www.andoburg.com Open in urlscan Pro
83.98.142.130  Malicious Activity! Public Scan

Submitted URL: http://gibibyte.com.tr/wp-content/sos.php
Effective URL: http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSq...
Submission: On January 25 via manual from IE

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 26 HTTP transactions. The main IP is 83.98.142.130, located in Netherlands and belongs to REASONNET-AS Amsterdam, the Netherlands, NL. The main domain is www.andoburg.com.
This is the only time www.andoburg.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Halifax Bank (Banking)

Live information

Domain & IP information

IP Address AS Autonomous System
1 185.84.182.96 42926 (RADORE)
1 26 83.98.142.130 25525 (REASONNET...)
26 2
Apex Domain
Subdomains
Transfer
26 andoburg.com
andoburg.com
www.andoburg.com
438 KB
1 gibibyte.com.tr
gibibyte.com.tr
436 B
26 2
Domain Requested by
25 www.andoburg.com www.andoburg.com
1 andoburg.com 1 redirects
1 gibibyte.com.tr
26 3

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Frame ID: (1A5FFE80A43D990D84A565650DB88BA4)
Requests: 26 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://gibibyte.com.tr/wp-content/sos.php Page URL
  2. http://andoburg.com/plugins/editors/halifax-online.co.uk/index.php HTTP 302
    http://www.andoburg.com/plugins/editors/halifax-online.co.uk/index.php Page URL
  3. http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyn... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • env /^SWFObject$/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

26
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

438 kB
Transfer

1708 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gibibyte.com.tr/wp-content/sos.php Page URL
  2. http://andoburg.com/plugins/editors/halifax-online.co.uk/index.php HTTP 302
    http://www.andoburg.com/plugins/editors/halifax-online.co.uk/index.php Page URL
  3. http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://andoburg.com/plugins/editors/halifax-online.co.uk/index.php HTTP 302
  • http://www.andoburg.com/plugins/editors/halifax-online.co.uk/index.php

26 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
sos.php
gibibyte.com.tr/wp-content/
214 B
436 B
Document
General
Full URL
http://gibibyte.com.tr/wp-content/sos.php
Protocol
HTTP/1.1
Server
185.84.182.96 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
momentumdizayn.com
Software
Apache / PHP/5.6.33
Resource Hash

Request headers

Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
gibibyte.com.tr
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 25 Jan 2018 08:54:56 GMT
Server
Apache
Connection
Keep-Alive
X-Powered-By
PHP/5.6.33
Transfer-Encoding
chunked
Keep-Alive
timeout=5, max=100
Content-Type
text/html; charset=UTF-8
Cookie set index.php
www.andoburg.com/plugins/editors/halifax-online.co.uk/
Redirect Chain
  • http://andoburg.com/plugins/editors/halifax-online.co.uk/index.php
  • http://www.andoburg.com/plugins/editors/halifax-online.co.uk/index.php
204 B
680 B
Document
General
Full URL
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/index.php
Protocol
HTTP/1.1
Server
83.98.142.130 , Netherlands, ASN25525 (REASONNET-AS Amsterdam, the Netherlands, NL),
Reverse DNS
schiphol1.internetnu.net
Software
Apache/2.2.16 (Debian) / PHP/5.3.29-1~dotdeb.0
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.andoburg.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://gibibyte.com.tr/wp-content/sos.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://gibibyte.com.tr/wp-content/sos.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Jan 2018 08:54:58 GMT
Content-Encoding
gzip
Server
Apache/2.2.16 (Debian)
X-Powered-By
PHP/5.3.29-1~dotdeb.0
Vary
Accept-Encoding
Content-Type
text/html
Set-Cookie
PHPSESSID=e734de83681daafb731b3ef1c8c8c347; path=/
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=15, max=100
Content-Length
198
Expires
Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

