urlscan.io logo urlscan.io
SecurityTrails logo

blogin.baloise.be Open in urlscan Pro
2606:4700:10::6814:2f4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://link.news.baloise.be/m/ml/200154/507172/xWkCWqHQIQVfAY35mF6TwQ==/RvkGSmOIFQq6kXvItf5iIhTE7WBxiGxfQxzNRsWwWhk=/
Effective URL: https://blogin.baloise.be/login
Submission: On April 15 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 2 domains to perform 25 HTTP transactions. The main IP is 2606:4700:10::6814:2f4, located in United States and belongs to CLOUDFLARENET, US. The main domain is blogin.baloise.be.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on July 27th 2023. Valid for: a year.
This is the only time blogin.baloise.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 80.169.111.143 8220 (COLT COLT...)
3 3 193.134.75.56 48857 (BASLER-AS)
1 4 2606:4700:10:... 13335 (CLOUDFLAR...)
2 24 2606:4700:10:... 13335 (CLOUDFLAR...)
25 3
Apex Domain
Subdomains		 Transfer
29 baloise.be
link.news.baloise.be
token.baloise.be
blogin.baloise.be
284 KB
3 mybaloise.be
mybaloise.be
3 KB
25 2
Domain Requested by
24 blogin.baloise.be 2 redirects blogin.baloise.be
4 token.baloise.be 1 redirects token.baloise.be
3 mybaloise.be 3 redirects
1 link.news.baloise.be 1 redirects
25 4

This site contains links to these domains. Also see Links.

Domain
home.mybaloise.be
www.baloise.be
Subject Issuer Validity Valid
*.baloise.be
GlobalSign GCC R3 DV TLS CA 2020		 2023-10-12 -
2024-11-12		 a year crt.sh
login.baloise.be
GlobalSign GCC R3 DV TLS CA 2020		 2023-07-27 -
2024-08-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://blogin.baloise.be/login
Frame ID: C6943CC597166F9A2B49D61086BBC702
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Baloise

Page URL History Show full URLs

  1. http://link.news.baloise.be/m/ml/200154/507172/xWkCWqHQIQVfAY35mF6TwQ==/RvkGSmOIFQq6kXvItf5iIhTE7WBxiGxf... HTTP 307
    https://link.news.baloise.be/m/ml/200154/507172/xWkCWqHQIQVfAY35mF6TwQ==/RvkGSmOIFQq6kXvItf5iIhTE7WBxiGxf... HTTP 307
    https://mybaloise.be/MyBaloiseBroker/nl-BE/page/ContactList?actId=ebwp0YMB8s2eYyAIU4y3p9UcvuQDVN7... HTTP 302
    https://mybaloise.be/MyBaloiseBroker/LogOn?returnUrl=%2FMyBaloiseBroker%2Fnl-BE%2Fpage%2FContactL... HTTP 302
    https://mybaloise.be/MyBaloiseBroker/nl-BE/LogOn/OneginiLogin?returnUrl=%2FMyBaloiseBroker%2Fnl-B... HTTP 302
    https://token.baloise.be/oauth/v1/authorize?client_id=DB9488C002C38B5F9421D95A86094309AB31C1B5FA57219... HTTP 302
    https://token.baloise.be/oauth/saml/authorize?transaction_id=224CF85B1123C016220A88BD703FC0EE3C157593... Page URL
  2. https://blogin.baloise.be/saml/single-sign-on HTTP 302
    https://blogin.baloise.be/saml/authn-response HTTP 302
    https://blogin.baloise.be/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

