urlscan.io logo urlscan.io
SecurityTrails logo

inloggen.fbto.nl Open in urlscan Pro
2a04:b0c0:d::91db:e85  Public Scan

Go To Rescan Add Verdict Report
URL: https://inloggen.fbto.nl/adfs/ls/?wa=wsignin1.0&wtrealm=http%3A%2F%2Fi-portaal.achmea.nl%2Fadfs%2Fservices%2Ftrust&wctx=8...
Submission: On June 14 via manual from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 3 domains to perform 29 HTTP transactions. The main IP is 2a04:b0c0:d::91db:e85, located in Netherlands and belongs to ACHMEA, NL. The main domain is inloggen.fbto.nl.
TLS certificate: Issued by QuoVadis Global SSL ICA G2 on May 13th 2020. Valid for: a year.
This is the only time inloggen.fbto.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2a04:b0c0:d::... 201017 (ACHMEA)
5 10 2a04:b0c0:d::... 201017 (ACHMEA)
3 13.225.87.116 16509 (AMAZON-02)
1 12 52.19.63.112 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
29 5
3    2a04:b0c0:d::91db:e85 (Netherlands)

ASN201017 (ACHMEA, NL)
inloggen.fbto.nl
10    2a04:b0c0:d::91db:a41 (Netherlands)

ASN201017 (ACHMEA, NL)
mijn.fbto.nl
3    13.225.87.116 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-116.fra2.r.cloudfront.net
tdn.r42tag.com
12    52.19.63.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-63-112.eu-west-1.compute.amazonaws.com
celebrus.fbto.nl
7    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
12 celebrus.fbto.nl 1 redirects inloggen.fbto.nl
celebrus.fbto.nl
10 mijn.fbto.nl 5 redirects inloggen.fbto.nl
7 www.google-analytics.com inloggen.fbto.nl
www.google-analytics.com
3 tdn.r42tag.com inloggen.fbto.nl
tdn.r42tag.com
3 inloggen.fbto.nl inloggen.fbto.nl
29 5

This site contains links to these domains. Also see Links.

Domain
mijn.fbto.nl
www.fbto.nl
zorggebruik.fbto.nl
Subject Issuer Validity Valid
inloggen.fbto.nl
QuoVadis Global SSL ICA G2		 2020-05-13 -
2021-05-26		 a year crt.sh
mijn.fbto.nl
QuoVadis Global SSL ICA G2		 2020-05-13 -
2021-05-26		 a year crt.sh
tdn.r42tag.com
Amazon		 2020-01-21 -
2021-02-21		 a year crt.sh
celebrus.fbto.nl
QuoVadis Global SSL ICA G2		 2019-08-19 -
2020-08-19		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://inloggen.fbto.nl/adfs/ls/?wa=wsignin1.0&wtrealm=http%3A%2F%2Fi-portaal.achmea.nl%2Fadfs%2Fservices%2Ftrust&wctx=8ecc2723-be9b-45e4-aeab-72806f3649ab
Frame ID: 5B3705F65A69B67356C1D633C862F813
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

29
Requests

100 %
HTTPS

60 %
IPv6

3
Domains

5
Subdomains

5
IPs

4
Countries

173 kB
Transfer

528 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://mijn.fbto.nl/assets/customerportal/accessmanagement-2019.css HTTP 307
  • https://mijn.fbto.nl/
Request Chain 2
  • https://mijn.fbto.nl/assets/images/logo/FBTO-logo-liggend-2019.svg HTTP 307
  • https://mijn.fbto.nl/
Request Chain 3
  • https://mijn.fbto.nl/assets/customerportal/jquery.min.js HTTP 307
  • https://mijn.fbto.nl/
Request Chain 4
  • https://mijn.fbto.nl/assets/customerportal/refresh-general.js HTTP 307
  • https://mijn.fbto.nl/
Request Chain 5
  • https://mijn.fbto.nl/assets/customerportal/loginpage.js HTTP 307
  • https://mijn.fbto.nl/
Request Chain 16
  • https://celebrus.fbto.nl/JavascriptInsert.js HTTP 301
  • https://celebrus.fbto.nl/fbto_aws/insert/JavascriptInsert.js