Date
Thu, 25 Jan 2018 08:54:58 GMT
Content-Encoding
gzip
Server
Apache/2.2.16 (Debian)
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Location
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/index.php
Connection
Keep-Alive
Keep-Alive
timeout=15, max=100
Content-Length
270
Primary Request Login.php
www.andoburg.com/plugins/editors/halifax-online.co.uk/
11 KB
12 KB
Document
General
Full URL
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Requested by
Host: www.andoburg.com
URL: http://www.andoburg.com/plugins/editors/halifax-online.co.uk/index.php
Protocol
HTTP/1.1
Server
83.98.142.130 , Netherlands, ASN25525 (REASONNET-AS Amsterdam, the Netherlands, NL),
Reverse DNS
schiphol1.internetnu.net
Software
Apache/2.2.16 (Debian) / PHP/5.3.29-1~dotdeb.0
Resource Hash
bc161ef3f632a17a4e8f6628a0e7a29253cf17493a886d304d0910a6e0214697

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.andoburg.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/index.php
Cookie
PHPSESSID=e734de83681daafb731b3ef1c8c8c347
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Jan 2018 08:54:58 GMT
Content-Encoding
gzip
Server
Apache/2.2.16 (Debian)
X-Powered-By
PHP/5.3.29-1~dotdeb.0
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=15, max=99
Content-Length
3859
Expires
Thu, 19 Nov 1981 08:52:00 GMT
global1-min140807.css
www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/css/
236 KB
41 KB
Stylesheet
General
Full URL
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/css/global1-min140807.css
Requested by
Host: www.andoburg.com
URL: http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Protocol
HTTP/1.1
Server
83.98.142.130 , Netherlands, ASN25525 (REASONNET-AS Amsterdam, the Netherlands, NL),
Reverse DNS
schiphol1.internetnu.net
Software
Apache/2.2.16 (Debian) /
Resource Hash
e388cd0c4c733d2162b59838f5d6de0747133ea1194280b34f4e5aadf4e9c1c8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.andoburg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Cookie
PHPSESSID=e734de83681daafb731b3ef1c8c8c347
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 25 Jan 2018 08:54:58 GMT
Content-Encoding
gzip
Last-Modified
Sat, 30 Dec 2017 14:02:20 GMT
Server
Apache/2.2.16 (Debian)
ETag
"5c08a8-3afa4-5618f328ef300"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Content-Length
41689
global2-min140729.css
www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/css/
272 KB
44 KB
Stylesheet
General
Full URL
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/css/global2-min140729.css
Requested by
Host: www.andoburg.com
URL: http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Protocol
HTTP/1.1
Server
83.98.142.130 , Netherlands, ASN25525 (REASONNET-AS Amsterdam, the Netherlands, NL),
Reverse DNS
schiphol1.internetnu.net
Software
Apache/2.2.16 (Debian) /
Resource Hash
23ab30355da2b99fe837f423f33b70c8355a1ad871a8bff9da12f76fdfab68cd

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.andoburg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Cookie
PHPSESSID=e734de83681daafb731b3ef1c8c8c347
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 25 Jan 2018 08:54:58 GMT
Content-Encoding
gzip
Last-Modified
Sat, 30 Dec 2017 14:02:20 GMT
Server
Apache/2.2.16 (Debian)
ETag
"5c08aa-441d8-5618f328ef300"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
44206
yeah-js.css
www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/css/
630 B
631 B
Stylesheet
General
Full URL
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/css/yeah-js.css
Requested by
Host: www.andoburg.com
URL: http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Protocol
HTTP/1.1
Server
83.98.142.130 , Netherlands, ASN25525 (REASONNET-AS Amsterdam, the Netherlands, NL),
Reverse DNS
schiphol1.internetnu.net
Software
Apache/2.2.16 (Debian) /
Resource Hash
f67491f0e2977cfdc9042ab933668392132fbdb101e3d507a3b200234c3d7901