4
Subdomains

3
IPs

3
Countries

281 kB
Transfer

461 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://link.news.baloise.be/m/ml/200154/507172/xWkCWqHQIQVfAY35mF6TwQ==/RvkGSmOIFQq6kXvItf5iIhTE7WBxiGxfQxzNRsWwWhk=/ HTTP 307
    https://link.news.baloise.be/m/ml/200154/507172/xWkCWqHQIQVfAY35mF6TwQ==/RvkGSmOIFQq6kXvItf5iIhTE7WBxiGxfQxzNRsWwWhk=/ HTTP 307
    https://mybaloise.be/MyBaloiseBroker/nl-BE/page/ContactList?actId=ebwp0YMB8s2eYyAIU4y3p9UcvuQDVN7aQskTnitAEcoAt9TK6qOUOK3BUaQ-wSvy&actCampaignType=CAMPAIGN_MAIL&actSource=507172 HTTP 302
    https://mybaloise.be/MyBaloiseBroker/LogOn?returnUrl=%2FMyBaloiseBroker%2Fnl-BE%2Fpage%2FContactList%3FactId%3Debwp0YMB8s2eYyAIU4y3p9UcvuQDVN7aQskTnitAEcoAt9TK6qOUOK3BUaQ-wSvy%26actCampaignType%3DCAMPAIGN_MAIL%26actSource%3D507172 HTTP 302
    https://mybaloise.be/MyBaloiseBroker/nl-BE/LogOn/OneginiLogin?returnUrl=%2FMyBaloiseBroker%2Fnl-BE%2Fpage%2FContactList%3FactId%3Debwp0YMB8s2eYyAIU4y3p9UcvuQDVN7aQskTnitAEcoAt9TK6qOUOK3BUaQ-wSvy%26actCampaignType%3DCAMPAIGN_MAIL%26actSource%3D507172 HTTP 302
    https://token.baloise.be/oauth/v1/authorize?client_id=DB9488C002C38B5F9421D95A86094309AB31C1B5FA572191B223FE1A943D1B88&redirect_uri=https%3A%2F%2Fmybaloise.be%2FMyBaloiseBroker%2FSignin-oidc&response_type=code&scope=openid&code_challenge=A6EozhV-kX4XR9u84DWYYBWLJ3Scwj29RtVTOzM--qg&code_challenge_method=S256&state=OpenIdConnect.AuthenticationProperties%3D3bFcv_1g4R0sss70l9n62IP9zTLwz8HLPwmMcN06gndmBiFMLDWhV9n7_YlQuqnuf1-FGU3bX0KIYchCBfU1GGClMpl676674UhMVZotoLqZoq8xwLsYBL-GHy_3WoBKjWOVofFuzqtHq-GDBYhJ9dz54U_SvZA4371qm2WIC-AEEJV8iEIgnkkmZpGNTe8S5Sp5rT8P4ALwBpq0V44sA0j7aqVnyniIkzx7lYtgEgH_4BGkqfxSsv_NdBw7bwNeQYFY9-OvlSiCRahvI5NdVV2cJkwHzMJxyV-F5k5dUCZNoVmQ9ltGHYLBsje9eCvYrUT8kaxRx5wmzYaDjWFEk5QW3GJXLZPbFbS0nXzP1aJpOZ-ZRdwu0_qoL-lXifBeKYwdEjs0cIanxs68C8kfvft6MuOGJhSIxjLEotuKodzzxahd0wxuYSwbi2PDD19EXtwPcAXFBezs7Ct3qplloCrgisf9taBt9-a47dZrFRFC58fOhxSyjiYPtGcJN14fNEYhlVUPUnFjDr1MXT1JqIm2OwruI7TLku-iRS51KgmBldhTvEFcGXFNrBggoI-CAhrTsBoQL-az8TQsGWm96SG4cR9L-Z8LTGqZBYejDnoIIYVq&response_mode=form_post&nonce=638487765994239141.NzIzZDBhNzYtZDc4Yi00YWFjLTg2NTgtMjUzMTEwYTIyNmMwODk1Y2ZhMGMtODMxZS00MTZkLWI4ZjYtYzJmODQ4OWVkMWMz&post_logout_redirect_uri=https%3A%2F%2Fmybaloise.be%2FMyBaloiseBroker%2Fnl-BE%2FHome%2FIndex&x-client-SKU=ID_NET472&x-client-ver=6.31.0.0 HTTP 302
    https://token.baloise.be/oauth/saml/authorize?transaction_id=224CF85B1123C016220A88BD703FC0EE3C15759305B00987C62B860E41F9961619042C0AE58E7E8398C73A39D42BFB55127224D2140F2782A491CC873B819468 Page URL
  2. https://blogin.baloise.be/saml/single-sign-on HTTP 302
