 02 Jan 2020 14:08:17 GMT
x-heist
fRFBIdzxV020vDCBjdTCaHrKgkSYWaJdAYqSPWU5ywcuFNYMLvut9zwdQlS7xC6pDGsBdopbDgYxi7tYWuiEehOvEHwmlVUn8yUVV4qqzjEz4y6PWWKrE9GjICiBhvTLcWzd9YicbOjpNyOOpWV3HWxEoCo7sJ8a8rsTG8Gpfos5Uv2FYN6Q2i5WZSpou6pTPAFZAycxCiykJabmyAwqn7Yhxk5iApY2AhNOzi6SJTMja84In24zdtf73fwadAjYEs3RvDgNkpKH2eZLPKCBkiGfL5GJJiDxuM91I6qXexttmOF5TRUjhY2q7G543GUfEq1XPlE5C8RWVlQ0hHsasNQHvSuW6ohQZUs2Ox52uTQrwKefeEGQXNtMQn4ioFUucvNjWySu9qAYwb1mD1zaTusAKa9fIa1EZcXVYRENX9a8sbLqQJtevdsxhPL8NtFr8lcvkpC5MJl8yXRntkw2x0mPRMFUevuh1biOv6UksYqhC6WyI02XkbyNoVJhPJo8lxP2vT5cwdPl772Fh3hSH9JBueAWSJ6RHKGH4Q1Y0eHqoP3D3rMXPMOIY0Ckf3Wh0Sxvei7G
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-language
en-US
strict-transport-security
max-age=15768000
content-type
application/javascript
content-length
29552
expires
Thu, 17 Dec 2020 04:10:33 GMT

Redirect headers

Location
https://www.abnamro.nl/nl/includes/js/s_code_extern.js
Date
Thu, 17 Dec 2020 03:55:33 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
app-tracking-8694a982e2.js
95.129.84.197/api//
3 KB
2 KB
Script
General
Full URL
http://95.129.84.197/api//app-tracking-8694a982e2.js
Requested by
Host: 95.129.84.197
URL: http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
Protocol
HTTP/1.1
Server
95.129.84.197 , Netherlands, ASN25042 (BITLIBRE-NETWORK, NL),
Reverse DNS
Software
Apache /
Resource Hash
1f058f37eb72824cf3a0f88e71ee36adbfa66f588f1a85bccff839547e7e8b67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 03:55:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 06 Nov 2020 10:39:31 GMT
Server
Apache
ETag
"afb-5b36dd3e620b8-gzip"
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
1368
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=100
app-lenen-ba463ba8fd.js
95.129.84.197/api//
252 KB
71 KB
Script
General
Full URL
http://95.129.84.197/api//app-lenen-ba463ba8fd.js
Requested by
Host: 95.129.84.197
URL: http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
Protocol
HTTP/1.1
Server
95.129.84.197 , Netherlands, ASN25042 (BITLIBRE-NETWORK, NL),
Reverse DNS
Software
Apache /
Resource Hash
a5f8a81a20da33887ec7f58509b573aba073d33214504402eafafeabe2fa59b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 03:55:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 06 Nov 2020 10:39:31 GMT
Server
Apache
ETag
"3eedf-5b36dd3e63ff8-gzip"
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=100
app-info-dd3f870159.js
95.129.84.197/api//
3 KB
2 KB
Script
General
Full URL
http://95.129.84.197/api//app-info-dd3f870159.js
Requested by
Host: 95.129.84.197
URL: http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
Protocol
HTTP/1.1
Server
95.129.84.197 , Netherlands, ASN25042 (BITLIBRE-NETWORK, NL),
Reverse DNS
Software
Apache /
Resource Hash
574a32d09313a57e5ab687688d585c2b0d389f74c408a4a7c62402d0d8d02112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 03:55:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 06 Nov 2020 10:39:31 GMT
Server
Apache
ETag
"a61-5b36dd3e620b8-gzip"
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
1382
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=100
iframeSizer-e86f987043.contentWindow.min.js
95.129.84.197/api//
14 KB
6 KB
Script
General
Full URL
http://95.129.84.197/api//iframeSizer-e86f987043.contentWindow.min.js
Requested by
Host: 95.129.84.197
URL: http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
Protocol
HTTP/1.1
Server
95.129.84.197 , Netherlands, ASN25042 (BITLIBRE-NETWORK, NL),
Reverse DNS
Software
Apache /
Resource Hash
7023ea65f926c19c3e1c53f95d594c24851f0952f88498856699f963d139c08a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 03:55:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 06 Nov 2020 10:39:31 GMT
Server
Apache
ETag
"3620-5b36dd3e65f38-gzip"
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
5147
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=100
dtm-code.js
www.abnamro.nl/nl/includesrara/unauthenticated/static/js/
Redirect Chain
  • http://www.abnamro.nl/nl/includesrara/unauthenticated/static/js/dtm-code.js
  • https://www.abnamro.nl/nl/includesrara/unauthenticated/static/js/dtm-code.js
0
0
Script
General
Full URL
https://www.abnamro.nl/nl/includesrara/unauthenticated/static/js/dtm-code.js
Requested by
Host: 95.129.84.197
URL: http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb::5f64:b508 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Location
https://www.abnamro.nl/nl/includesrara/unauthenticated/static/js/dtm-code.js
Non-Authoritative-Reason
HSTS
utag.js
tags.tiqcdn.com/utag/abn-amro/external/prod/
199 KB
61 KB
Script
General
Full URL
http://tags.tiqcdn.com/utag/abn-amro/external/prod/utag.js
Requested by
Host: 95.129.84.197
URL: http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
Protocol
HTTP/1.1
Server
23.37.61.47 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-61-47.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
56cbe6625eb870a3f08379e8748d0856e543878f9e31a7046e381bed8f9fb735