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.andoburg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Cookie
PHPSESSID=e734de83681daafb731b3ef1c8c8c347
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 25 Jan 2018 08:54:58 GMT
Content-Encoding
gzip
Last-Modified
Sat, 30 Dec 2017 14:02:20 GMT
Server
Apache/2.2.16 (Debian)
ETag
"5c08ac-276-5618f328ef300"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
292
jquery-min140807.js
www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/js/
488 KB
86 KB
Script
General
Full URL
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/js/jquery-min140807.js
Requested by
Host: www.andoburg.com
URL: http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Protocol
HTTP/1.1
Server
83.98.142.130 , Netherlands, ASN25525 (REASONNET-AS Amsterdam, the Netherlands, NL),
Reverse DNS
schiphol1.internetnu.net
Software
Apache/2.2.16 (Debian) /
Resource Hash
e1c71520d373b7b607916d6b4353670e5f01777fce2e5bf7279a6fc676e10d4c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.andoburg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Cookie
PHPSESSID=e734de83681daafb731b3ef1c8c8c347
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 25 Jan 2018 08:54:58 GMT
Content-Encoding
gzip
Last-Modified
Sat, 30 Dec 2017 14:02:20 GMT
Server
Apache/2.2.16 (Debian)
ETag
"5c08ff-79e21-5618f328ef300"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
scriptsnippet.jspf
www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/js/
50 KB
50 KB
Script
General
Full URL
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/js/scriptsnippet.jspf
Requested by
Host: www.andoburg.com
URL: http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Protocol
HTTP/1.1
Server
83.98.142.130 , Netherlands, ASN25525 (REASONNET-AS Amsterdam, the Netherlands, NL),
Reverse DNS
schiphol1.internetnu.net
Software
Apache/2.2.16 (Debian) /
Resource Hash
cb03f9cc18b77935eecf6e81108264305d0f1c1d7e80ea1d889af60bcd4222d5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.andoburg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Cookie
PHPSESSID=e734de83681daafb731b3ef1c8c8c347
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 25 Jan 2018 08:54:58 GMT
Last-Modified
Sat, 30 Dec 2017 14:02:20 GMT
Server
Apache/2.2.16 (Debian)
ETag
"5c0904-c894-5618f328ef300"
Content-Type
text/plain
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
51348
global-min140807.js
www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/js/
524 KB
78 KB
Script
General
Full URL
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/js/global-min140807.js
Requested by
Host: www.andoburg.com
URL: http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Protocol
HTTP/1.1
Server
83.98.142.130 , Netherlands, ASN25525 (REASONNET-AS Amsterdam, the Netherlands, NL),
Reverse DNS
schiphol1.internetnu.net
Software
Apache/2.2.16 (Debian) /
Resource Hash
e5da09408be49cb69aca3978e1c90d21ec9f9f3acb1d5ab749ee3630f4f3fea3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.andoburg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Cookie
PHPSESSID=e734de83681daafb731b3ef1c8c8c347
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 25 Jan 2018 08:54:58 GMT
Content-Encoding
gzip
Last-Modified
Sat, 30 Dec 2017 14:02:20 GMT
Server
Apache/2.2.16 (Debian)
ETag
"5c08fd-83141-5618f328ef300"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
custom-min140729.js
www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/js/
5 KB
2 KB
Script
General
Full URL
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/js/custom-min140729.js
Requested by
Host: www.andoburg.com
URL: http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Protocol
HTTP/1.1
Server
83.98.142.130 , Netherlands, ASN25525 (REASONNET-AS Amsterdam, the Netherlands, NL),
Reverse DNS
schiphol1.internetnu.net
Software
Apache/2.2.16 (Debian) /
Resource Hash
31105bd27cef6c4194a8c2321896636fe2a761e5f4d68c2bdac1a5d88275352f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.andoburg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Cookie
PHPSESSID=e734de83681daafb731b3ef1c8c8c347
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 25 Jan 2018 08:54:58 GMT
Content-Encoding
gzip
Last-Modified
Sat, 30 Dec 2017 14:02:20 GMT
Server
Apache/2.2.16 (Debian)
ETag
"5c08fc-15e4-5618f328ef300"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
1269
progressbar.js
www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/js/
2 KB
884 B
Script
General
Full URL
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/js/progressbar.js
Requested by
Host: www.andoburg.com
URL: http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Protocol
HTTP/1.1
Server
83.98.142.130 , Netherlands, ASN25525 (REASONNET-AS Amsterdam, the Netherlands, NL),
Reverse DNS
schiphol1.internetnu.net
Software
Apache/2.2.16 (Debian) /
Resource Hash
d7502edec4d603cecaf6bedefcc80f0b0ad36d414d42e7b3c6421dcfb4142363