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
inloggen.fbto.nl/adfs/ls/ 		13 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://inloggen.fbto.nl/adfs/ls/?wa=wsignin1.0&wtrealm=http%3A%2F%2Fi-portaal.achmea.nl%2Fadfs%2Fservices%2Ftrust&wctx=8ecc2723-be9b-45e4-aeab-72806f3649ab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a04:b0c0:d::91db:e85 , Netherlands, ASN201017 (ACHMEA, NL),
Reverse DNS
Software
/
Resource Hash
9782939c8321feea124e04c9e5671f9a8f2ac43124726616e486482138a6becd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
inloggen.fbto.nl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
-1
Date
Sun, 14 Jun 2020 09:39:19 GMT
Content-Length
4957
X-FRAME-OPTIONS
DENY
Set-Cookie
Achmea.Realm=http://i-portaal.achmea.nl/adfs/services/trust;Domain=achmea.nl;Path=/;Secure;Httponly TS011d985d=012e411f238e161960ddeb1fcb969aac9ff12efcc92479107c53b2a0e4da7f8295943804e85ffef61b8d8aaf23a43cd83f1999d60e9c224b53230732682f27ce200834ed44; Path=/; Domain=.inloggen.fbto.nl; Secure; HTTPOnly
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
Content-Encoding
gzip
Connection
Keep-Alive
fonts.css
inloggen.fbto.nl/adfs/ls/MasterPages/mijnfbto/assets/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://inloggen.fbto.nl/adfs/ls/MasterPages/mijnfbto/assets/css/fonts.css
Requested by
Host: inloggen.fbto.nl
URL: https://inloggen.fbto.nl/adfs/ls/?wa=wsignin1.0&wtrealm=http%3A%2F%2Fi-portaal.achmea.nl%2Fadfs%2Fservices%2Ftrust&wctx=8ecc2723-be9b-45e4-aeab-72806f3649ab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a04:b0c0:d::91db:e85 , Netherlands, ASN201017 (ACHMEA, NL),
Reverse DNS
Software
/
Resource Hash
b031e26235c31852873ef32b96b824c91430f1755cf044fd99fd2878ea66b7dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://inloggen.fbto.nl/adfs/ls/?wa=wsignin1.0&wtrealm=http%3A%2F%2Fi-portaal.achmea.nl%2Fadfs%2Fservices%2Ftrust&wctx=8ecc2723-be9b-45e4-aeab-72806f3649ab
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 14 Jun 2020 09:39:19 GMT
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 04 Mar 2020 13:21:32 GMT
ETag
"0161cd227f2d51:0"
X-FRAME-OPTIONS
DENY
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
X-XSS-Protection
1; mode=block
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
2292
X-Content-Type-Options
nosniff
/
mijn.fbto.nl/
Redirect Chain
  • https://mijn.fbto.nl/assets/customerportal/accessmanagement-2019.css
  • https://mijn.fbto.nl/
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mijn.fbto.nl/
Requested by
Host: inloggen.fbto.nl
URL: https://inloggen.fbto.nl/adfs/ls/?wa=wsignin1.0&wtrealm=http%3A%2F%2Fi-portaal.achmea.nl%2Fadfs%2Fservices%2Ftrust&wctx=8ecc2723-be9b-45e4-aeab-72806f3649ab
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a04:b0c0:d::91db:a41 , Netherlands, ASN201017 (ACHMEA, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://inloggen.fbto.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection
close
Content-Length
5376
Content-Type
text/html; charset=UTF-8

Redirect headers

Location
/
Connection
close
Content-Length
0
/
mijn.fbto.nl/
Redirect Chain
  • https://mijn.fbto.nl/assets/images/logo/FBTO-logo-liggend-2019.svg
  • https://mijn.fbto.nl/
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mijn.fbto.nl/
Requested by
Host: inloggen.fbto.nl
URL: https://inloggen.fbto.nl/adfs/ls/?wa=wsignin1.0&wtrealm=http%3A%2F%2Fi-portaal.achmea.nl%2Fadfs%2Fservices%2Ftrust&wctx=8ecc2723-be9b-45e4-aeab-72806f3649ab
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a04:b0c0:d::91db:a41 , Netherlands, ASN201017 (ACHMEA, NL),
Reverse DNS
Software
/
Resource Hash
393bfd4235cb177b2a036a6f4db6ee299ccad60bd3cda946f45a9f3dad1da188

Request headers

Referer
https://inloggen.fbto.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection
close
Content-Length
5376
Content-Type
text/html; charset=UTF-8