Request headers

Referer
http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 03:55:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Nov 2020 12:17:19 GMT
Server
AkamaiNetStorage
ETag
"f41c2bd73e54d9ca47bcd718e6062e76:1605269838.732642"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=300
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Expires
Thu, 17 Dec 2020 04:00:33 GMT
arrow.svg
95.129.84.197/api//icons/
262 B
693 B
Image
General
Full URL
http://95.129.84.197/api//icons/arrow.svg
Requested by
Host: 95.129.84.197
URL: http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
Protocol
HTTP/1.1
Server
95.129.84.197 , Netherlands, ASN25042 (BITLIBRE-NETWORK, NL),
Reverse DNS
Software
Apache /
Resource Hash
8b93e9bf4155692ab7bdf44b1b331611133724e1972520b31d99921752314542
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 03:55:33 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 06 Nov 2020 10:39:31 GMT
Server
Apache
ETag
"106-5b36dd3e71ab8"
X-Frame-Options
sameorigin
Content-Type
image/svg+xml
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
262
X-XSS-Protection
1; mode=block
banner_creditwarning.svg
95.129.84.197/api//icons/
5 KB
6 KB
Image
General
Full URL
http://95.129.84.197/api//icons/banner_creditwarning.svg
Requested by
Host: 95.129.84.197
URL: http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
Protocol
HTTP/1.1
Server
95.129.84.197 , Netherlands, ASN25042 (BITLIBRE-NETWORK, NL),
Reverse DNS
Software
Apache /
Resource Hash
0b9b484a1c344438b56833e718b1f255b83c84b1346a8d0d5fcb49920105b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 03:55:33 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 06 Nov 2020 10:39:31 GMT
Server
Apache
ETag
"15a1-5b36dd3e71ab8"
X-Frame-Options
sameorigin
Content-Type
image/svg+xml
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
5537
X-XSS-Protection
1; mode=block
checkmark-shield.svg
95.129.84.197/api//icons/
2 KB
2 KB
Image
General
Full URL
http://95.129.84.197/api//icons/checkmark-shield.svg
Requested by
Host: 95.129.84.197
URL: http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
Protocol
HTTP/1.1
Server
95.129.84.197 , Netherlands, ASN25042 (BITLIBRE-NETWORK, NL),
Reverse DNS
Software
Apache /
Resource Hash
5f801891bb91dc336dbe99804c28b22d50779f55024e6e385190c126bff632f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 03:55:33 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 06 Nov 2020 10:39:31 GMT
Server
Apache
ETag
"713-5b36dd3e71ab8"
X-Frame-Options
sameorigin
Content-Type
image/svg+xml
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1811
X-XSS-Protection
1; mode=block
tip-icon.svg
95.129.84.197/api//icons/
4 KB
4 KB
Image
General
Full URL
http://95.129.84.197/api//icons/tip-icon.svg
Requested by
Host: 95.129.84.197
URL: http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
Protocol
HTTP/1.1
Server
95.129.84.197 , Netherlands, ASN25042 (BITLIBRE-NETWORK, NL),
Reverse DNS
Software
Apache /
Resource Hash
caecaa291e5376ce62a51692ccdb4cf8fdbda7c28ec052c88e0a0bc85f30bbe9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 03:55:33 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 06 Nov 2020 10:39:31 GMT
Server
Apache
ETag
"e52-5b36dd3e739f8"
X-Frame-Options
sameorigin
Content-Type
image/svg+xml
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3666
X-XSS-Protection
1; mode=block
callcenter-icon.svg
95.129.84.197/api//icons/
2 KB
3 KB
Image
General
Full URL
http://95.129.84.197/api//icons/callcenter-icon.svg
Requested by
Host: 95.129.84.197
URL: http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
Protocol
HTTP/1.1
Server
95.129.84.197 , Netherlands, ASN25042 (BITLIBRE-NETWORK, NL),
Reverse DNS
Software
Apache /
Resource Hash
