urlscan.io logo urlscan.io
SecurityTrails logo

w2.uam.bdsonline.nl Open in urlscan Pro
62.58.82.184  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://w5.wb.bngbank.nl/
Effective URL: https://w2.uam.bdsonline.nl/siteminderagent/forms/loginwbvasco.fcc?TYPE=33554432&REALMOID=06-bc9e211a-a508-4a42-903f-57f638c...
Submission: On June 17 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 6 HTTP transactions. The main IP is 62.58.82.184, located in The Hague, Netherlands and belongs to T-MOBILE AS for the Trans-European T-Mobile IP Transport backbone, NL. The main domain is w2.uam.bdsonline.nl.
TLS certificate: Issued by Sectigo RSA Extended Validation Secur... on June 14th 2022. Valid for: a year.
This is the only time w2.uam.bdsonline.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 62.58.82.189 13127 (T-MOBILE ...)
1 1 87.215.97.2 13127 (T-MOBILE ...)
6 62.58.82.184 13127 (T-MOBILE ...)
6 1
Apex Domain
Subdomains		 Transfer
6 bdsonline.nl
w2.uam.bdsonline.nl
250 KB
3 bngbank.nl
w5.wb.bngbank.nl
w2.idp.bngbank.nl
2 KB
6 2
Domain Requested by
6 w2.uam.bdsonline.nl w2.uam.bdsonline.nl
2 w5.wb.bngbank.nl 2 redirects
1 w2.idp.bngbank.nl 1 redirects
6 3

This site contains no links.

Subject Issuer Validity Valid
w2.uam.bdsonline.nl
Sectigo RSA Extended Validation Secure Server CA		 2022-06-14 -
2023-06-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://w2.uam.bdsonline.nl/siteminderagent/forms/loginwbvasco.fcc?TYPE=33554432&REALMOID=06-bc9e211a-a508-4a42-903f-57f638cee43e&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=5jzbx0lUDsceUYqMOE1vbvC7cdxgyyvsWu24Sr0ox6qoqyttror7o33ggDujjsgX&TARGET=$SM$HTTPS%3a%2f%2fw5%2ewb%2ebngbank%2enl%2f
Frame ID: 3C3BD882E1D827A2B82ACCBD78F38546
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BNG Bank - Siteminder Inlogpagina

Page URL History Show full URLs

  1. https://w5.wb.bngbank.nl/ HTTP 302
    https://w2.idp.bngbank.nl/siteminderagent/SmMakeCookie.ccc?SMSESSION=QUERY&PERSIST=0&TARGET=$SM$https%... HTTP 302
    https://w5.wb.bngbank.nl/?SMSESSION=NO HTTP 302
    https://w2.uam.bdsonline.nl/siteminderagent/forms/loginwbvasco.fcc?TYPE=33554432&REALMOID=06-bc9e211a-a5... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

1
IPs

1
Countries

250 kB
Transfer

247 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://w5.wb.bngbank.nl/ HTTP 302
    https://w2.idp.bngbank.nl/siteminderagent/SmMakeCookie.ccc?SMSESSION=QUERY&PERSIST=0&TARGET=$SM$https%3a%2f%2fw5%2ewb%2ebngbank%2enl%2f HTTP 302
    https://w5.wb.bngbank.nl/?SMSESSION=NO HTTP 302
    https://w2.uam.bdsonline.nl/siteminderagent/forms/loginwbvasco.fcc?TYPE=33554432&REALMOID=06-bc9e211a-a508-4a42-903f-57f638cee43e&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=5jzbx0lUDsceUYqMOE1vbvC7cdxgyyvsWu24Sr0ox6qoqyttror7o33ggDujjsgX&TARGET=$SM$HTTPS%3a%2f%2fw5%2ewb%2ebngbank%2enl%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request loginwbvasco.fcc
w2.uam.bdsonline.nl/siteminderagent/forms/
Redirect Chain
  • https://w5.wb.bngbank.nl/
  • https://w2.idp.bngbank.nl/siteminderagent/SmMakeCookie.ccc?SMSESSION=QUERY&PERSIST=0&TARGET=$SM$https%3a%2f%2fw5%2ewb%2ebngbank%2enl%2f
  • https://w5.wb.bngbank.nl/?SMSESSION=NO
  • https://w2.uam.bdsonline.nl/siteminderagent/forms/loginwbvasco.fcc?TYPE=33554432&REALMOID=06-bc9e211a-a508-4a42-903f-57f638cee43e&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=5jzbx0lUDsceUYqMOE1vbvC...
9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://w2.uam.bdsonline.nl/siteminderagent/forms/loginwbvasco.fcc?TYPE=33554432&REALMOID=06-bc9e211a-a508-4a42-903f-57f638cee43e&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=5jzbx0lUDsceUYqMOE1vbvC7cdxgyyvsWu24Sr0ox6qoqyttror7o33ggDujjsgX&TARGET=$SM$HTTPS%3a%2f%2fw5%2ewb%2ebngbank%2enl%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.58.82.184 The Hague, Netherlands, ASN13127 (T-MOBILE AS for the Trans-European T-Mobile IP Transport backbone, NL),
Reverse DNS
Software
/
Resource Hash
60ac4c68d3f430c76bb2a6455a59847b98e51e432bcb8cb050015f7652e37f80
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
no-store
Content-Length
9192
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html;charset=UTF-8
Date
Fri, 17 Jun 2022 15:13:55 GMT
Permissions-Policy
geolocation=()
Referrer-Policy
no-referrer
Server
Strict-Transport-Security
max-age=16070400; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN

Redirect headers

Cache-Control
no-store,no-cache, no-store, must-revalidate, max-age=0
Content-Length
0
Content-Security-Policy
frame-ancestors 'self' https://W2.uam.bdsonline.nl
Date
Fri, 17 Jun 2022 15:13:55 GMT
Expires
0
Location
https://w2.uam.bdsonline.nl/siteminderagent/forms/loginwbvasco.fcc?TYPE=33554432&REALMOID=06-bc9e211a-a508-4a42-903f-57f638cee43e&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=5jzbx0lUDsceUYqMOE1vbvC7cdxgyyvsWu24Sr0ox6qoqyttror7o33ggDujjsgX&TARGET=$SM$HTTPS%3a%2f%2fw5%2ewb%2ebngbank%2enl%2f
Permissions-Policy
geolocation=()
Pragma
no-cache
Referrer-Policy
no-referrer
Server
Strict-Transport-Security
max-age=16070400; includeSubDomains
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
jquery.js
w2.uam.bdsonline.nl/siteminderagent/forms/js/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w2.uam.bdsonline.nl/siteminderagent/forms/js/jquery.js
Requested by
Host: w2.uam.bdsonline.nl
URL: https://w2.uam.bdsonline.nl/siteminderagent/forms/loginwbvasco.fcc?TYPE=33554432&REALMOID=06-bc9e211a-a508-4a42-903f-57f638cee43e&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=5jzbx0lUDsceUYqMOE1vbvC7cdxgyyvsWu24Sr0ox6qoqyttror7o33ggDujjsgX&TARGET=$SM$HTTPS%3a%2f%2fw5%2ewb%2ebngbank%2enl%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.58.82.184 The Hague, Netherlands, ASN13127 (T-MOBILE AS for the Trans-European T-Mobile IP Transport backbone, NL),
Reverse DNS
Software
/
Resource Hash
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Referrer-Policy
no-referrer
Last-Modified
Wed, 19 Jan 2022 09:52:41 GMT
Server
ETag
"8fdcd94c1add81:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
private, max-age=60
Date
Fri, 17 Jun 2022 15:13:55 GMT
Permissions-Policy
geolocation=()
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
89501
X-Content-Type-Options
nosniff
general.css
w2.uam.bdsonline.nl/siteminderagent/forms/stylesheets/ 		86 KB
86 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w2.uam.bdsonline.nl/siteminderagent/forms/stylesheets/general.css
Requested by
Host: w2.uam.bdsonline.nl
URL: https://w2.uam.bdsonline.nl/siteminderagent/forms/loginwbvasco.fcc?TYPE=33554432&REALMOID=06-bc9e211a-a508-4a42-903f-57f638cee43e&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=5jzbx0lUDsceUYqMOE1vbvC7cdxgyyvsWu24Sr0ox6qoqyttror7o33ggDujjsgX&TARGET=$SM$HTTPS%3a%2f%2fw5%2ewb%2ebngbank%2enl%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.58.82.184 The Hague, Netherlands, ASN13127 (T-MOBILE AS for the Trans-European T-Mobile IP Transport backbone, NL),
Reverse DNS
Software
/
Resource Hash
687e3d0d2481aec8ffd346fe654a36047e36c7b901e30b864b64d07c7817832a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Referrer-Policy
no-referrer
Last-Modified
Mon, 15 Aug 2016 07:51:19 GMT
Server
ETag
"bf1872cfc9f6d11:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
private, max-age=60
Date
Fri, 17 Jun 2022 15:13:55 GMT
Permissions-Policy
geolocation=()
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
87802
X-Content-Type-Options
nosniff
BNG_Logo.png
w2.uam.bdsonline.nl/siteminderagent/forms/assets/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w2.uam.bdsonline.nl/siteminderagent/forms/assets/BNG_Logo.png
Requested by
Host: w2.uam.bdsonline.nl
URL: https://w2.uam.bdsonline.nl/siteminderagent/forms/loginwbvasco.fcc?TYPE=33554432&REALMOID=06-bc9e211a-a508-4a42-903f-57f638cee43e&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=5jzbx0lUDsceUYqMOE1vbvC7cdxgyyvsWu24Sr0ox6qoqyttror7o33ggDujjsgX&TARGET=$SM$HTTPS%3a%2f%2fw5%2ewb%2ebngbank%2enl%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.58.82.184 The Hague, Netherlands, ASN13127 (T-MOBILE AS for the Trans-European T-Mobile IP Transport backbone, NL),