Redirect headers

Location
/
Connection
close
Content-Length
0
/
mijn.fbto.nl/
Redirect Chain
  • https://mijn.fbto.nl/assets/customerportal/jquery.min.js
  • https://mijn.fbto.nl/
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://mijn.fbto.nl/
Requested by
Host: inloggen.fbto.nl
URL: https://inloggen.fbto.nl/adfs/ls/?wa=wsignin1.0&wtrealm=http%3A%2F%2Fi-portaal.achmea.nl%2Fadfs%2Fservices%2Ftrust&wctx=8ecc2723-be9b-45e4-aeab-72806f3649ab
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a04:b0c0:d::91db:a41 , Netherlands, ASN201017 (ACHMEA, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://inloggen.fbto.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection
close
Content-Length
5376
Content-Type
text/html; charset=UTF-8

Redirect headers

Location
/
Connection
close
Content-Length
0
/
mijn.fbto.nl/
Redirect Chain
  • https://mijn.fbto.nl/assets/customerportal/refresh-general.js
  • https://mijn.fbto.nl/
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://mijn.fbto.nl/
Requested by
Host: inloggen.fbto.nl
URL: https://inloggen.fbto.nl/adfs/ls/?wa=wsignin1.0&wtrealm=http%3A%2F%2Fi-portaal.achmea.nl%2Fadfs%2Fservices%2Ftrust&wctx=8ecc2723-be9b-45e4-aeab-72806f3649ab
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a04:b0c0:d::91db:a41 , Netherlands, ASN201017 (ACHMEA, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://inloggen.fbto.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection
close
Content-Length
5376
Content-Type
text/html; charset=UTF-8

Redirect headers

Location
/
Connection
close
Content-Length
0
/
mijn.fbto.nl/
Redirect Chain
  • https://mijn.fbto.nl/assets/customerportal/loginpage.js
  • https://mijn.fbto.nl/
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://mijn.fbto.nl/
Requested by
Host: inloggen.fbto.nl
URL: https://inloggen.fbto.nl/adfs/ls/?wa=wsignin1.0&wtrealm=http%3A%2F%2Fi-portaal.achmea.nl%2Fadfs%2Fservices%2Ftrust&wctx=8ecc2723-be9b-45e4-aeab-72806f3649ab
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a04:b0c0:d::91db:a41 , Netherlands, ASN201017 (ACHMEA, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://inloggen.fbto.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection
close
Content-Length
5376
Content-Type
text/html; charset=UTF-8

Redirect headers

Location
/
Connection
close
Content-Length
0
ca-9-site-160.js
tdn.r42tag.com/lib/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tdn.r42tag.com/lib/ca-9-site-160.js
Requested by
Host: inloggen.fbto.nl
URL: https://inloggen.fbto.nl/adfs/ls/?wa=wsignin1.0&wtrealm=http%3A%2F%2Fi-portaal.achmea.nl%2Fadfs%2Fservices%2Ftrust&wctx=8ecc2723-be9b-45e4-aeab-72806f3649ab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-116.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fcf04e03e20cbc52d02a28b8e08582a9132215bfd7c381365fa6793d2e043f18

Request headers

Referer
https://inloggen.fbto.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
yEOLuDGmaYTdCvlX6FolTrbE.cZ0.kGp
content-encoding
gzip
last-modified
Thu, 12 Dec 2019 10:52:07 GMT
server
AmazonS3
age
633
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=14400, public
date
Sun, 14 Jun 2020 09:28:47 GMT
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
apYmApNifCczTjGG-yoYG27QOaOrgdkCQrX72_chOe6pXPQ2gXsWwg==
via
1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
prod
tdn.r42tag.com/tags-160/ 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tdn.r42tag.com/tags-160/prod?s=mijnfbto%7Cadfs%7Cls%7C&u=https%3A%2F%2Finloggen.fbto.nl%2Fadfs%2Fls%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttp%253A%252F%252Fi-portaal.achmea.nl%252Fadfs%252Fservices%252Ftrust%26wctx%3D8ecc2723-be9b-45e4-aeab-72806f3649ab&r=&cb=1592127560016
Requested by
Host: tdn.r42tag.com
URL: https://tdn.r42tag.com/lib/ca-9-site-160.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-116.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
edf27b007f332f4ecba1daad6e1d469159064a0bf21ad1e6d395b840647554fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://inloggen.fbto.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jun 2020 09:39:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
status
200
cache-control
no-cache, no-store, max-age=0
x-backend
tdn-dd009274
x-amz-cf-id
VxVF3taBZ4ogB-8mpb6jpESbwiWu9OstCeZS6UuqXWPBxhtNj5TvXw==
via
1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
referrer-policy
no-referrer
expires
Thu, 01 Jan 1970 00:00:00 GMT
tag-permissions-32372a79-caa8-494a-a35f-5c910fc772a9.js
tdn.r42tag.com/lib/ut/160/105/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tdn.r42tag.com/lib/ut/160/105/tag-permissions-32372a79-caa8-494a-a35f-5c910fc772a9.js
Requested by
Host: tdn.r42tag.com
URL: https://tdn.r42tag.com/lib/ca-9-site-160.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-116.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11e689b83d12130fa496707eae13330a4befdc76b58a2db4d72e5e21f5362b75