098e7a288fe7c77848f31e58da28b64a638b931891985e1ea1fa2b3328ad3e28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 03:55:33 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 06 Nov 2020 10:39:31 GMT
Server
Apache
ETag
"8e2-5b36dd3e71ab8"
X-Frame-Options
sameorigin
Content-Type
image/svg+xml
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2274
X-XSS-Protection
1; mode=block
s51272316913311
abnamro.sc.omtrdc.net/b/ss/abnamronl/1/JS-2.9.0/
Redirect Chain
  • http://abnamro.sc.omtrdc.net/b/ss/abnamronl/1/JS-2.9.0/s51272316913311?AQB=1&ndh=1&pf=1&t=17%2F11%2F2020%204%3A55%3A33%204%20-60&fid=7AAC2DD04BAF74C8-0223F6E6925F6D44&ce=ISO-8859-1&pageName=pri%20l...
  • http://abnamro.sc.omtrdc.net/b/ss/abnamronl/1/JS-2.9.0/s51272316913311?AQB=1&pccr=true&ndh=1&pf=1&t=17%2F11%2F2020%204%3A55%3A33%204%20-60&fid=7AAC2DD04BAF74C8-0223F6E6925F6D44&ce=ISO-8859-1&pageNa...
43 B
776 B
Image
General
Full URL
http://abnamro.sc.omtrdc.net/b/ss/abnamronl/1/JS-2.9.0/s51272316913311?AQB=1&pccr=true&ndh=1&pf=1&t=17%2F11%2F2020%204%3A55%3A33%204%20-60&fid=7AAC2DD04BAF74C8-0223F6E6925F6D44&ce=ISO-8859-1&pageName=pri%20lene%20bereken-maximale-lening-start-iam-b&g=http%3A%2F%2F95.129.84.197%2Fapi%2F%2Findex-leencomfort.html%3Ftry-next-group%3Dtrue%26pos%3Dlenen-rekentool-superbasic%26how-much%3D99&cc=EUR&ch=lenen&server=95.129.84.197&events=event81%3D1%2Cevent82&c1=prive&v1=lenen-rekentool-superbasic&h1=nl%2Cprive%2Clene&c2=lenen&c3=bereken&c4=pri%20lene%20bereken-maximale-lening-start-iam-b&v4=lenen-rekentool-superbasic&c9=http&c15=2019-03-05%20%28Appm%202.9.0%29%20-%20extern&c25=donderdag&c26=4%3A30AM&c38=20201217045533&v38=20201217045533&v40=donderdag&v41=4%3A30AM&v47=Direct&v48=Chrome%2083&v54=1%20second&v68=Direct&v70=desktop&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Requested by
Host: 95.129.84.197
URL: http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
Protocol
HTTP/1.1
Server
15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-237-136-106.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 03:55:33 GMT
x-content-type-options
nosniff
x-c
master-1404.I1e61f9.M0-468
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Fri, 18 Dec 2020 03:55:33 GMT
server
jag
xserver
anedge-f7bfdfcfd-nq46c
etag
3453534525787045888-4621440758144845241
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Wed, 16 Dec 2020 03:55:33 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Dec 2020 03:55:33 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Dec 2020 03:55:33 GMT
server
jag
access-control-allow-origin
*
xserver
anedge-f7bfdfcfd-g2xzr
x-c
master-1404.I1e61f9.M0-468
p3p
CP="This is not a P3P policy"
location
http://abnamro.sc.omtrdc.net/b/ss/abnamronl/1/JS-2.9.0/s51272316913311?AQB=1&pccr=true&ndh=1&pf=1&t=17%2F11%2F2020%204%3A55%3A33%204%20-60&fid=7AAC2DD04BAF74C8-0223F6E6925F6D44&ce=ISO-8859-1&pageName=pri%20lene%20bereken-maximale-lening-start-iam-b&g=http%3A%2F%2F95.129.84.197%2Fapi%2F%2Findex-leencomfort.html%3Ftry-next-group%3Dtrue%26pos%3Dlenen-rekentool-superbasic%26how-much%3D99&cc=EUR&ch=lenen&server=95.129.84.197&events=event81%3D1%2Cevent82&c1=prive&v1=lenen-rekentool-superbasic&h1=nl%2Cprive%2Clene&c2=lenen&c3=bereken&c4=pri%20lene%20bereken-maximale-lening-start-iam-b&v4=lenen-rekentool-superbasic&c9=http&c15=2019-03-05%20%28Appm%202.9.0%29%20-%20extern&c25=donderdag&c26=4%3A30AM&c38=20201217045533&v38=20201217045533&v40=donderdag&v41=4%3A30AM&v47=Direct&v48=Chrome%2083&v54=1%20second&v68=Direct&v70=desktop&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-type
text/plain;charset=utf-8
content-length
0
x-xss-protection
1; mode=block
expires
Wed, 16 Dec 2020 03:55:33 GMT
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
541f188898bec74bb24d7b3cbce5e76c0574a07353fc9a74b1dea8c4971be825