Reverse DNS
Software
/
Resource Hash
8872860ef703a907d81a860c89718be6cd4c04eee00ab65d8bb769e0a92231a7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Referrer-Policy
no-referrer
Last-Modified
Thu, 21 Apr 2016 07:18:12 GMT
Server
ETag
"e6a4f1f69d9bd11:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=39600
Date
Fri, 17 Jun 2022 15:13:55 GMT
Permissions-Policy
geolocation=()
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
5614
X-Content-Type-Options
nosniff
digipass-140.png
w2.uam.bdsonline.nl/siteminderagent/forms/assets/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w2.uam.bdsonline.nl/siteminderagent/forms/assets/digipass-140.png
Requested by
Host: w2.uam.bdsonline.nl
URL: https://w2.uam.bdsonline.nl/siteminderagent/forms/loginwbvasco.fcc?TYPE=33554432&REALMOID=06-bc9e211a-a508-4a42-903f-57f638cee43e&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=5jzbx0lUDsceUYqMOE1vbvC7cdxgyyvsWu24Sr0ox6qoqyttror7o33ggDujjsgX&TARGET=$SM$HTTPS%3a%2f%2fw5%2ewb%2ebngbank%2enl%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.58.82.184 The Hague, Netherlands, ASN13127 (T-MOBILE AS for the Trans-European T-Mobile IP Transport backbone, NL),
Reverse DNS
Software
/
Resource Hash
4ec2defd17c77cfe7082db4cc8bf427567eef34b868974913de88ce672527018
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Referrer-Policy
no-referrer
Last-Modified
Thu, 21 Apr 2016 07:18:12 GMT
Server
ETag
"dbdfecf69d9bd11:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=39600
Date
Fri, 17 Jun 2022 15:13:55 GMT
Permissions-Policy
geolocation=()
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
32753
X-Content-Type-Options
nosniff
BNG_Bank_betalingsapp_icon_met_kader_en_naam_600x800px.png
w2.uam.bdsonline.nl/siteminderagent/forms/assets/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w2.uam.bdsonline.nl/siteminderagent/forms/assets/BNG_Bank_betalingsapp_icon_met_kader_en_naam_600x800px.png
Requested by
Host: w2.uam.bdsonline.nl
URL: https://w2.uam.bdsonline.nl/siteminderagent/forms/loginwbvasco.fcc?TYPE=33554432&REALMOID=06-bc9e211a-a508-4a42-903f-57f638cee43e&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=5jzbx0lUDsceUYqMOE1vbvC7cdxgyyvsWu24Sr0ox6qoqyttror7o33ggDujjsgX&TARGET=$SM$HTTPS%3a%2f%2fw5%2ewb%2ebngbank%2enl%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.58.82.184 The Hague, Netherlands, ASN13127 (T-MOBILE AS for the Trans-European T-Mobile IP Transport backbone, NL),
Reverse DNS
Software
/
Resource Hash
d894b975ef5a123a9e6580a7e921b1551c45df8e5e9ef23ba86f0db8cea67619
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Referrer-Policy
no-referrer
Last-Modified
Tue, 29 May 2018 07:52:27 GMT
Server
ETag
"d6252efd21f7d31:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=39600
Date
Fri, 17 Jun 2022 15:13:55 GMT
Permissions-Policy
geolocation=()
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
27793
X-Content-Type-Options
nosniff

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| $ function| jQuery function| setCookie function| getCookie function| back boolean| formIsSubmitted function| login function| isnum function| maxLength

3 Cookies

Domain/Path Name / Value
w5.wb.bngbank.nl/ Name: CENTRIC_LBA
Value: !FnBJ8sHzDxCZ9dg0IIJtcTxqELnTKcl3LTfVA4aF225vf9ePWWEEtFPR8R/UK7tOxiRnRkoogc3N5HE+XVhZk36uN+ZFJrYDS3F4QS/+OFM=
w5.wb.bngbank.nl/ Name: CENTRIC_RA
Value: !sYwzN8179cOFbOdSq1MMQmMkP9L/yW9x9I2JyNNNy8nb3b2om5lw8Vz42kpQti4n1CA3q5le3bRcagd7jzgWeVAHKgv9+bZXuSWB2e8nSjQ=
w2.idp.bngbank.nl/ Name: CENTRIC_RA
Value: !3sp3E/+Hx8jSvuNSq1MMQmMkP9L/yQHZ6JPTLqWXxssJzrv+bLpbMC4rqprrUHaF0Bo0iCnkbpJR/3xkcyEMDvsyoEMQE0mQQ+FGVbDmzg4=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN