urlscan.io logo urlscan.io
SecurityTrails logo

idp.vabi.nl Open in urlscan Pro
194.103.129.136  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://app.vabi.nl/
Effective URL: https://idp.vabi.nl/accounts/login/?next=/o/authorize/%3Fclient_id%3DiqVCoYXFgkPdM4LCH5Ew6uhV5i1RFCVSDNyMAOwy%26scop...
Submission: On March 13 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 30 HTTP transactions. The main IP is 194.103.129.136, located in Sweden and belongs to SE-VITEC-AS, SE. The main domain is idp.vabi.nl.
TLS certificate: Issued by R3 on January 25th 2024. Valid for: 3 months.
This is the only time idp.vabi.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 20.105.232.5 8075 (MICROSOFT...)
1 4 194.103.129.136 197332 (SE-VITEC-AS)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
30 6
21    20.105.232.5 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
app.vabi.nl
4    194.103.129.136 (Sweden)

ASN197332 (SE-VITEC-AS, SE)
PTR: 136-129.vitec.se
idp.vabi.nl
2    2607:f8b0:4004:c09::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2607:f8b0:4004:c1d::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
25 vabi.nl
app.vabi.nl
idp.vabi.nl
199 KB
3 gstatic.com
fonts.gstatic.com
47 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
2 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 228
13 KB
30 4
Domain Requested by
21 app.vabi.nl app.vabi.nl
4 idp.vabi.nl 1 redirects app.vabi.nl
idp.vabi.nl
3 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com idp.vabi.nl
1 cdnjs.cloudflare.com idp.vabi.nl
30 5

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
twitter.com
Subject Issuer Validity Valid
app.vabi.nl
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-03-12 -
2024-09-12		 6 months crt.sh
idp.vabi.nl
R3		 2024-01-25 -
2024-04-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://idp.vabi.nl/accounts/login/?next=/o/authorize/%3Fclient_id%3DiqVCoYXFgkPdM4LCH5Ew6uhV5i1RFCVSDNyMAOwy%26scope%3Dopenid%2520profile%2520email%2520phone%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fcloud.vabi.nl%252Fapi%252Fauth%252Fcallback%252Fvabi%26state%3DGDGtXiTF1Jk6EjWC8CLBOsWz04E7UoW0P8D4CSUeIx0%26code_challenge%3DZmKI6snjlIoRb5A0JRwoUaNu5oWe6RTToo54G9XR824%26code_challenge_method%3DS256
Frame ID: 7199463A9C4A265610543770CBDF4E2B
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

VABI | Aanmelden

Page URL History Show full URLs

  1. https://app.vabi.nl/ Page URL
  2. https://idp.vabi.nl/o/authorize/?client_id=iqVCoYXFgkPdM4LCH5Ew6uhV5i1RFCVSDNyMAOwy&scope=openid... HTTP 302
    https://idp.vabi.nl/accounts/login/?next=/o/authorize/%3Fclient_id%3DiqVCoYXFgkPdM4LCH5Ew6uhV5i1... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