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.andoburg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Cookie
PHPSESSID=e734de83681daafb731b3ef1c8c8c347
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 25 Jan 2018 08:54:58 GMT
Content-Encoding
gzip
Last-Modified
Sat, 30 Dec 2017 14:02:20 GMT
Server
Apache/2.2.16 (Debian)
ETag
"5c0903-698-5618f328ef300"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Content-Length
532
583.png
www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/
3 KB
3 KB
Image
General
Full URL
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/583.png
Requested by
Host: www.andoburg.com
URL: http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Protocol
HTTP/1.1
Server
83.98.142.130 , Netherlands, ASN25525 (REASONNET-AS Amsterdam, the Netherlands, NL),
Reverse DNS
schiphol1.internetnu.net
Software
Apache/2.2.16 (Debian) /
Resource Hash
c5bafb009f4e1f964a63551c8b5201ea67476bf837dde26795f1b184c008ea51

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.andoburg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Cookie
PHPSESSID=e734de83681daafb731b3ef1c8c8c347
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 25 Jan 2018 08:54:58 GMT
Last-Modified
Sat, 30 Dec 2017 14:02:20 GMT
Server
Apache/2.2.16 (Debian)
ETag
"5c08b1-b44-5618f328ef300"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
2884
continue.png
www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/
1 KB
2 KB
Image
General
Full URL
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/continue.png
Requested by
Host: www.andoburg.com
URL: http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Protocol
HTTP/1.1
Server
83.98.142.130 , Netherlands, ASN25525 (REASONNET-AS Amsterdam, the Netherlands, NL),
Reverse DNS
schiphol1.internetnu.net
Software
Apache/2.2.16 (Debian) /
Resource Hash
ae129cb1d5b77a0c194b7cce7ba1740386bf6053c50003e487f95408cd33fa8e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.andoburg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Cookie
PHPSESSID=e734de83681daafb731b3ef1c8c8c347
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 25 Jan 2018 08:54:59 GMT
Last-Modified
Sat, 30 Dec 2017 14:02:20 GMT
Server
Apache/2.2.16 (Debian)
ETag
"5c08be-57e-5618f328ef300"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Content-Length
1406
101.png
www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/
3 KB
3 KB
Image
General
Full URL
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/101.png
Requested by
Host: www.andoburg.com
URL: http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Protocol
HTTP/1.1
Server
83.98.142.130 , Netherlands, ASN25525 (REASONNET-AS Amsterdam, the Netherlands, NL),
Reverse DNS
schiphol1.internetnu.net
Software
Apache/2.2.16 (Debian) /
Resource Hash
ba380237b4c7838d5751356ae573e6d2fea8014b83b13a13ae12c4095009a8d5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.andoburg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Cookie
PHPSESSID=e734de83681daafb731b3ef1c8c8c347
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 25 Jan 2018 08:54:59 GMT
Last-Modified
Sat, 30 Dec 2017 14:02:20 GMT
Server
Apache/2.2.16 (Debian)
ETag
"5c08af-a8f-5618f328ef300"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=97
Content-Length
2703
ad1.jpg
www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/
20 KB
20 KB
Image
General
Full URL
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/ad1.jpg