Request headers

Referer
http://95.129.84.197/api//styles-3bfddff97e.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
406 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40e37ef8c0d1fabd90c72c115e4d4c7b91181462eb85f1e6054f5e5d5c723314

Request headers

Referer
http://95.129.84.197/api//styles-3bfddff97e.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
information-icon--green.svg
95.129.84.197/api//icons/
245 B
675 B
Image
General
Full URL
http://95.129.84.197/api//icons/information-icon--green.svg
Requested by
Host: 95.129.84.197
URL: http://95.129.84.197/api//styles-3bfddff97e.css
Protocol
HTTP/1.1
Server
95.129.84.197 , Netherlands, ASN25042 (BITLIBRE-NETWORK, NL),
Reverse DNS
Software
Apache /
Resource Hash
bdb50c28be3531aeedf70107cf24a8c23a3b66908fb112e40a369d6882f3c59d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://95.129.84.197/api//styles-3bfddff97e.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 03:55:33 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 06 Nov 2020 10:39:31 GMT
Server
Apache
ETag
"f5-5b36dd3e72a58"
X-Frame-Options
sameorigin
Content-Type
image/svg+xml
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
245
X-XSS-Protection
1; mode=block
car.svg
95.129.84.197/api//icons/
1 KB
1 KB
Image
General
Full URL
http://95.129.84.197/api//icons/car.svg
Requested by
Host: 95.129.84.197
URL: http://95.129.84.197/api//styles-3bfddff97e.css
Protocol
HTTP/1.1
Server
95.129.84.197 , Netherlands, ASN25042 (BITLIBRE-NETWORK, NL),
Reverse DNS
Software
Apache /
Resource Hash
84c4cee61c60d94cf1d65196597d81f09901e2d6a5870a567cbbb9c15e2d93ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://95.129.84.197/api//styles-3bfddff97e.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 03:55:33 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 06 Nov 2020 10:39:31 GMT
Server
Apache
ETag
"42b-5b36dd3e71ab8"
X-Frame-Options
sameorigin
Content-Type
image/svg+xml
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1067
X-XSS-Protection
1; mode=block
refinancing.svg
95.129.84.197/api//icons/
543 B
974 B
Image
General
Full URL
http://95.129.84.197/api//icons/refinancing.svg
Requested by
Host: 95.129.84.197
URL: http://95.129.84.197/api//styles-3bfddff97e.css
Protocol
HTTP/1.1
Server
95.129.84.197 , Netherlands, ASN25042 (BITLIBRE-NETWORK, NL),
Reverse DNS
Software
Apache /
Resource Hash
f76de6c96155d7f475ae362a320cb7268249a6fd108809f34d7590041d9a8788
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://95.129.84.197/api//styles-3bfddff97e.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 03:55:33 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 06 Nov 2020 10:39:31 GMT
Server
Apache
ETag
"21f-5b36dd3e739f8"
X-Frame-Options
sameorigin
Content-Type
image/svg+xml
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
543
X-XSS-Protection
1; mode=block
house.svg
95.129.84.197/api//icons/
396 B
827 B
Image
General
Full URL
http://95.129.84.197/api//icons/house.svg
Requested by
Host: 95.129.84.197
URL: http://95.129.84.197/api//styles-3bfddff97e.css
Protocol
HTTP/1.1
Server
95.129.84.197 , Netherlands, ASN25042 (BITLIBRE-NETWORK, NL),
Reverse DNS
Software
Apache /
Resource Hash
9928f9a4e828cdd5c6888aea4e14018e860556f79eb075178f65b58477754ca5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://95.129.84.197/api//styles-3bfddff97e.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 03:55:33 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 06 Nov 2020 10:39:31 GMT