30
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

6
IPs

3
Countries

260 kB
Transfer

751 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://app.vabi.nl/ Page URL
  2. https://idp.vabi.nl/o/authorize/?client_id=iqVCoYXFgkPdM4LCH5Ew6uhV5i1RFCVSDNyMAOwy&scope=openid%20profile%20email%20phone&response_type=code&redirect_uri=https%3A%2F%2Fcloud.vabi.nl%2Fapi%2Fauth%2Fcallback%2Fvabi&state=GDGtXiTF1Jk6EjWC8CLBOsWz04E7UoW0P8D4CSUeIx0&code_challenge=ZmKI6snjlIoRb5A0JRwoUaNu5oWe6RTToo54G9XR824&code_challenge_method=S256 HTTP 302
    https://idp.vabi.nl/accounts/login/?next=/o/authorize/%3Fclient_id%3DiqVCoYXFgkPdM4LCH5Ew6uhV5i1RFCVSDNyMAOwy%26scope%3Dopenid%2520profile%2520email%2520phone%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fcloud.vabi.nl%252Fapi%252Fauth%252Fcallback%252Fvabi%26state%3DGDGtXiTF1Jk6EjWC8CLBOsWz04E7UoW0P8D4CSUeIx0%26code_challenge%3DZmKI6snjlIoRb5A0JRwoUaNu5oWe6RTToo54G9XR824%26code_challenge_method%3DS256 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
app.vabi.nl/ 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.vabi.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.105.232.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Next.js
Resource Hash
7dd2d5c432d673e0f20d670ae1ce55e27ccf762b1e32689f58359adbc25c4b49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 13 Mar 2024 14:42:02 GMT
permissions-policy
camera=(), microphone=(), geolocation=()
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-frame-options
DENY
x-powered-by
Next.js
9919cdaa7472f3f1-s.p.woff2
app.vabi.nl/_next/static/media/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.vabi.nl/_next/static/media/9919cdaa7472f3f1-s.p.woff2
Requested by
Host: app.vabi.nl
URL: https://app.vabi.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.105.232.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f4bcd6b673d2e853cdc0b0769133741c55aa247f012dfd58640f115c3df39f68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://app.vabi.nl/
Origin
https://app.vabi.nl
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 14:42:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 12 Mar 2024 17:36:37 GMT
etag
W/"71a8-18e33bcd488"
x-frame-options
DENY
x-dns-prefetch-control
on
content-type
font/woff2
cache-control
public, max-age=31536000, immutable
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
content-length
29096
1ad2cc1a20ccb377.css
app.vabi.nl/_next/static/css/ 		102 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.vabi.nl/_next/static/css/1ad2cc1a20ccb377.css
Requested by
Host: app.vabi.nl
URL: https://app.vabi.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.105.232.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5151ae99bfe11a277181a397dd5bee8165b8bb9163503e447defa0b4e488e36e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.vabi.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 14:42:02 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 12 Mar 2024 17:36:37 GMT
x-content-type-options
nosniff
etag
W/"196ef-18e33bcd488"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
x-dns-prefetch-control
on
cache-control
public, max-age=31536000, immutable
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
webpack-1e633572ed5caee8.js
app.vabi.nl/_next/static/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.vabi.nl/_next/static/chunks/webpack-1e633572ed5caee8.js
Requested by
Host: app.vabi.nl
URL: https://app.vabi.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.105.232.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
72ced5e8cc0da9e0cecd125c44081c48c51c0339f13d7c39ca1c32728fb22988
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.vabi.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 14:42:02 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 12 Mar 2024 17:36:37 GMT
x-content-type-options
nosniff
etag
W/"f39-18e33bcd488"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
x-dns-prefetch-control
on
cache-control
public, max-age=31536000, immutable
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
fd9d1056-a80b8d771c938d79.js
app.vabi.nl/_next/static/chunks/ 		168 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.vabi.nl/_next/static/chunks/fd9d1056-a80b8d771c938d79.js
Requested by
Host: app.vabi.nl
URL: https://app.vabi.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.105.232.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
63e6aa6fce7b06107cbca157e256154b4600e5082858ec428d5b628f88ce6508
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.vabi.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 14:42:02 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 12 Mar 2024 17:36:37 GMT
x-content-type-options
nosniff
etag
W/"2a09e-18e33bcd488"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
x-dns-prefetch-control
on
cache-control
public, max-age=31536000, immutable
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
69-163fcbe076ae06f1.js