Request headers

Referer
https://inloggen.fbto.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:48:10 GMT
content-encoding
gzip
last-modified
Fri, 05 Jun 2020 11:35:18 GMT
server
AmazonS3
age
769871
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
bcVj3GHIpIHaSIubVl1zJXbqLTEsDTD4
status
200
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA2-C2
content-type
application/javascript;charset=UTF-8
x-amz-cf-id
NPxv-0-2oD5brjhgI1eadkwz_bS2wx7u9nTPSjM5yD9-JOTJACUang==
via
1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
celebrus_insert.min.js
celebrus.fbto.nl/fbto_aws/insert/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://celebrus.fbto.nl/fbto_aws/insert/celebrus_insert.min.js
Requested by
Host: inloggen.fbto.nl
URL: https://inloggen.fbto.nl/adfs/ls/?wa=wsignin1.0&wtrealm=http%3A%2F%2Fi-portaal.achmea.nl%2Fadfs%2Fservices%2Ftrust&wctx=8ecc2723-be9b-45e4-aeab-72806f3649ab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.63.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-63-112.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ce990ee62c34cc6daef1b6563e010e635e781d3b2ed2960b19d3605ac1af5779

Request headers

Referer
https://inloggen.fbto.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 14 Jun 2020 09:39:20 GMT
content-encoding
gzip
last-modified
Tue, 17 Mar 2020 11:30:32 GMT
server
Apache
etag
"972a-5a10b4375e0db-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
11081
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: inloggen.fbto.nl
URL: https://inloggen.fbto.nl/adfs/ls/?wa=wsignin1.0&wtrealm=http%3A%2F%2Fi-portaal.achmea.nl%2Fadfs%2Fservices%2Ftrust&wctx=8ecc2723-be9b-45e4-aeab-72806f3649ab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://inloggen.fbto.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
2581
date
Sun, 14 Jun 2020 08:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Sun, 14 Jun 2020 10:56:19 GMT
fbto-icon-font.woff2
inloggen.fbto.nl/adfs/ls/MasterPages/mijnfbto/assets/fonts/ 		16 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://inloggen.fbto.nl/adfs/ls/MasterPages/mijnfbto/assets/fonts/fbto-icon-font.woff2?1578480348369
Requested by
Host: inloggen.fbto.nl
URL: https://inloggen.fbto.nl/adfs/ls/?wa=wsignin1.0&wtrealm=http%3A%2F%2Fi-portaal.achmea.nl%2Fadfs%2Fservices%2Ftrust&wctx=8ecc2723-be9b-45e4-aeab-72806f3649ab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a04:b0c0:d::91db:e85 , Netherlands, ASN201017 (ACHMEA, NL),
Reverse DNS
Software
/
Resource Hash
4319cb75db5143402c8266d0d114d3272498b0076fb31586898de91bed625e0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://inloggen.fbto.nl/adfs/ls/MasterPages/mijnfbto/assets/css/fonts.css
Origin
https://inloggen.fbto.nl