    https://blogin.baloise.be/saml/authn-response HTTP 302
    https://blogin.baloise.be/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://link.news.baloise.be/m/ml/200154/507172/xWkCWqHQIQVfAY35mF6TwQ==/RvkGSmOIFQq6kXvItf5iIhTE7WBxiGxfQxzNRsWwWhk=/ HTTP 307
  • https://link.news.baloise.be/m/ml/200154/507172/xWkCWqHQIQVfAY35mF6TwQ==/RvkGSmOIFQq6kXvItf5iIhTE7WBxiGxfQxzNRsWwWhk=/ HTTP 307
  • https://mybaloise.be/MyBaloiseBroker/nl-BE/page/ContactList?actId=ebwp0YMB8s2eYyAIU4y3p9UcvuQDVN7aQskTnitAEcoAt9TK6qOUOK3BUaQ-wSvy&actCampaignType=CAMPAIGN_MAIL&actSource=507172 HTTP 302
  • https://mybaloise.be/MyBaloiseBroker/LogOn?returnUrl=%2FMyBaloiseBroker%2Fnl-BE%2Fpage%2FContactList%3FactId%3Debwp0YMB8s2eYyAIU4y3p9UcvuQDVN7aQskTnitAEcoAt9TK6qOUOK3BUaQ-wSvy%26actCampaignType%3DCAMPAIGN_MAIL%26actSource%3D507172 HTTP 302
  • https://mybaloise.be/MyBaloiseBroker/nl-BE/LogOn/OneginiLogin?returnUrl=%2FMyBaloiseBroker%2Fnl-BE%2Fpage%2FContactList%3FactId%3Debwp0YMB8s2eYyAIU4y3p9UcvuQDVN7aQskTnitAEcoAt9TK6qOUOK3BUaQ-wSvy%26actCampaignType%3DCAMPAIGN_MAIL%26actSource%3D507172 HTTP 302
  • https://token.baloise.be/oauth/v1/authorize?client_id=DB9488C002C38B5F9421D95A86094309AB31C1B5FA572191B223FE1A943D1B88&redirect_uri=https%3A%2F%2Fmybaloise.be%2FMyBaloiseBroker%2FSignin-oidc&response_type=code&scope=openid&code_challenge=A6EozhV-kX4XR9u84DWYYBWLJ3Scwj29RtVTOzM--qg&code_challenge_method=S256&state=OpenIdConnect.AuthenticationProperties%3D3bFcv_1g4R0sss70l9n62IP9zTLwz8HLPwmMcN06gndmBiFMLDWhV9n7_YlQuqnuf1-FGU3bX0KIYchCBfU1GGClMpl676674UhMVZotoLqZoq8xwLsYBL-GHy_3WoBKjWOVofFuzqtHq-GDBYhJ9dz54U_SvZA4371qm2WIC-AEEJV8iEIgnkkmZpGNTe8S5Sp5rT8P4ALwBpq0V44sA0j7aqVnyniIkzx7lYtgEgH_4BGkqfxSsv_NdBw7bwNeQYFY9-OvlSiCRahvI5NdVV2cJkwHzMJxyV-F5k5dUCZNoVmQ9ltGHYLBsje9eCvYrUT8kaxRx5wmzYaDjWFEk5QW3GJXLZPbFbS0nXzP1aJpOZ-ZRdwu0_qoL-lXifBeKYwdEjs0cIanxs68C8kfvft6MuOGJhSIxjLEotuKodzzxahd0wxuYSwbi2PDD19EXtwPcAXFBezs7Ct3qplloCrgisf9taBt9-a47dZrFRFC58fOhxSyjiYPtGcJN14fNEYhlVUPUnFjDr1MXT1JqIm2OwruI7TLku-iRS51KgmBldhTvEFcGXFNrBggoI-CAhrTsBoQL-az8TQsGWm96SG4cR9L-Z8LTGqZBYejDnoIIYVq&response_mode=form_post&nonce=638487765994239141.NzIzZDBhNzYtZDc4Yi00YWFjLTg2NTgtMjUzMTEwYTIyNmMwODk1Y2ZhMGMtODMxZS00MTZkLWI4ZjYtYzJmODQ4OWVkMWMz&post_logout_redirect_uri=https%3A%2F%2Fmybaloise.be%2FMyBaloiseBroker%2Fnl-BE%2FHome%2FIndex&x-client-SKU=ID_NET472&x-client-ver=6.31.0.0 HTTP 302
  • https://token.baloise.be/oauth/saml/authorize?transaction_id=224CF85B1123C016220A88BD703FC0EE3C15759305B00987C62B860E41F9961619042C0AE58E7E8398C73A39D42BFB55127224D2140F2782A491CC873B819468