app.vabi.nl/_next/static/chunks/ 		110 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.vabi.nl/_next/static/chunks/69-163fcbe076ae06f1.js
Requested by
Host: app.vabi.nl
URL: https://app.vabi.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.105.232.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
882ddbb8d4f415eb5f239d267c91a2e4430abb105c0bd6b22593363879ed1557
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.vabi.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 14:42:02 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 12 Mar 2024 17:36:37 GMT
x-content-type-options
nosniff
etag
W/"1b7c2-18e33bcd488"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
x-dns-prefetch-control
on
cache-control
public, max-age=31536000, immutable
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
main-app-41f53b3e34e0a79d.js
app.vabi.nl/_next/static/chunks/ 		462 B
529 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.vabi.nl/_next/static/chunks/main-app-41f53b3e34e0a79d.js
Requested by
Host: app.vabi.nl
URL: https://app.vabi.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.105.232.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bc49838cd86ad1083e31e1c431b2c5ae174029b270e65ad739150450d02914ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.vabi.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 14:42:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 12 Mar 2024 17:36:37 GMT
etag
W/"1ce-18e33bcd488"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
x-dns-prefetch-control
on
cache-control
public, max-age=31536000, immutable
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
content-length
462
123-8294002e5d8a8f46.js
app.vabi.nl/_next/static/chunks/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.vabi.nl/_next/static/chunks/123-8294002e5d8a8f46.js
Requested by
Host: app.vabi.nl
URL: https://app.vabi.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.105.232.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
264446daca36ec8c77e0287d58c9b3a949148d8760de1b8eaaea73b150543097
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.vabi.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 14:42:02 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 12 Mar 2024 17:36:37 GMT
x-content-type-options
nosniff
etag
W/"3f68-18e33bcd488"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
x-dns-prefetch-control
on
cache-control
public, max-age=31536000, immutable
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
layout-d89c4e554d7b1345.js
app.vabi.nl/_next/static/chunks/app/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.vabi.nl/_next/static/chunks/app/layout-d89c4e554d7b1345.js
Requested by
Host: app.vabi.nl
URL: https://app.vabi.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.105.232.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d43f46749189468700c3c5829a5fec8282e46027979ff99c5a0b891bb9b5e0ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.vabi.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 14:42:02 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 12 Mar 2024 17:36:37 GMT
x-content-type-options
nosniff
etag
W/"213f-18e33bcd488"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
x-dns-prefetch-control
on
cache-control
public, max-age=31536000, immutable
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
250-b38e6e6ecbbf596c.js
app.vabi.nl/_next/static/chunks/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.vabi.nl/_next/static/chunks/250-b38e6e6ecbbf596c.js
Requested by
Host: app.vabi.nl
URL: https://app.vabi.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.105.232.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6a731bb68cfef6a9cd209e92109582c0718d6930f52096d3d3a5bfb65aa9523b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.vabi.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 14:42:02 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 12 Mar 2024 17:36:37 GMT
x-content-type-options
nosniff
etag
W/"503d-18e33bcd488"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
x-dns-prefetch-control
on
cache-control
public, max-age=31536000, immutable
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
769-a870c026afa8dd4b.js
app.vabi.nl/_next/static/chunks/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.vabi.nl/_next/static/chunks/769-a870c026afa8dd4b.js
Requested by
Host: app.vabi.nl
URL: https://app.vabi.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.105.232.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c1f19f5840a8223384369bd1d7c26f38d2e9d7d10aee35da0bf96c07f1d2e0a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.vabi.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 14:42:02 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 12 Mar 2024 17:36:37 GMT
x-content-type-options
nosniff
etag
W/"50fc-18e33bcd488"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
x-dns-prefetch-control
on
cache-control
public, max-age=31536000, immutable