Server
Apache
ETag
"18c-5b36dd3e72a58"
X-Frame-Options
sameorigin
Content-Type
image/svg+xml
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
396
X-XSS-Protection
1; mode=block
residual-debt.svg
95.129.84.197/api//icons/
631 B
1 KB
Image
General
Full URL
http://95.129.84.197/api//icons/residual-debt.svg
Requested by
Host: 95.129.84.197
URL: http://95.129.84.197/api//styles-3bfddff97e.css
Protocol
HTTP/1.1
Server
95.129.84.197 , Netherlands, ASN25042 (BITLIBRE-NETWORK, NL),
Reverse DNS
Software
Apache /
Resource Hash
894e91c7c34ceae07a2506fb378d1beb36bd2335a1f24451b782a197d85e6e84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://95.129.84.197/api//styles-3bfddff97e.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 03:55:33 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 06 Nov 2020 10:39:31 GMT
Server
Apache
ETag
"277-5b36dd3e739f8"
X-Frame-Options
sameorigin
Content-Type
image/svg+xml
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
631
X-XSS-Protection
1; mode=block
other-loan.svg
95.129.84.197/api//icons/
855 B
1 KB
Image
General
Full URL
http://95.129.84.197/api//icons/other-loan.svg
Requested by
Host: 95.129.84.197
URL: http://95.129.84.197/api//styles-3bfddff97e.css
Protocol
HTTP/1.1
Server
95.129.84.197 , Netherlands, ASN25042 (BITLIBRE-NETWORK, NL),
Reverse DNS
Software
Apache /
Resource Hash
0874456daefa7f1aa7558d0663b1ae68eaa0599ccea765b8d7e8acf0ebc4f938
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://95.129.84.197/api//styles-3bfddff97e.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 03:55:33 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 06 Nov 2020 10:39:31 GMT
Server
Apache
ETag
"357-5b36dd3e739f8"
X-Frame-Options
sameorigin
Content-Type
image/svg+xml
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
855
X-XSS-Protection
1; mode=block
study.svg
95.129.84.197/api//icons/
550 B
981 B
Image
General
Full URL
http://95.129.84.197/api//icons/study.svg
Requested by
Host: 95.129.84.197
URL: http://95.129.84.197/api//styles-3bfddff97e.css
Protocol
HTTP/1.1
Server
95.129.84.197 , Netherlands, ASN25042 (BITLIBRE-NETWORK, NL),
Reverse DNS
Software
Apache /
Resource Hash
a8204419262dc2622380ad36429e28754f79a0e7cb5332d106b10cba2f31ab73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://95.129.84.197/api//styles-3bfddff97e.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 03:55:33 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 06 Nov 2020 10:39:31 GMT
Server
Apache
ETag
"226-5b36dd3e739f8"
X-Frame-Options
sameorigin
Content-Type
image/svg+xml
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
550
X-XSS-Protection
1; mode=block
information-icon.svg
95.129.84.197/api//icons/
242 B
672 B
Image
General
Full URL
http://95.129.84.197/api//icons/information-icon.svg
Requested by
Host: 95.129.84.197
URL: http://95.129.84.197/api//styles-3bfddff97e.css
Protocol
HTTP/1.1
Server
95.129.84.197 , Netherlands, ASN25042 (BITLIBRE-NETWORK, NL),
Reverse DNS
Software
Apache /
Resource Hash
303031697ff1b6615d6e0938c7d17730b8ca6dacd0da0c8dac96b8f661623d76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://95.129.84.197/api//styles-3bfddff97e.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 03:55:33 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 06 Nov 2020 10:39:31 GMT
Server
Apache
ETag
"f2-5b36dd3e739f8"
X-Frame-Options
sameorigin