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
authorize
token.baloise.be/oauth/saml/
Redirect Chain
  • http://link.news.baloise.be/m/ml/200154/507172/xWkCWqHQIQVfAY35mF6TwQ==/RvkGSmOIFQq6kXvItf5iIhTE7WBxiGxfQxzNRsWwWhk=/
  • https://link.news.baloise.be/m/ml/200154/507172/xWkCWqHQIQVfAY35mF6TwQ==/RvkGSmOIFQq6kXvItf5iIhTE7WBxiGxfQxzNRsWwWhk=/
  • https://mybaloise.be/MyBaloiseBroker/nl-BE/page/ContactList?actId=ebwp0YMB8s2eYyAIU4y3p9UcvuQDVN7aQskTnitAEcoAt9TK6qOUOK3BUaQ-wSvy&actCampaignType=CAMPAIGN_MAIL&actSource=507172
  • https://mybaloise.be/MyBaloiseBroker/LogOn?returnUrl=%2FMyBaloiseBroker%2Fnl-BE%2Fpage%2FContactList%3FactId%3Debwp0YMB8s2eYyAIU4y3p9UcvuQDVN7aQskTnitAEcoAt9TK6qOUOK3BUaQ-wSvy%26actCampaignType%3DC...
  • https://mybaloise.be/MyBaloiseBroker/nl-BE/LogOn/OneginiLogin?returnUrl=%2FMyBaloiseBroker%2Fnl-BE%2Fpage%2FContactList%3FactId%3Debwp0YMB8s2eYyAIU4y3p9UcvuQDVN7aQskTnitAEcoAt9TK6qOUOK3BUaQ-wSvy%26...
  • https://token.baloise.be/oauth/v1/authorize?client_id=DB9488C002C38B5F9421D95A86094309AB31C1B5FA572191B223FE1A943D1B88&redirect_uri=https%3A%2F%2Fmybaloise.be%2FMyBaloiseBroker%2FSignin-oidc&respon...
  • https://token.baloise.be/oauth/saml/authorize?transaction_id=224CF85B1123C016220A88BD703FC0EE3C15759305B00987C62B860E41F9961619042C0AE58E7E8398C73A39D42BFB55127224D2140F2782A491CC873B819468
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://token.baloise.be/oauth/saml/authorize?transaction_id=224CF85B1123C016220A88BD703FC0EE3C15759305B00987C62B860E41F9961619042C0AE58E7E8398C73A39D42BFB55127224D2140F2782A491CC873B819468
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:d6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e55223e399689395be96ff66b49f977e873b749ddcae5b2a5373e317caf611f3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
874b86555d088f3e-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Mon, 15 Apr 2024 11:16:40 GMT
expires
0
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff

Redirect headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
874b86545c168f3e-FRA
content-length
0
content-type
text/plain
date
Mon, 15 Apr 2024 11:16:39 GMT
expires
0
location
https://token.baloise.be/oauth/saml/authorize?transaction_id=224CF85B1123C016220A88BD703FC0EE3C15759305B00987C62B860E41F9961619042C0AE58E7E8398C73A39D42BFB55127224D2140F2782A491CC873B819468
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
submit.js
token.baloise.be/oauth/static/saml/js/ 		54 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://token.baloise.be/oauth/static/saml/js/submit.js
Requested by
Host: token.baloise.be
URL: https://token.baloise.be/oauth/saml/authorize?transaction_id=224CF85B1123C016220A88BD703FC0EE3C15759305B00987C62B860E41F9961619042C0AE58E7E8398C73A39D42BFB55127224D2140F2782A491CC873B819468
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:d6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a95a08d02db9e158b7b37230b1ade7976ae2afac7d7866925b76148e8ee4eccb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://token.baloise.be/oauth/saml/authorize?transaction_id=224CF85B1123C016220A88BD703FC0EE3C15759305B00987C62B860E41F9961619042C0AE58E7E8398C73A39D42BFB55127224D2140F2782A491CC873B819468
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 11:16:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 14 Jul 2023 09:16:02 GMT
server
cloudflare
age
6967
cf-polished
origSize=62
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript
content-encoding
br
cache-control
max-age=14400
cf-ray
874b8656ae758f3e-FRA
Primary Request login
blogin.baloise.be/
Redirect Chain
  • https://blogin.baloise.be/saml/single-sign-on
  • https://blogin.baloise.be/saml/authn-response
  • https://blogin.baloise.be/login
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blogin.baloise.be/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
224e169530dd5a47a31c55860801ccd18e2796596dddba52af611a3877b4db93
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Content-Type
application/x-www-form-urlencoded
Origin
https://token.baloise.be
Referer
https://token.baloise.be/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
874b86592d532c2a-FRA
content-encoding
br
content-language
nl
content-type
text/html;charset=UTF-8
date
Mon, 15 Apr 2024 11:16:40 GMT
p3p
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
DENY
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
874b8658bcc82c2a-FRA
content-length
0
date
Mon, 15 Apr 2024 11:16:40 GMT
location
https://blogin.baloise.be/login
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
favicon.ico
token.baloise.be/ 		21 B
119 B 		Other
General
Check archive.org
Download Go to
Full URL
https://token.baloise.be/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:d6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://token.baloise.be/oauth/saml/authorize?transaction_id=224CF85B1123C016220A88BD703FC0EE3C15759305B00987C62B860E41F9961619042C0AE58E7E8398C73A39D42BFB55127224D2140F2782A491CC873B819468
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 11:16:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
server
cloudflare
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
cache-control
max-age=14400
cf-ray
874b8656eeae8f3e-FRA
content-length
21
branding.css
blogin.baloise.be/static/baloise/css/ 		68 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogin.baloise.be/static/baloise/css/branding.css
Requested by
Host: blogin.baloise.be
URL: https://blogin.baloise.be/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bf14cb06915412a8a7967c259ccf12a2e405ca27dd3c991f35f418be5242727
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://blogin.baloise.be/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 11:16:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Mon, 15 Apr 2024 08:37:26 GMT
server
cloudflare
content-encoding
br
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
text/css;charset=UTF-8
p3p
cache-control
max-age=14400
cf-ray
874b8659cdf52c2a-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
page-data.js
blogin.baloise.be/static/js/ 		172 B
219 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blogin.baloise.be/static/js/page-data.js?v=2de755d
Requested by
Host: blogin.baloise.be
URL: https://blogin.baloise.be/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
045f70f9f342812bc8ed6c47b331eab5796d15518d04345dc127a9dc6d595f26
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://blogin.baloise.be/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 11:16:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
cf-polished
origSize=231
p3p
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
cf-bgj
minify
last-modified
Tue, 19 Dec 2023 14:24:40 GMT
server
cloudflare
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/javascript;charset=UTF-8
cache-control
max-age=14400
cf-ray
874b8659cdf92c2a-FRA
dropdown.js
blogin.baloise.be/static/baloise/js/ 		321 B
312 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blogin.baloise.be/static/baloise/js/dropdown.js
Requested by
Host: blogin.baloise.be
URL: https://blogin.baloise.be/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
130c9cd061c37d49b4ee2f2c0592a60295feb33aeb3fcf9ef5e0aa3fee95ec94
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://blogin.baloise.be/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 11:16:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Mon, 15 Apr 2024 08:37:26 GMT
server
cloudflare
content-encoding
br
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/javascript;charset=UTF-8
p3p
cache-control
max-age=14400
cf-ray
874b8659cdfb2c2a-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
jquery-3.5.1.min.js
blogin.baloise.be/static/baloise/js/external/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogin.baloise.be/static/baloise/js/external/jquery-3.5.1.min.js
Requested by
Host: blogin.baloise.be
URL: https://blogin.baloise.be/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://blogin.baloise.be/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 11:16:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Mon, 15 Apr 2024 08:37:26 GMT
server
cloudflare
content-encoding
br
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/javascript;charset=UTF-8
p3p
cache-control
max-age=14400
cf-ray
874b8659cdfc2c2a-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
jquery.validate.min.js
blogin.baloise.be/static/baloise/js/external/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogin.baloise.be/static/baloise/js/external/jquery.validate.min.js