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
error-7efbb8a0baef9197.js
app.vabi.nl/_next/static/chunks/app/ 		1 KB
842 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.vabi.nl/_next/static/chunks/app/error-7efbb8a0baef9197.js
Requested by
Host: app.vabi.nl
URL: https://app.vabi.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.105.232.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ef1e0217df9aa21ce08ff83449837afb4d1013adce84cc71f14f5023c80d33a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.vabi.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 14:42:02 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 12 Mar 2024 17:36:37 GMT
x-content-type-options
nosniff
etag
W/"5e0-18e33bcd488"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
x-dns-prefetch-control
on
cache-control
public, max-age=31536000, immutable
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
f97e080b-5dc420849f9be928.js
app.vabi.nl/_next/static/chunks/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.vabi.nl/_next/static/chunks/f97e080b-5dc420849f9be928.js
Requested by
Host: app.vabi.nl
URL: https://app.vabi.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.105.232.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dedbd01199c5ab58820260dee5e79c3c9e44a5475d1ca53e61a36ff45d8127fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.vabi.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 14:42:02 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 12 Mar 2024 17:36:37 GMT
x-content-type-options
nosniff
etag
W/"588c-18e33bcd488"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
x-dns-prefetch-control
on
cache-control
public, max-age=31536000, immutable
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
267-a993587ca6a38e73.js
app.vabi.nl/_next/static/chunks/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.vabi.nl/_next/static/chunks/267-a993587ca6a38e73.js
Requested by
Host: app.vabi.nl
URL: https://app.vabi.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.105.232.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1b209d126d5b9b8604038206c48a615d88f515ef51773fc35b56ccd127e6f58c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.vabi.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 14:42:02 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 12 Mar 2024 17:36:37 GMT
x-content-type-options
nosniff
etag
W/"8bff-18e33bcd488"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
x-dns-prefetch-control
on
cache-control
public, max-age=31536000, immutable
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
105-a394fd6269344683.js
app.vabi.nl/_next/static/chunks/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.vabi.nl/_next/static/chunks/105-a394fd6269344683.js
Requested by
Host: app.vabi.nl
URL: https://app.vabi.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.105.232.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d4d9980601418e6f7beab87074771968c393c03c51a0541f32557d1408b6196c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.vabi.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 14:42:02 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 12 Mar 2024 17:36:37 GMT
x-content-type-options
nosniff
etag
W/"3c4e-18e33bcd488"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
x-dns-prefetch-control
on
cache-control
public, max-age=31536000, immutable
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
layout-feb151bf3d894b08.js
app.vabi.nl/_next/static/chunks/app/(ump)/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.vabi.nl/_next/static/chunks/app/(ump)/layout-feb151bf3d894b08.js
Requested by
Host: app.vabi.nl
URL: https://app.vabi.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.105.232.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3c7c1999bf11f7ce9aaf438f66b4aee96a5669c18964dae0bfccb022760234b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.vabi.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 14:42:02 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 12 Mar 2024 17:36:37 GMT
x-content-type-options
nosniff
etag
W/"157e-18e33bcd488"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
x-dns-prefetch-control
on
cache-control
public, max-age=31536000, immutable
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
global-error-b8b68f829c97dd54.js
app.vabi.nl/_next/static/chunks/app/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.vabi.nl/_next/static/chunks/app/global-error-b8b68f829c97dd54.js
Requested by
Host: app.vabi.nl
URL: https://app.vabi.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.105.232.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c05e1062f2ff514202c462f7627df37ea9669dbe17d02d04f0095e4a7d3c7186
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.vabi.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 14:42:02 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 12 Mar 2024 17:36:37 GMT
x-content-type-options
nosniff
etag