Response headers

Date
Sun, 14 Jun 2020 09:39:19 GMT
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 04 Mar 2020 13:21:32 GMT
ETag
"0161cd227f2d51:0"
X-FRAME-OPTIONS
DENY
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-font-woff2
X-XSS-Protection
1; mode=block
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
17278
X-Content-Type-Options
nosniff
js
www.google-analytics.com/gtm/ 		182 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-NK88XMD&cid=1261790502.1592127560
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4c653084a8bab718ebc26fd191bf84d95fac0e94aca4abeea799b5f6a333efd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://inloggen.fbto.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 14 Jun 2020 09:39:20 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41372
x-xss-protection
0
expires
Sun, 14 Jun 2020 09:39:20 GMT
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j82&aip=1&a=1701586548&t=pageview&_s=1&dl=https%3A%2F%2Finloggen.fbto.nl%2Fadfs%2Fls%2F&dp=%2Fadfs%2Fls%2F&ul=en-us&de=UTF-8&dt=FBTO%20-%20Inloggen%20op%20MijnFBTO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUADQ~&cid=1261790502.1592127560&tid=UA-26169827-1&_gid=342155394.1592127560&cd38=mijnfbto%7Cadfs%7Cls%7C&cd39=1&cd40=1592127560076.rq2x19lq&cd41=1261790502.1592127560&z=1462220273
Requested by
Host: inloggen.fbto.nl
URL: https://inloggen.fbto.nl/adfs/ls/?wa=wsignin1.0&wtrealm=http%3A%2F%2Fi-portaal.achmea.nl%2Fadfs%2Fservices%2Ftrust&wctx=8ecc2723-be9b-45e4-aeab-72806f3649ab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://inloggen.fbto.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jun 2020 01:20:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
375508
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j82&aip=1&a=1701586548&t=pageview&_s=1&dl=https%3A%2F%2Finloggen.fbto.nl%2Fadfs%2Fls%2F&dp=%2Fadfs%2Fls%2F&ul=en-us&de=UTF-8&dt=FBTO%20-%20Inloggen%20op%20MijnFBTO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUADQ~&cid=1261790502.1592127560&tid=UA-26169827-9&_gid=342155394.1592127560&z=1741694475
Requested by
Host: inloggen.fbto.nl
URL: https://inloggen.fbto.nl/adfs/ls/?wa=wsignin1.0&wtrealm=http%3A%2F%2Fi-portaal.achmea.nl%2Fadfs%2Fservices%2Ftrust&wctx=8ecc2723-be9b-45e4-aeab-72806f3649ab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://inloggen.fbto.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jun 2020 01:20:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
375508
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
session.js
celebrus.fbto.nl/5691/handler9/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://celebrus.fbto.nl/5691/handler9/session.js?se=_15921275602540.77b34c39a2bb38ae7044af6bf930b1c1_5691&sj=fbtoCSA&aP=_15921275602540.77b34c39a2bb38ae7044af6bf930b1c1_&bd=true&si=false&aM=_15921275602540.77b34c39a2bb38ae7044af6bf930b1c1_&aO=-1&vb=3&wa=8.18.18512&aW=_15921275602540.77b34c39a2bb38ae7044af6bf930b1c1_&bu=true&cf=FBTO%20-%20Inloggen%20op%20MijnFBTO&az=usy46gabsosd%3DfbtoCSA_15921275602540.77b34c39a2bb38ae7044af6bf930b1c1_5691%3B%20_stCookieTest%3Dtrue%3B%20_svs%3D%257B%2522v%2522%253A1%257D&au=https%3A%2F%2Finloggen.fbto.nl%2Fadfs%2Fls%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttp%253A%252F%252Fi-portaal.achmea.nl%252Fadfs%252Fservices%252Ftrust%26wctx%3D8ecc2723-be9b-45e4-aeab-72806f3649ab
Requested by
Host: celebrus.fbto.nl
URL: https://celebrus.fbto.nl/fbto_aws/insert/celebrus_insert.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.63.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-63-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8e3df5ed255f1aa5527a5769b4f8780701ebe0cf652c637969a5d495f743f0e4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://inloggen.fbto.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jun 2020 09:39:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NON ADMo DEVo PSAo PSDo IVAo IVDo OUR IND UNI COM NAV INT CNT LOC STA PUR PHY ONL"
status
200
cache-control
no-store, no-cache
content-type
application/x-javascript
content-length
2607
JavascriptInsert.js
celebrus.fbto.nl/fbto_aws/insert/
Redirect Chain
  • https://celebrus.fbto.nl/JavascriptInsert.js
  • https://celebrus.fbto.nl/fbto_aws/insert/JavascriptInsert.js
95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://celebrus.fbto.nl/fbto_aws/insert/JavascriptInsert.js
Requested by
Host: inloggen.fbto.nl
URL: https://inloggen.fbto.nl/adfs/ls/?wa=wsignin1.0&wtrealm=http%3A%2F%2Fi-portaal.achmea.nl%2Fadfs%2Fservices%2Ftrust&wctx=8ecc2723-be9b-45e4-aeab-72806f3649ab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.63.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-63-112.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
7ff5244537cca864f7b69c08f86efb9a7d8ca8917b98d7b5855a7129af02ecc5