Requested by
Host: blogin.baloise.be
URL: https://blogin.baloise.be/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f8b113d018450dd03dbcd8e00039907996221888e766df08cf827cb1df63cdd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://blogin.baloise.be/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 11:16:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Mon, 15 Apr 2024 08:37:26 GMT
server
cloudflare
content-encoding
br
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/javascript;charset=UTF-8
p3p
cache-control
max-age=14400
cf-ray
874b8659cdfe2c2a-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
chosen.jquery.min.js
blogin.baloise.be/webjars/chosen/1.0.0/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogin.baloise.be/webjars/chosen/1.0.0/chosen.jquery.min.js
Requested by
Host: blogin.baloise.be
URL: https://blogin.baloise.be/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdf7377ff0283ac0f89861a0563d2e9362adad64b0400e4cdc7b61c297245349
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://blogin.baloise.be/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 11:16:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Tue, 30 Jul 2013 12:06:40 GMT
server
cloudflare
content-encoding
br
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/javascript;charset=UTF-8
p3p
cache-control
max-age=14400
cf-ray
874b8659cdff2c2a-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
dismiss-toast.js
blogin.baloise.be/static/baloise/js/ 		75 B
133 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blogin.baloise.be/static/baloise/js/dismiss-toast.js
Requested by
Host: blogin.baloise.be
URL: https://blogin.baloise.be/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11bd636a554509aba04116c802aace1e9d9cbe474892f34aef4a082e2ade3bfc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://blogin.baloise.be/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 11:16:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Mon, 15 Apr 2024 08:37:26 GMT
server
cloudflare
content-encoding
br
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/javascript;charset=UTF-8
p3p
cache-control
max-age=14400
cf-ray
874b8659ce002c2a-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
onegini-all.min.js
blogin.baloise.be/webjars/og-commons-web/7/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogin.baloise.be/webjars/og-commons-web/7/onegini-all.min.js
Requested by
Host: blogin.baloise.be
URL: https://blogin.baloise.be/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ce35616bb160adbc2031756a4f7e96dfba630d466365d52d3c7fd9f7fb0e6e2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://blogin.baloise.be/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 11:16:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Thu, 16 Jan 2014 16:19:16 GMT
server
cloudflare
content-encoding
br
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/javascript;charset=UTF-8
p3p
cache-control
max-age=14400
cf-ray
874b8659ce012c2a-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
scripts.js
blogin.baloise.be/static/baloise/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogin.baloise.be/static/baloise/js/scripts.js?v=2de755d
Requested by
Host: blogin.baloise.be
URL: https://blogin.baloise.be/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5215344d72863fc39f69370da617c2143b63ad263ac9d1f7181f7012af6bb8f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://blogin.baloise.be/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 11:16:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Mon, 15 Apr 2024 08:37:26 GMT
server
cloudflare
content-encoding
br
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/javascript;charset=UTF-8
p3p
cache-control
max-age=14400
cf-ray
874b8659ce022c2a-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
login.js
blogin.baloise.be/static/js/ 		856 B
420 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blogin.baloise.be/static/js/login.js?v=2de755d
Requested by
Host: blogin.baloise.be
URL: https://blogin.baloise.be/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94ca68397a0d1c456a09203042b4ef08294cb131dfb0985c6fb6b9a238da7712
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://blogin.baloise.be/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 11:16:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Mon, 15 Apr 2024 08:37:26 GMT
server
cloudflare
content-encoding
br
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/javascript;charset=UTF-8
p3p
cache-control
max-age=14400
cf-ray
874b8659ce032c2a-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
unmask-password.js
blogin.baloise.be/static/baloise/js/ 		340 B
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blogin.baloise.be/static/baloise/js/unmask-password.js
Requested by
Host: blogin.baloise.be
URL: https://blogin.baloise.be/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741abf972e3dd6a08933554f0cd7c8d3fbcbbdae6b526eed97911493a3d3ece3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://blogin.baloise.be/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 11:16:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Mon, 15 Apr 2024 08:37:26 GMT
server
cloudflare
content-encoding
br
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/javascript;charset=UTF-8
p3p
cache-control
max-age=14400
cf-ray
874b8659ce042c2a-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
dismiss-toast.js
blogin.baloise.be/static/baloise/js/ 		75 B
133 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blogin.baloise.be/static/baloise/js/dismiss-toast.js?v=2de755d
Requested by
Host: blogin.baloise.be
URL: https://blogin.baloise.be/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11bd636a554509aba04116c802aace1e9d9cbe474892f34aef4a082e2ade3bfc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://blogin.baloise.be/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 11:16:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Mon, 15 Apr 2024 08:37:26 GMT
server
cloudflare
content-encoding
br
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/javascript;charset=UTF-8
p3p
cache-control
max-age=14400
cf-ray
874b8659ce052c2a-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
truncated
/ 		19 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
686cdd31232667e277f4f790da9a729b3bb2ef5ee96cf9657ba72cac24edd71d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1a9923ec0094bf1c2c8b673dc49526206c48584a822c2cc4ad0f872b91d9976

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
earth.svg
blogin.baloise.be/static/baloise/img/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogin.baloise.be/static/baloise/img/earth.svg
Requested by
Host: blogin.baloise.be
URL: https://blogin.baloise.be/static/baloise/css/branding.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ed45d5b3ef51d20790a50dd57955a1dc0e5ffa9dc056410788bb20e48757637
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://blogin.baloise.be/static/baloise/css/branding.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 11:16:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Mon, 15 Apr 2024 08:37:26 GMT
server
cloudflare
content-encoding
br
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
image/svg+xml;charset=UTF-8
p3p
cache-control
max-age=14400
cf-ray
874b865afef82c2a-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
caret-down.svg
blogin.baloise.be/static/baloise/img/ 		700 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogin.baloise.be/static/baloise/img/caret-down.svg
Requested by
Host: blogin.baloise.be
URL: https://blogin.baloise.be/static/baloise/css/branding.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3500ea42f2d5193ab090a17bbd9aabdaf3e25ecfe9d738dc25928170c498502d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://blogin.baloise.be/static/baloise/css/branding.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 11:16:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Mon, 15 Apr 2024 08:37:26 GMT
server
cloudflare
content-encoding
br
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
image/svg+xml;charset=UTF-8
p3p
cache-control
max-age=14400
cf-ray
874b865afef92c2a-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
caret-left.svg
blogin.baloise.be/static/baloise/img/ 		701 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogin.baloise.be/static/baloise/img/caret-left.svg
Requested by
Host: blogin.baloise.be
URL: https://blogin.baloise.be/static/baloise/css/branding.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7957badeae64f55818fc13a3cbce0d75417e98a33f9df54eed8cb3e0717508fd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://blogin.baloise.be/static/baloise/css/branding.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 11:16:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Mon, 15 Apr 2024 08:37:26 GMT
server
cloudflare
content-encoding
br
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
image/svg+xml;charset=UTF-8
p3p
cache-control
max-age=14400
cf-ray
874b865afefa2c2a-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
BaloiseCreateText-regular.woff2
blogin.baloise.be/static/baloise/fonts/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blogin.baloise.be/static/baloise/fonts/BaloiseCreateText-regular.woff2
Requested by
Host: blogin.baloise.be
URL: https://blogin.baloise.be/static/baloise/css/branding.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4ff0253bd5ce57f4addfdf4384bb307ea16ee55ca2f5550e5400487ee44d887
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://blogin.baloise.be/static/baloise/css/branding.css
Origin
https://blogin.baloise.be
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 11:16:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
p3p
content-length
59656
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Mon, 15 Apr 2024 08:37:26 GMT
server
cloudflare
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/octet-stream;charset=UTF-8
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
874b865b0f012c2a-FRA
edit-view.svg
blogin.baloise.be/static/baloise/img/ 		642 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogin.baloise.be/static/baloise/img/edit-view.svg
Requested by
Host: blogin.baloise.be
URL: https://blogin.baloise.be/static/baloise/css/branding.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff2d0c724e7b8751cc159d300eb92627e9a796340009d1a75e69d620092a44df
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://blogin.baloise.be/static/baloise/css/branding.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 11:16:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Mon, 15 Apr 2024 08:37:26 GMT
server
cloudflare
content-encoding
br
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
image/svg+xml;charset=UTF-8
p3p
cache-control
max-age=14400
cf-ray
874b865afefb2c2a-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
portima.png
blogin.baloise.be/static/baloise/img/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogin.baloise.be/static/baloise/img/portima.png
Requested by
Host: blogin.baloise.be
URL: https://blogin.baloise.be/static/baloise/css/branding.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66105fe413f36cc8e25277214d875aa6be3515478d878cfedfc8513a07d2ac0c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://blogin.baloise.be/static/baloise/css/branding.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 11:16:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
p3p
content-length
22789
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Mon, 15 Apr 2024 08:37:26 GMT
server
cloudflare
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
image/png;charset=UTF-8
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
874b865afefc2c2a-FRA
BaloiseCreateHeadline-bold.woff2
blogin.baloise.be/static/baloise/fonts/ 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blogin.baloise.be/static/baloise/fonts/BaloiseCreateHeadline-bold.woff2
Requested by
Host: blogin.baloise.be
URL: https://blogin.baloise.be/static/baloise/css/branding.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
947eede657403bdaf91763dfa6a29d5bb6559476b47c9ddd34653be69bfcbd86
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://blogin.baloise.be/static/baloise/css/branding.css
Origin
https://blogin.baloise.be
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 11:16:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
p3p
content-length
58608
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Mon, 15 Apr 2024 08:37:26 GMT
server
cloudflare
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/octet-stream;charset=UTF-8
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
874b865b0f022c2a-FRA
BaloiseCreateText-bold.woff2
blogin.baloise.be/static/baloise/fonts/ 		60 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blogin.baloise.be/static/baloise/fonts/BaloiseCreateText-bold.woff2
Requested by
Host: blogin.baloise.be
URL: https://blogin.baloise.be/static/baloise/css/branding.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ece1f5ae3732bc15fc1fe02e4b4ceb844eb9aa826c590c9793335615fcb95b0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://blogin.baloise.be/static/baloise/css/branding.css
Origin
https://blogin.baloise.be
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 11:16:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
p3p
content-length
61056
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Mon, 15 Apr 2024 08:37:26 GMT
server
cloudflare
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/octet-stream;charset=UTF-8
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
874b865b0f042c2a-FRA
favicon-baloise.ico
blogin.baloise.be/static/baloise/img/ 		3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://blogin.baloise.be/static/baloise/img/favicon-baloise.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0249f9dc286d065f97137f30ee86cfe2f5bd7c7f1ec706289f08882ad0cf4886
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://blogin.baloise.be/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 11:16:41 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Mon, 15 Apr 2024 04:25:56 GMT
server
cloudflare
content-encoding
br
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
image/vnd.microsoft.icon;charset=UTF-8
p3p
cache-control
max-age=14400
cf-ray
874b865c38272c2a-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onegini string| blang string| path boolean| noLangPar function| $ function| jQuery undefined| __createElement undefined| __getElementById undefined| oListeners object| og undefined| runListeners object| i18n