W/"2228-18e33bcd488"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
x-dns-prefetch-control
on
cache-control
public, max-age=31536000, immutable
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
page-c79a3dfec5af7a12.js
app.vabi.nl/_next/static/chunks/app/ 		741 B
808 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.vabi.nl/_next/static/chunks/app/page-c79a3dfec5af7a12.js
Requested by
Host: app.vabi.nl
URL: https://app.vabi.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.105.232.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3c1f3aed0da30f0f4d86e42083da2641a2c4e388cd86d55f2460bc8ed4723952
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.vabi.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 14:42:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 12 Mar 2024 17:36:37 GMT
etag
W/"2e5-18e33bcd488"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
x-dns-prefetch-control
on
cache-control
public, max-age=31536000, immutable
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
content-length
741
providers
app.vabi.nl/api/auth/ 		169 B
313 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.vabi.nl/api/auth/providers
Requested by
Host: app.vabi.nl
URL: https://app.vabi.nl/_next/static/chunks/267-a993587ca6a38e73.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.105.232.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
425f32c9b20215dc6fe9be01dc49b2e804cb0429031347ff6d1567d72eae804d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://app.vabi.nl/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 13 Mar 2024 14:42:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-dns-prefetch-control
on
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
content-type
application/json
x-frame-options
DENY
permissions-policy
camera=(), microphone=(), geolocation=()
csrf
app.vabi.nl/api/auth/ 		80 B
422 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.vabi.nl/api/auth/csrf
Requested by
Host: app.vabi.nl
URL: https://app.vabi.nl/_next/static/chunks/267-a993587ca6a38e73.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.105.232.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1132e607273eb5d5c1574b9d8576c85b310097f6ee89222848426c72f9063676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://app.vabi.nl/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 13 Mar 2024 14:42:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-dns-prefetch-control
on
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
content-type
application/json
x-frame-options
DENY
permissions-policy
camera=(), microphone=(), geolocation=()
vabi
app.vabi.nl/api/auth/signin/ 		359 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.vabi.nl/api/auth/signin/vabi
Requested by
Host: app.vabi.nl
URL: https://app.vabi.nl/_next/static/chunks/267-a993587ca6a38e73.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.105.232.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://app.vabi.nl/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 13 Mar 2024 14:42:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-dns-prefetch-control
on
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
content-type
application/json
x-frame-options
DENY
permissions-policy
camera=(), microphone=(), geolocation=()
Primary Request /
idp.vabi.nl/accounts/login/
Redirect Chain
  • https://idp.vabi.nl/o/authorize/?client_id=iqVCoYXFgkPdM4LCH5Ew6uhV5i1RFCVSDNyMAOwy&scope=openid%20profile%20email%20phone&response_type=code&redirect_uri=https%3A%2F%2Fcloud.vabi.nl%2Fapi%2Fauth%2...
  • https://idp.vabi.nl/accounts/login/?next=/o/authorize/%3Fclient_id%3DiqVCoYXFgkPdM4LCH5Ew6uhV5i1RFCVSDNyMAOwy%26scope%3Dopenid%2520profile%2520email%2520phone%26response_type%3Dcode%26redirect_uri%...
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://idp.vabi.nl/accounts/login/?next=/o/authorize/%3Fclient_id%3DiqVCoYXFgkPdM4LCH5Ew6uhV5i1RFCVSDNyMAOwy%26scope%3Dopenid%2520profile%2520email%2520phone%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fcloud.vabi.nl%252Fapi%252Fauth%252Fcallback%252Fvabi%26state%3DGDGtXiTF1Jk6EjWC8CLBOsWz04E7UoW0P8D4CSUeIx0%26code_challenge%3DZmKI6snjlIoRb5A0JRwoUaNu5oWe6RTToo54G9XR824%26code_challenge_method%3DS256
Requested by
Host: app.vabi.nl
URL: https://app.vabi.nl/_next/static/chunks/267-a993587ca6a38e73.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.103.129.136 , Sweden, ASN197332 (SE-VITEC-AS, SE),
Reverse DNS
136-129.vitec.se
Software
nginx /
Resource Hash
b8152e13e4567bb63690c951980a76633e3a45c63aeab45aea49b10ad34aa142
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate, private
content-encoding
gzip
content-language
nl
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Wed, 13 Mar 2024 14:42:04 GMT
expires
Wed, 13 Mar 2024 14:42:04 GMT
referrer-policy
same-origin
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding Authorization, Accept-Language, Cookie, origin
x-content-type-options
nosniff
x-frame-options
DENY

Redirect headers

content-language
nl
content-length
0
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Wed, 13 Mar 2024 14:42:04 GMT
location
/accounts/login/?next=/o/authorize/%3Fclient_id%3DiqVCoYXFgkPdM4LCH5Ew6uhV5i1RFCVSDNyMAOwy%26scope%3Dopenid%2520profile%2520email%2520phone%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fcloud.vabi.nl%252Fapi%252Fauth%252Fcallback%252Fvabi%26state%3DGDGtXiTF1Jk6EjWC8CLBOsWz04E7UoW0P8D4CSUeIx0%26code_challenge%3DZmKI6snjlIoRb5A0JRwoUaNu5oWe6RTToo54G9XR824%26code_challenge_method%3DS256
referrer-policy
same-origin
server
nginx
strict-transport-security
max-age=31536000
vary
Authorization, Accept-Language, Cookie, origin
x-content-type-options
nosniff
x-frame-options
DENY
css2
fonts.googleapis.com/ 		3 KB
889 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Titillium+Web:wght@300;400;600;700&display=swap
Requested by
Host: idp.vabi.nl
URL: https://idp.vabi.nl/accounts/login/?next=/o/authorize/%3Fclient_id%3DiqVCoYXFgkPdM4LCH5Ew6uhV5i1RFCVSDNyMAOwy%26scope%3Dopenid%2520profile%2520email%2520phone%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fcloud.vabi.nl%252Fapi%252Fauth%252Fcallback%252Fvabi%26state%3DGDGtXiTF1Jk6EjWC8CLBOsWz04E7UoW0P8D4CSUeIx0%26code_challenge%3DZmKI6snjlIoRb5A0JRwoUaNu5oWe6RTToo54G9XR824%26code_challenge_method%3DS256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7ee741f301f6e740ce4c1f8382e5161566794477e6a4eb51dcdffae29df79273
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 13 Mar 2024 14:42:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 13 Mar 2024 14:36:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Mar 2024 14:42:05 GMT
styles.css
idp.vabi.nl/static/css/dist/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://idp.vabi.nl/static/css/dist/styles.css
Requested by
Host: idp.vabi.nl
URL: https://idp.vabi.nl/accounts/login/?next=/o/authorize/%3Fclient_id%3DiqVCoYXFgkPdM4LCH5Ew6uhV5i1RFCVSDNyMAOwy%26scope%3Dopenid%2520profile%2520email%2520phone%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fcloud.vabi.nl%252Fapi%252Fauth%252Fcallback%252Fvabi%26state%3DGDGtXiTF1Jk6EjWC8CLBOsWz04E7UoW0P8D4CSUeIx0%26code_challenge%3DZmKI6snjlIoRb5A0JRwoUaNu5oWe6RTToo54G9XR824%26code_challenge_method%3DS256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.103.129.136 , Sweden, ASN197332 (SE-VITEC-AS, SE),
Reverse DNS
136-129.vitec.se
Software
nginx /
Resource Hash
079e6bab72f35c706a90eda521f6d0689ae17dcb94e71290a25f8e47af74f579
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://idp.vabi.nl/accounts/login/?next=/o/authorize/%3Fclient_id%3DiqVCoYXFgkPdM4LCH5Ew6uhV5i1RFCVSDNyMAOwy%26scope%3Dopenid%2520profile%2520email%2520phone%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fcloud.vabi.nl%252Fapi%252Fauth%252Fcallback%252Fvabi%26state%3DGDGtXiTF1Jk6EjWC8CLBOsWz04E7UoW0P8D4CSUeIx0%26code_challenge%3DZmKI6snjlIoRb5A0JRwoUaNu5oWe6RTToo54G9XR824%26code_challenge_method%3DS256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 14:42:04 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 13 Mar 2024 11:12:12 GMT
server
nginx
etag
W/"65f18a0c-5bcc"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
expires
Wed, 20 Mar 2024 14:42:04 GMT
listener.js
idp.vabi.nl/static/js/ 		2 KB
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://idp.vabi.nl/static/js/listener.js
Requested by
Host: idp.vabi.nl
URL: https://idp.vabi.nl/accounts/login/?next=/o/authorize/%3Fclient_id%3DiqVCoYXFgkPdM4LCH5Ew6uhV5i1RFCVSDNyMAOwy%26scope%3Dopenid%2520profile%2520email%2520phone%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fcloud.vabi.nl%252Fapi%252Fauth%252Fcallback%252Fvabi%26state%3DGDGtXiTF1Jk6EjWC8CLBOsWz04E7UoW0P8D4CSUeIx0%26code_challenge%3DZmKI6snjlIoRb5A0JRwoUaNu5oWe6RTToo54G9XR824%26code_challenge_method%3DS256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.103.129.136 , Sweden, ASN197332 (SE-VITEC-AS, SE),
Reverse DNS
136-129.vitec.se
Software
nginx /
Resource Hash