Content-Type
image/svg+xml
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
242
X-XSS-Protection
1; mode=block
checkmark-icon.svg
95.129.84.197/api//icons/
263 B
694 B
Image
General
Full URL
http://95.129.84.197/api//icons/checkmark-icon.svg
Requested by
Host: 95.129.84.197
URL: http://95.129.84.197/api//styles-3bfddff97e.css
Protocol
HTTP/1.1
Server
95.129.84.197 , Netherlands, ASN25042 (BITLIBRE-NETWORK, NL),
Reverse DNS
Software
Apache /
Resource Hash
7045f445efc56ee9aed1d77f468a40eab574e6e5c8ee6409f977d3d863eee0e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://95.129.84.197/api//styles-3bfddff97e.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 03:55:33 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 06 Nov 2020 10:39:31 GMT
Server
Apache
ETag
"107-5b36dd3e71ab8"
X-Frame-Options
sameorigin
Content-Type
image/svg+xml
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
263
X-XSS-Protection
1; mode=block
roboto-regular.woff2
95.129.84.197/api//fonts/
19 KB
19 KB
Font
General
Full URL
http://95.129.84.197/api//fonts/roboto-regular.woff2
Requested by
Host: 95.129.84.197
URL: http://95.129.84.197/api//styles-3bfddff97e.css
Protocol
HTTP/1.1
Server
95.129.84.197 , Netherlands, ASN25042 (BITLIBRE-NETWORK, NL),
Reverse DNS
Software
Apache /
Resource Hash
dc1228f3d01e0c7a49c84b81031a0045afb24c564c9ebb20b61520be1464ac46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Origin
http://95.129.84.197
Referer
http://95.129.84.197/api//styles-3bfddff97e.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 03:55:33 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 06 Nov 2020 10:39:31 GMT
Server
Apache
ETag
"4a80-5b36dd3e6fb78"
X-Frame-Options
sameorigin
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
19072
X-XSS-Protection
1; mode=block
roboto-condensed-regular.woff2
95.129.84.197/api//fonts/
19 KB
19 KB
Font
General
Full URL
http://95.129.84.197/api//fonts/roboto-condensed-regular.woff2
Requested by
Host: 95.129.84.197
URL: http://95.129.84.197/api//styles-3bfddff97e.css
Protocol
HTTP/1.1
Server
95.129.84.197 , Netherlands, ASN25042 (BITLIBRE-NETWORK, NL),
Reverse DNS
Software
Apache /
Resource Hash
afb2dd2af41471b984aed67f875a63494046b722e8d15970d6cdbd819b913957
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Origin
http://95.129.84.197
Referer
http://95.129.84.197/api//styles-3bfddff97e.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 03:55:33 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 06 Nov 2020 10:39:31 GMT
Server
Apache
ETag
"4bc4-5b36dd3e6fb78"
X-Frame-Options
sameorigin
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
19396
X-XSS-Protection
1; mode=block
rd
dpm.demdex.net/id/
Redirect Chain
  • http://dpm.demdex.net/id?d_visid_ver=4.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0861467352782C5E0A490D45%40AdobeOrg&d_nsid=0&ts=1608177333753
  • http://dpm.demdex.net/id/rd?d_visid_ver=4.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0861467352782C5E0A490D45%40AdobeOrg&d_nsid=0&ts=1608177333753
110 B
749 B
XHR
General
Full URL
http://dpm.demdex.net/id/rd?d_visid_ver=4.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0861467352782C5E0A490D45%40AdobeOrg&d_nsid=0&ts=1608177333753
Protocol
HTTP/1.1
Server
52.208.139.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-139-62.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a56e82f34c03b1bed67b86e8b09d36303d6204eeb04b968f8fe38077753606ca