Requested by
Host: www.andoburg.com
URL: http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Protocol
HTTP/1.1
Server
83.98.142.130 , Netherlands, ASN25525 (REASONNET-AS Amsterdam, the Netherlands, NL),
Reverse DNS
schiphol1.internetnu.net
Software
Apache/2.2.16 (Debian) /
Resource Hash
3e84ed2e39cddc9772709e16b447cab495863c9c7e2c51843ab447cab04ef61d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.andoburg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Cookie
PHPSESSID=e734de83681daafb731b3ef1c8c8c347
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 25 Jan 2018 08:54:59 GMT
Last-Modified
Sat, 30 Dec 2017 14:02:20 GMT
Server
Apache/2.2.16 (Debian)
ETag
"5c08b2-4e48-5618f328ef300"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=96
Content-Length
20040
ad2.png
www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/
12 KB
13 KB
Image
General
Full URL
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/ad2.png
Requested by
Host: www.andoburg.com
URL: http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Protocol
HTTP/1.1
Server
83.98.142.130 , Netherlands, ASN25525 (REASONNET-AS Amsterdam, the Netherlands, NL),
Reverse DNS
schiphol1.internetnu.net
Software
Apache/2.2.16 (Debian) /
Resource Hash
06477cbb34ee2cebc77845e54509b3f146982cfb15dc65d547fb52b60e82d63e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.andoburg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Cookie
PHPSESSID=e734de83681daafb731b3ef1c8c8c347
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 25 Jan 2018 08:54:59 GMT
Last-Modified
Sat, 30 Dec 2017 14:02:20 GMT
Server
Apache/2.2.16 (Debian)
ETag
"5c08b3-31ad-5618f328ef300"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=95
Content-Length
12717
ad3.png
www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/
74 KB
75 KB
Image
General
Full URL
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/ad3.png
Requested by
Host: www.andoburg.com
URL: http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Protocol
HTTP/1.1
Server
83.98.142.130 , Netherlands, ASN25525 (REASONNET-AS Amsterdam, the Netherlands, NL),
Reverse DNS
schiphol1.internetnu.net
Software
Apache/2.2.16 (Debian) /
Resource Hash
ee98c8c3234bf0d33163b027a50dd242b8c8574d8790bfc7a6dd142c44f4f001

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.andoburg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
Cookie
PHPSESSID=e734de83681daafb731b3ef1c8c8c347
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/Login.php?sslchannel=true&sessionid=gyndxI6H9vOIAEQmbUNWUSqhEjhb4XXgu0JH5h00rojOk9xSwsfDUyMt45FITW5C5TeAM7yC3Ti6Lyu3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 25 Jan 2018 08:54:59 GMT
Last-Modified
Sat, 30 Dec 2017 14:02:20 GMT
Server
Apache/2.2.16 (Debian)
ETag
"5c08b4-1295f-5618f328ef300"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
76127
header_bg.png
www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/
410 B
702 B
Image
General
Full URL
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/header_bg.png
Requested by
Host: www.andoburg.com
URL: http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/js/jquery-min140807.js
Protocol
HTTP/1.1
Server
83.98.142.130 , Netherlands, ASN25525 (REASONNET-AS Amsterdam, the Netherlands, NL),
Reverse DNS
schiphol1.internetnu.net
Software
Apache/2.2.16 (Debian) /
Resource Hash
5429563ef6fb1bfb565142b8466fccd64684b08ea9725dadb8395c94a1913a95