305322a9d35cf5580870a61f20b8362074808f8351dfeb33c809137574b2eb3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://idp.vabi.nl/accounts/login/?next=/o/authorize/%3Fclient_id%3DiqVCoYXFgkPdM4LCH5Ew6uhV5i1RFCVSDNyMAOwy%26scope%3Dopenid%2520profile%2520email%2520phone%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fcloud.vabi.nl%252Fapi%252Fauth%252Fcallback%252Fvabi%26state%3DGDGtXiTF1Jk6EjWC8CLBOsWz04E7UoW0P8D4CSUeIx0%26code_challenge%3DZmKI6snjlIoRb5A0JRwoUaNu5oWe6RTToo54G9XR824%26code_challenge_method%3DS256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 14:42:04 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 13 Mar 2024 11:12:12 GMT
server
nginx
etag
W/"65f18a0c-690"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
expires
Wed, 20 Mar 2024 14:42:04 GMT
flowbite.min.js
cdnjs.cloudflare.com/ajax/libs/flowbite/1.8.1/ 		63 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/flowbite/1.8.1/flowbite.min.js
Requested by
Host: idp.vabi.nl
URL: https://idp.vabi.nl/accounts/login/?next=/o/authorize/%3Fclient_id%3DiqVCoYXFgkPdM4LCH5Ew6uhV5i1RFCVSDNyMAOwy%26scope%3Dopenid%2520profile%2520email%2520phone%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fcloud.vabi.nl%252Fapi%252Fauth%252Fcallback%252Fvabi%26state%3DGDGtXiTF1Jk6EjWC8CLBOsWz04E7UoW0P8D4CSUeIx0%26code_challenge%3DZmKI6snjlIoRb5A0JRwoUaNu5oWe6RTToo54G9XR824%26code_challenge_method%3DS256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f872ac788245e37f42ac620e27c57ad6c24709509ceb37435c48c35c119e6506
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 14:42:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1170181
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12376
last-modified
Wed, 02 Aug 2023 03:36:34 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c9cf42-3058"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqXXpqVFZVAAVwKYOTF2hkFpg8Nq4ocXzzVNPoHUvvmPr8vVkZi21L4dvTofg%2Bp6GwadCjIPURjSjukbcZJN0FQW%2FgLPoZXjS6%2BsUu44R%2FhHPrD0O23RkSfw7TAaa6asAQVb%2FcpF64lwbjU6vg%2FUa2Vl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
863cc9e1ba41440b-EWR
expires
Mon, 03 Mar 2025 14:42:05 GMT
css2
fonts.googleapis.com/ 		25 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: idp.vabi.nl
URL: https://idp.vabi.nl/static/css/dist/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7cceadb4823793b6c7eb02fc3f5722cf06fe598f32e1e64b6d6d9bcc01ae95cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 13 Mar 2024 14:42:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 13 Mar 2024 14:42:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Mar 2024 14:42:05 GMT
truncated
/ 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
175b2e7e6c8f8e655a422f63a5523497e622e36b84732e6a3263ec479eb02eb9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://idp.vabi.nl
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 06:52:14 GMT
x-content-type-options
nosniff
age
28191
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 06:52:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://idp.vabi.nl
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 06:53:24 GMT
x-content-type-options
nosniff
age
28121
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 06:53:24 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://idp.vabi.nl
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 21:23:48 GMT
x-content-type-options
nosniff
age
148697
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Mar 2025 21:23:48 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fieldLabelErrorUpdate function| onFieldEvents function| Accordion function| initAccordions function| Carousel function| initCarousels function| Collapse function| initCollapses function| Dial function| initDials function| Dismiss function| initDismisses function| Drawer function| initDrawers function| Dropdown function| initDropdowns function| Modal function| initModals function| Popover function| initPopovers function| Tabs function| initTabs function| Tooltip function| initTooltips function| initFlowbite object| Flowbite