11 Cookies

Domain/Path Name / Value
token.baloise.be/oauth Name: OG-CONFIG
Value: dd4d1e7d-252d-4c86-a0d4-fad3cc9240fc
token.baloise.be/oauth Name: LEGACY_OG-CONFIG
Value: dd4d1e7d-252d-4c86-a0d4-fad3cc9240fc
token.baloise.be/oauth Name: SESSION
Value: OWYyNGIxOGUtN2I5Yi00MDEyLTgyMzItYmVmMTVmMjNiMThh
token.baloise.be/oauth Name: LEGACY_SESSION
Value: OWYyNGIxOGUtN2I5Yi00MDEyLTgyMzItYmVmMTVmMjNiMThh
mybaloise.be/ Name: AL_SESS-S
Value: AV4dZAKGbexvDQZbcK28OsC_hxwAJz9EGIe0lBwrBlGV8TuYA7D_1Kr7gGNIaYBEDkDo
token.baloise.be/ Name: INGRESSCOOKIE
Value: 1f8a729055cf0f76
.blogin.baloise.be/ Name: idp_session_locale
Value: nl
.blogin.baloise.be/ Name: idp_session_magmt_token
Value: 6282658a-3fde-42ec-b497-576d3f6741d3
blogin.baloise.be/ Name: SESSION
Value: NjI4MjY1OGEtM2ZkZS00MmVjLWI0OTctNTc2ZDNmNjc0MWQz
blogin.baloise.be/ Name: legacy_SESSION
Value: NjI4MjY1OGEtM2ZkZS00MmVjLWI0OTctNTc2ZDNmNjc0MWQz
blogin.baloise.be/ Name: INGRESSCOOKIE
Value: 54bc8cdc112dfb63

1 Console Messages

Source Level URL
Text
network error URL: https://token.baloise.be/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogin.baloise.be
link.news.baloise.be
mybaloise.be
token.baloise.be
193.134.75.56
2606:4700:10::6814:2f4
2606:4700:10::6816:d6a
80.169.111.143
0249f9dc286d065f97137f30ee86cfe2f5bd7c7f1ec706289f08882ad0cf4886
045f70f9f342812bc8ed6c47b331eab5796d15518d04345dc127a9dc6d595f26
0ece1f5ae3732bc15fc1fe02e4b4ceb844eb9aa826c590c9793335615fcb95b0
11bd636a554509aba04116c802aace1e9d9cbe474892f34aef4a082e2ade3bfc
130c9cd061c37d49b4ee2f2c0592a60295feb33aeb3fcf9ef5e0aa3fee95ec94
224e169530dd5a47a31c55860801ccd18e2796596dddba52af611a3877b4db93
3500ea42f2d5193ab090a17bbd9aabdaf3e25ecfe9d738dc25928170c498502d
3bf14cb06915412a8a7967c259ccf12a2e405ca27dd3c991f35f418be5242727
5ce35616bb160adbc2031756a4f7e96dfba630d466365d52d3c7fd9f7fb0e6e2
66105fe413f36cc8e25277214d875aa6be3515478d878cfedfc8513a07d2ac0c
686cdd31232667e277f4f790da9a729b3bb2ef5ee96cf9657ba72cac24edd71d
741abf972e3dd6a08933554f0cd7c8d3fbcbbdae6b526eed97911493a3d3ece3
7957badeae64f55818fc13a3cbce0d75417e98a33f9df54eed8cb3e0717508fd
8ed45d5b3ef51d20790a50dd57955a1dc0e5ffa9dc056410788bb20e48757637
8f8b113d018450dd03dbcd8e00039907996221888e766df08cf827cb1df63cdd
947eede657403bdaf91763dfa6a29d5bb6559476b47c9ddd34653be69bfcbd86
94ca68397a0d1c456a09203042b4ef08294cb131dfb0985c6fb6b9a238da7712
a95a08d02db9e158b7b37230b1ade7976ae2afac7d7866925b76148e8ee4eccb
c5215344d72863fc39f69370da617c2143b63ad263ac9d1f7181f7012af6bb8f
cdf7377ff0283ac0f89861a0563d2e9362adad64b0400e4cdc7b61c297245349
e1a9923ec0094bf1c2c8b673dc49526206c48584a822c2cc4ad0f872b91d9976
e4ff0253bd5ce57f4addfdf4384bb307ea16ee55ca2f5550e5400487ee44d887
e55223e399689395be96ff66b49f977e873b749ddcae5b2a5373e317caf611f3
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
ff2d0c724e7b8751cc159d300eb92627e9a796340009d1a75e69d620092a44df