Request headers

Referer
http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v004-0ddb7bc87.edge-irl1.demdex.com 6.2.0.20201119105359-PR_1432-SNAPSHOT
Pragma
no-cache
content-encoding
gzip
X-Error
172
X-TID
9X+MaXRQRd4=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
http://95.129.84.197
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
124
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Access-Control-Allow-Origin
http://95.129.84.197
X-TID
oUkcYGOYQ+k=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
http://dpm.demdex.net/id/rd?d_visid_ver=4.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0861467352782C5E0A490D45%40AdobeOrg&d_nsid=0&ts=1608177333753
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/
2 B
356 B
Script
General
Full URL
http://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=abn-amro/external/202011131217&cb=1608177333765
Requested by
Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/abn-amro/external/prod/utag.js
Protocol
HTTP/1.1
Server
23.37.61.47 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-61-47.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer
http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 03:55:33 GMT
Last-Modified
Thu, 14 Apr 2016 16:57:51 GMT
Server
AkamaiNetStorage
ETag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
Content-Type
application/x-javascript
Cache-Control
max-age=600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2
Expires
Thu, 17 Dec 2020 04:05:33 GMT
id
abnamro.sc.omtrdc.net/
2 B
486 B
XHR
General
Full URL
http://abnamro.sc.omtrdc.net/id?d_visid_ver=4.1.0&d_fieldgroup=MC&mcorgid=0861467352782C5E0A490D45%40AdobeOrg&ts=1608177333953
Requested by
Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/abn-amro/external/prod/utag.js
Protocol
HTTP/1.1
Server
15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-237-136-106.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 17 Dec 2020 03:55:33 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-f7bfdfcfd-nq46c
vary
Origin
x-c
master-1404.I1e61f9.M0-468
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://95.129.84.197
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
id
abnamro.sc.omtrdc.net/
2 B
486 B
XHR
General
Full URL
http://abnamro.sc.omtrdc.net/id?d_visid_ver=4.1.0&d_fieldgroup=A&mcorgid=0861467352782C5E0A490D45%40AdobeOrg&mid=52482384308039637413807556479592475909&ts=1608177334034
Requested by
Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/abn-amro/external/prod/utag.js
Protocol
HTTP/1.1
Server
15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-237-136-106.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 17 Dec 2020 03:55:33 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-f7bfdfcfd-sm76v
vary
Origin
x-c
master-1404.I1e61f9.M0-468
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://95.129.84.197
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
id
dpm.demdex.net/
211 B
966 B
XHR
General
Full URL
http://dpm.demdex.net/id?d_visid_ver=4.1.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=0861467352782C5E0A490D45%40AdobeOrg&d_nsid=0&d_mid=52482384308039637413807556479592475909&ts=1608177334096
Requested by
Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/abn-amro/external/prod/utag.js
Protocol
HTTP/1.1
Server
52.208.139.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-139-62.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9273fe4fe294f0271ca0f2fd3557195e869fb2ea4f0566b638bb3cfb6cc78290

Request headers

Referer
http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v086-0cbbe9ab3.edge-irl1.demdex.com 5.80.1.20201111130852 2ms (+1ms)
Pragma
no-cache
X-TID
5ZpMg9TxSZ8=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
http://95.129.84.197
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
211
Expires
Thu, 01 Jan 1970 00:00:00 GMT
s59142999799391
abnamro.sc.omtrdc.net/b/ss/abnamrotealium-et/1/JS-2.17.0/
43 B
659 B
XHR
General
Full URL
http://abnamro.sc.omtrdc.net/b/ss/abnamrotealium-et/1/JS-2.17.0/s59142999799391
Requested by
Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/abn-amro/external/prod/utag.js
Protocol
HTTP/1.1
Server
15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-237-136-106.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://95.129.84.197/api//index-leencomfort.html?try-next-group=true&pos=lenen-rekentool-superbasic&how-much=99
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 17 Dec 2020 03:55:33 GMT
x-content-type-options
nosniff
x-c
master-1404.I1e61f9.M0-468
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Fri, 18 Dec 2020 03:55:34 GMT
server
jag
xserver
anedge-f7bfdfcfd-mm5kj
etag
3453534527934529536-4621826967505201014
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
http://95.129.84.197
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
expires
Wed, 16 Dec 2020 03:55:34 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ABN Amro (Banking)

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| _st object| _stq object| _stTracker object| dataLayer object| utag_data string| utagScriptUrl object| listOfExceptionSites string| locationHost string| s_account string| key object| s string| codeVersion function| s_getLoadTime function| setProtocol function| setExternalCampaign function| setDFACampaign function| setInternalCampaign function| AppMeasurement_Module_Media function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq function| s_doPlugins function| c_r function| c_rspers function| c_w object| s_c_il number| s_c_in number| s_loadT number| s_objectID number| s_giq function| trackPage function| trackInteraction object| core object| __core-js_shared__ object| lenenTool string| s_tnt string| jh_warmwelkom number| jh_PLTs object| s_i_abnamronl object| utag_err boolean| utag_condload object| utag function| e object| tealium_s function| AppMeasurement_Module_Integrate function| generateBusinessLinePrefix function| generatePageName function| _tealium_old_error boolean| __tealium_twc_switch object| re boolean| tealium_adobe_activity_map object| adobe function| Visitor object| tealium_event object| s_i_abnamrotealium-et

3 Cookies

Domain/Path Name / Value
95.129.84.197/ Name: AMCV_0861467352782C5E0A490D45%40AdobeOrg
Value: 281789898%7CMCIDTS%7C18614%7CvVersion%7C4.1.0
95.129.84.197/ Name: s_sess
Value: %20s_cpext%3DundefinedTyped%252FBookmarkedTyped%252FBookmarkedundefined%3B%20s_cc%3Dtrue%3B
95.129.84.197/ Name: s_pers
Value: %20s_fid%3D7AAC2DD04BAF74C8-0223F6E6925F6D44%7C1765943733597%3B%20s_cpdirect%3D1%7C1608179133600%3B%20s_channel%3D%255B%255B%2527Direct%2527%252C%25271608177333603%2527%255D%255D%7C1765943733603%3B

1 Console Messages

Source Level URL
Text
console-api log URL: http://95.129.84.197/api//app-info-dd3f870159.js(Line 1)
Message:
%c ABN AMRO lenen tool %c v3.12.3 background: #006460; color: #fff; border-radius: 3px 0 0 3px; background: #ffd200; color: #000; border-radius: 0 3px 3px 0; font-weight: 400;

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abnamro.sc.omtrdc.net
dpm.demdex.net
tags.tiqcdn.com
www.abnamro.nl
15.237.136.106
23.37.61.47
2a02:26f0:eb::5f64:b508
52.208.139.62
95.129.84.197
0874456daefa7f1aa7558d0663b1ae68eaa0599ccea765b8d7e8acf0ebc4f938
098e7a288fe7c77848f31e58da28b64a638b931891985e1ea1fa2b3328ad3e28
0b9b484a1c344438b56833e718b1f255b83c84b1346a8d0d5fcb49920105b945
1f058f37eb72824cf3a0f88e71ee36adbfa66f588f1a85bccff839547e7e8b67
2c45896dad5d067d92cbd6b41414c6e39bb0ee96a74f5abf0bd4b6cd7fba0f84
303031697ff1b6615d6e0938c7d17730b8ca6dacd0da0c8dac96b8f661623d76
40e37ef8c0d1fabd90c72c115e4d4c7b91181462eb85f1e6054f5e5d5c723314
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
51167b3c2def14b35a74dd556976a8cf8083404bc9ca72932dc7700d95b28f08
541f188898bec74bb24d7b3cbce5e76c0574a07353fc9a74b1dea8c4971be825
548a810d3d51c4a985ee74e23734f0612776095044322d0f147e29c5881bee36
54d806e764f9a7271f6c3a09b9b49996e435219389432adc51f6cbf0d3a96d59
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
56cbe6625eb870a3f08379e8748d0856e543878f9e31a7046e381bed8f9fb735
574a32d09313a57e5ab687688d585c2b0d389f74c408a4a7c62402d0d8d02112
5f801891bb91dc336dbe99804c28b22d50779f55024e6e385190c126bff632f4
7023ea65f926c19c3e1c53f95d594c24851f0952f88498856699f963d139c08a
7045f445efc56ee9aed1d77f468a40eab574e6e5c8ee6409f977d3d863eee0e0
84c4cee61c60d94cf1d65196597d81f09901e2d6a5870a567cbbb9c15e2d93ff
894e91c7c34ceae07a2506fb378d1beb36bd2335a1f24451b782a197d85e6e84
8b93e9bf4155692ab7bdf44b1b331611133724e1972520b31d99921752314542
9273fe4fe294f0271ca0f2fd3557195e869fb2ea4f0566b638bb3cfb6cc78290
9928f9a4e828cdd5c6888aea4e14018e860556f79eb075178f65b58477754ca5
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a56e82f34c03b1bed67b86e8b09d36303d6204eeb04b968f8fe38077753606ca
a5f8a81a20da33887ec7f58509b573aba073d33214504402eafafeabe2fa59b2
a8204419262dc2622380ad36429e28754f79a0e7cb5332d106b10cba2f31ab73
afb2dd2af41471b984aed67f875a63494046b722e8d15970d6cdbd819b913957
bdb50c28be3531aeedf70107cf24a8c23a3b66908fb112e40a369d6882f3c59d
caecaa291e5376ce62a51692ccdb4cf8fdbda7c28ec052c88e0a0bc85f30bbe9
dc1228f3d01e0c7a49c84b81031a0045afb24c564c9ebb20b61520be1464ac46
f76de6c96155d7f475ae362a320cb7268249a6fd108809f34d7590041d9a8788