5 Cookies

Domain/Path Name / Value
app.vabi.nl/ Name: __Host-next-auth.csrf-token
Value: 5a8e57fa9034db72fc4509781cb3d8141009994efc271aa9d402e5f597b2d7e2%7C6129e1261d2505cda282453ae359531a2cfc2a0a2dcd0efb130abef1763be9fa
app.vabi.nl/ Name: __Secure-next-auth.callback-url
Value: https%3A%2F%2Fcloud.vabi.nl
app.vabi.nl/ Name: __Secure-next-auth.state
Value: eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0..D-iy7e1A99qYMI7r.QHjgAjderwlvOgE1GmIUgOAEuq3RbezWfhoKWkxbeKh7fYRLoodAMA-Ao8moFzwTVYbnDXclXjhSrjMYLp4ie9oUuANSQPTvrAaa5kCAhPwEfuvqbmTWup35k2vsXxNSwFGwhDmiRB8yBFUj6Tw2P5h1oennrhmXcQrjveGwr85NDH_hVIY.ZnjUoW4__wpXn-ysRDtDCg
app.vabi.nl/ Name: __Secure-next-auth.pkce.code_verifier
Value: eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0..98pcIjdzoDS-3qXA.TCeIJs6tunuQxtOzAJC-imAaWiNUxp0JiPBrB6Fxf01t2JqoPINm6JkGtQLx7Cl_a80Xi6HtZpMG3FxemWAbcxC_npi5T2adw5mYJKz2n3YLKBv52fuLEU5waOIm5IQiXL8lHlDDHEpTLx5bfoDN4Sa0bPMgg55pm6cVLFDD3X9o0DyLzXU.dUYb1aFNRQ0_3_FZMXmDXg
idp.vabi.nl/ Name: csrftoken
Value: nOEjzOndWaB2Nz2vKEU7xx0AQ55RYVQG

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.vabi.nl
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
idp.vabi.nl
194.103.129.136
20.105.232.5
2606:4700::6811:190e
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c1d::5e
079e6bab72f35c706a90eda521f6d0689ae17dcb94e71290a25f8e47af74f579
1132e607273eb5d5c1574b9d8576c85b310097f6ee89222848426c72f9063676
175b2e7e6c8f8e655a422f63a5523497e622e36b84732e6a3263ec479eb02eb9
1b209d126d5b9b8604038206c48a615d88f515ef51773fc35b56ccd127e6f58c
264446daca36ec8c77e0287d58c9b3a949148d8760de1b8eaaea73b150543097
305322a9d35cf5580870a61f20b8362074808f8351dfeb33c809137574b2eb3e
3c1f3aed0da30f0f4d86e42083da2641a2c4e388cd86d55f2460bc8ed4723952
425f32c9b20215dc6fe9be01dc49b2e804cb0429031347ff6d1567d72eae804d
5151ae99bfe11a277181a397dd5bee8165b8bb9163503e447defa0b4e488e36e
63e6aa6fce7b06107cbca157e256154b4600e5082858ec428d5b628f88ce6508
6a731bb68cfef6a9cd209e92109582c0718d6930f52096d3d3a5bfb65aa9523b
72ced5e8cc0da9e0cecd125c44081c48c51c0339f13d7c39ca1c32728fb22988
7cceadb4823793b6c7eb02fc3f5722cf06fe598f32e1e64b6d6d9bcc01ae95cd
7dd2d5c432d673e0f20d670ae1ce55e27ccf762b1e32689f58359adbc25c4b49
7ee741f301f6e740ce4c1f8382e5161566794477e6a4eb51dcdffae29df79273
882ddbb8d4f415eb5f239d267c91a2e4430abb105c0bd6b22593363879ed1557
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b8152e13e4567bb63690c951980a76633e3a45c63aeab45aea49b10ad34aa142
bc49838cd86ad1083e31e1c431b2c5ae174029b270e65ad739150450d02914ab
c05e1062f2ff514202c462f7627df37ea9669dbe17d02d04f0095e4a7d3c7186
c1f19f5840a8223384369bd1d7c26f38d2e9d7d10aee35da0bf96c07f1d2e0a2
d43f46749189468700c3c5829a5fec8282e46027979ff99c5a0b891bb9b5e0ec
d4d9980601418e6f7beab87074771968c393c03c51a0541f32557d1408b6196c
dedbd01199c5ab58820260dee5e79c3c9e44a5475d1ca53e61a36ff45d8127fb
e3c7c1999bf11f7ce9aaf438f66b4aee96a5669c18964dae0bfccb022760234b
ef1e0217df9aa21ce08ff83449837afb4d1013adce84cc71f14f5023c80d33a1
f4bcd6b673d2e853cdc0b0769133741c55aa247f012dfd58640f115c3df39f68
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f872ac788245e37f42ac620e27c57ad6c24709509ceb37435c48c35c119e6506