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.andoburg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/css/global1-min140807.css
Cookie
PHPSESSID=e734de83681daafb731b3ef1c8c8c347
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/css/global1-min140807.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 25 Jan 2018 08:54:59 GMT
Last-Modified
Sat, 30 Dec 2017 14:02:20 GMT
Server
Apache/2.2.16 (Debian)
ETag
"5c08c9-19a-5618f328ef300"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
410
logo_scrn.png
www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/
3 KB
3 KB
Image
General
Full URL
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/logo_scrn.png
Requested by
Host: www.andoburg.com
URL: http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/js/jquery-min140807.js
Protocol
HTTP/1.1
Server
83.98.142.130 , Netherlands, ASN25525 (REASONNET-AS Amsterdam, the Netherlands, NL),
Reverse DNS
schiphol1.internetnu.net
Software
Apache/2.2.16 (Debian) /
Resource Hash
a9ba92bf7baffa72e78ab7a2772f99e85ca7b033733a246efa81f97575264732

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.andoburg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/css/global1-min140807.css
Cookie
PHPSESSID=e734de83681daafb731b3ef1c8c8c347
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/css/global1-min140807.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 25 Jan 2018 08:54:59 GMT
Last-Modified
Sat, 30 Dec 2017 14:02:20 GMT
Server
Apache/2.2.16 (Debian)
ETag
"5c08ce-a4f-5618f328ef300"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
2639
padlock_secureMsg.png
www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/
872 B
1 KB
Image
General
Full URL
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/padlock_secureMsg.png
Requested by
Host: www.andoburg.com
URL: http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/js/jquery-min140807.js
Protocol
HTTP/1.1
Server
83.98.142.130 , Netherlands, ASN25525 (REASONNET-AS Amsterdam, the Netherlands, NL),
Reverse DNS
schiphol1.internetnu.net
Software
Apache/2.2.16 (Debian) /
Resource Hash
56d5bdbb170ef769250396f9cc9da6091103e2d73b83acb4dd696cbb003281c2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.andoburg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/css/global1-min140807.css
Cookie
PHPSESSID=e734de83681daafb731b3ef1c8c8c347
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/css/global1-min140807.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 25 Jan 2018 08:54:59 GMT
Last-Modified
Sat, 30 Dec 2017 14:02:20 GMT
Server
Apache/2.2.16 (Debian)
ETag
"5c08d2-368-5618f328ef300"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=97
Content-Length
872
arrow_lo.png
www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/
180 B
471 B
Image
General
Full URL
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/arrow_lo.png
Requested by
Host: www.andoburg.com
URL: http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/js/jquery-min140807.js
Protocol
HTTP/1.1
Server
83.98.142.130 , Netherlands, ASN25525 (REASONNET-AS Amsterdam, the Netherlands, NL),
Reverse DNS
schiphol1.internetnu.net
Software
Apache/2.2.16 (Debian) /
Resource Hash
7c455b6627629be4ce63d760888b316cabe0ad3dfd353f633a0f1f8608b98d3a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.andoburg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/css/global1-min140807.css
Cookie
PHPSESSID=e734de83681daafb731b3ef1c8c8c347
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/css/global1-min140807.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 25 Jan 2018 08:54:59 GMT
Last-Modified
Sat, 30 Dec 2017 14:02:20 GMT
Server
Apache/2.2.16 (Debian)
ETag
"5c08b9-b4-5618f328ef300"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=97
Content-Length
180
horiz_div.png
www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/
98 B
388 B
Image
General
Full URL
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/horiz_div.png
Requested by
Host: www.andoburg.com
URL: http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/js/jquery-min140807.js
Protocol
HTTP/1.1
Server
83.98.142.130 , Netherlands, ASN25525 (REASONNET-AS Amsterdam, the Netherlands, NL),
Reverse DNS
schiphol1.internetnu.net
Software
Apache/2.2.16 (Debian) /
Resource Hash
6397fb29be11aa0141c0078103bb7875ef0315669ed9ce9f1dd297f8d3860759

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.andoburg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/css/global1-min140807.css
Cookie
PHPSESSID=e734de83681daafb731b3ef1c8c8c347
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/css/global1-min140807.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 25 Jan 2018 08:54:59 GMT
Last-Modified
Sat, 30 Dec 2017 14:02:20 GMT
Server
Apache/2.2.16 (Debian)
ETag
"5c08ca-62-5618f328ef300"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=94
Content-Length
98
arrow.png
www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/
180 B
471 B
Image
General
Full URL
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/arrow.png
Requested by
Host: www.andoburg.com
URL: http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/js/jquery-min140807.js
Protocol
HTTP/1.1
Server
83.98.142.130 , Netherlands, ASN25525 (REASONNET-AS Amsterdam, the Netherlands, NL),
Reverse DNS
schiphol1.internetnu.net
Software
Apache/2.2.16 (Debian) /
Resource Hash
dd11e419ee50c9703ff820a6e64f01c9b8c7c7b6b4e820f02d734f24036e5652

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.andoburg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/css/global1-min140807.css
Cookie
PHPSESSID=e734de83681daafb731b3ef1c8c8c347
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/css/global1-min140807.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 25 Jan 2018 08:54:59 GMT
Last-Modified
Sat, 30 Dec 2017 14:02:20 GMT
Server
Apache/2.2.16 (Debian)
ETag
"5c08b6-b4-5618f328ef300"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=96
Content-Length
180
footer_bg.png
www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/
238 B
529 B
Image
General
Full URL
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/footer_bg.png
Requested by
Host: www.andoburg.com
URL: http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/js/jquery-min140807.js
Protocol
HTTP/1.1
Server
83.98.142.130 , Netherlands, ASN25525 (REASONNET-AS Amsterdam, the Netherlands, NL),
Reverse DNS
schiphol1.internetnu.net
Software
Apache/2.2.16 (Debian) /
Resource Hash
6f1ffe1dd280ac3d04df2bbd47991d0e194d89240aa68982c0fc5d005e3ab9f5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.andoburg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/css/global1-min140807.css
Cookie
PHPSESSID=e734de83681daafb731b3ef1c8c8c347
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/css/global1-min140807.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 25 Jan 2018 08:54:59 GMT
Last-Modified
Sat, 30 Dec 2017 14:02:20 GMT
Server
Apache/2.2.16 (Debian)
ETag
"5c08c7-ee-5618f328ef300"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=96
Content-Length
238
secondary_accordion_bg.png
www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/
162 B
453 B
Image
General
Full URL
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/secondary_accordion_bg.png
Requested by
Host: www.andoburg.com
URL: http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/js/jquery-min140807.js
Protocol
HTTP/1.1
Server
83.98.142.130 , Netherlands, ASN25525 (REASONNET-AS Amsterdam, the Netherlands, NL),
Reverse DNS
schiphol1.internetnu.net
Software
Apache/2.2.16 (Debian) /
Resource Hash
355b5c45d1515da771d3506f604a124d055a6aa7541793776599efc0f6f53e53

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.andoburg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/css/global1-min140807.css
Cookie
PHPSESSID=e734de83681daafb731b3ef1c8c8c347
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/css/global1-min140807.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 25 Jan 2018 08:54:59 GMT
Last-Modified
Sat, 30 Dec 2017 14:02:20 GMT
Server
Apache/2.2.16 (Debian)
ETag
"5c08df-a2-5618f328ef300"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=95
Content-Length
162
plus.png
www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/
515 B
807 B
Image
General
Full URL
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/img/plus.png
Requested by
Host: www.andoburg.com
URL: http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/js/jquery-min140807.js
Protocol
HTTP/1.1
Server
83.98.142.130 , Netherlands, ASN25525 (REASONNET-AS Amsterdam, the Netherlands, NL),
Reverse DNS
schiphol1.internetnu.net
Software
Apache/2.2.16 (Debian) /
Resource Hash
96c81f09d628ef873723fa1c83dc2d6274ee182477c1994ed22063c15161b23a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.andoburg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/css/global1-min140807.css
Cookie
PHPSESSID=e734de83681daafb731b3ef1c8c8c347
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.andoburg.com/plugins/editors/halifax-online.co.uk/assets/css/global1-min140807.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 25 Jan 2018 08:54:59 GMT
Last-Modified
Sat, 30 Dec 2017 14:02:20 GMT
Server
Apache/2.2.16 (Debian)
ETag
"5c08d5-203-5618f328ef300"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=95
Content-Length
515

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Halifax Bank (Banking)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| swfobject object| LBG function| $ function| jQuery function| DP_jQuery object| campaignScripts object| Messages object| DI function| AspectCollection function| bankInputFocusHandler function| bankInputBlurHandler function| setBankBrowseLinks function| displayResults function| getJsonResults object| cur number| interval number| timeStep number| lastTime function| goFwd function| goBack function| back function| forward function| showPause function| showPlay function| start function| MobileGuy boolean| hasDuplicate object| $initElements

1 Cookies

Domain/Path Name / Value
www.andoburg.com/ Name: PHPSESSID
Value: e734de83681daafb731b3ef1c8c8c347

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

andoburg.com
gibibyte.com.tr
www.andoburg.com
185.84.182.96
83.98.142.130
06477cbb34ee2cebc77845e54509b3f146982cfb15dc65d547fb52b60e82d63e
23ab30355da2b99fe837f423f33b70c8355a1ad871a8bff9da12f76fdfab68cd
31105bd27cef6c4194a8c2321896636fe2a761e5f4d68c2bdac1a5d88275352f
355b5c45d1515da771d3506f604a124d055a6aa7541793776599efc0f6f53e53
3e84ed2e39cddc9772709e16b447cab495863c9c7e2c51843ab447cab04ef61d
5429563ef6fb1bfb565142b8466fccd64684b08ea9725dadb8395c94a1913a95
56d5bdbb170ef769250396f9cc9da6091103e2d73b83acb4dd696cbb003281c2
6397fb29be11aa0141c0078103bb7875ef0315669ed9ce9f1dd297f8d3860759
6f1ffe1dd280ac3d04df2bbd47991d0e194d89240aa68982c0fc5d005e3ab9f5
7c455b6627629be4ce63d760888b316cabe0ad3dfd353f633a0f1f8608b98d3a
96c81f09d628ef873723fa1c83dc2d6274ee182477c1994ed22063c15161b23a
a9ba92bf7baffa72e78ab7a2772f99e85ca7b033733a246efa81f97575264732
ae129cb1d5b77a0c194b7cce7ba1740386bf6053c50003e487f95408cd33fa8e
ba380237b4c7838d5751356ae573e6d2fea8014b83b13a13ae12c4095009a8d5
bc161ef3f632a17a4e8f6628a0e7a29253cf17493a886d304d0910a6e0214697
c5bafb009f4e1f964a63551c8b5201ea67476bf837dde26795f1b184c008ea51
cb03f9cc18b77935eecf6e81108264305d0f1c1d7e80ea1d889af60bcd4222d5
d7502edec4d603cecaf6bedefcc80f0b0ad36d414d42e7b3c6421dcfb4142363
dd11e419ee50c9703ff820a6e64f01c9b8c7c7b6b4e820f02d734f24036e5652
e1c71520d373b7b607916d6b4353670e5f01777fce2e5bf7279a6fc676e10d4c
e388cd0c4c733d2162b59838f5d6de0747133ea1194280b34f4e5aadf4e9c1c8
e5da09408be49cb69aca3978e1c90d21ec9f9f3acb1d5ab749ee3630f4f3fea3
ee98c8c3234bf0d33163b027a50dd242b8c8574d8790bfc7a6dd142c44f4f001
f67491f0e2977cfdc9042ab933668392132fbdb101e3d507a3b200234c3d7901