Request headers

Referer
https://inloggen.fbto.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 14 Jun 2020 09:39:20 GMT
content-encoding
gzip
last-modified
Tue, 17 Mar 2020 13:24:51 GMT
server
Apache
etag
"17c57-5a10cdc4e37da-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
35552

Redirect headers

status
301
date
Sun, 14 Jun 2020 09:39:20 GMT
server
awselb/2.0
content-length
150
location
https://celebrus.fbto.nl:443/fbto_aws/insert/JavascriptInsert.js
content-type
text/html
jsEvent.js
celebrus.fbto.nl/5691/1583722582/XBW09WEA78JG/ 		2 KB
562 B 		Script
General
Check archive.org
Download Go to
Full URL
https://celebrus.fbto.nl/5691/1583722582/XBW09WEA78JG/jsEvent.js?z=0_0_979caf3278f44316ba6637af78a78275&y=2637!392158!1DL+59267E=!aa56+b0=1272104elop=4tru=+au+ant0doadmecu=+a+a+x==0ayO59562-1_1Q=21.4cb37540277070aeaa23938bb130_+f44f96bb+a001c1=0aoA===2aC6q7+a0+1g=+aa1+03=0adk0+20j0+60=1a=00+a=1aS0++a0=1aZ==1ab0+20+20=0+60=1vpicgog1vr0+60=fbl+.nln.getoqq214n=0cp2F6q311902F2200q=+a59qA3203AW560.5_1272102cbba24b3773946baf3ae384470c_+590f9c1b1cj=e+l=1+c91fau=9tzs=tvte+r448f6ca7927f377a78b3163a6fa=9!18a5+271223!7!3831566792157=NaED=+aF5+n-5124060aJ=S+-=e+aUSenu=nbaU=tbde+rp=+av20oqfoinfriciinatogan0+20=o+12=-cl1cn0+1cm0+60=60=1z20=1co0+0voC0v0+4+=2=+t9c9q2C0q2z=81643732aff47a778766baaf3792158582=1+a367E=!!12637!412721aaDf+59=a5y=40456+u055eaadc6529264314037ca01d41=53958+uebf5zaa4a60c71449819f+vb428fc2b182899bb6a=0fe47e824a11b5f+ta69a03a2696832437z=af9c76678af4ba16375:h=1f82a7+a7pstt
Requested by
Host: celebrus.fbto.nl
URL: https://celebrus.fbto.nl/fbto_aws/insert/JavascriptInsert.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.63.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-63-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e54d9a9d7333e5b5e5820734139c0ea47a2739eb58bdc63d6e76b0b0fb8e384b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://inloggen.fbto.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jun 2020 09:39:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NON ADMo DEVo PSAo PSDo IVAo IVDo OUR IND UNI COM NAV INT CNT LOC STA PUR PHY ONL"
status
200
cache-control
no-store, no-cache
content-type
application/x-javascript
content-length
210
collect
www.google-analytics.com/ 		35 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j82&aip=1&a=1701586548&t=event&ni=1&_s=2&dl=https%3A%2F%2Finloggen.fbto.nl%2Fadfs%2Fls%2F&dp=%2Fadfs%2Fls%2F&ul=en-us&de=UTF-8&dt=FBTO%20-%20Inloggen%20op%20MijnFBTO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=cookie%20consent&ea=showPopup&el=&_u=aGDAAUADQ~&cid=1261790502.1592127560&tid=UA-26169827-1&_gid=342155394.1592127560&cd38=mijnfbto%7Cadfs%7Cls%7C&cd39=1&cd40=1592127560076.rq2x19lq&cd41=1261790502.1592127560&cd92=Cookiebar%202019%20-%20Styled%20Refresh&z=1609984569
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://inloggen.fbto.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jun 2020 01:20:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
375508
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j82&aip=1&a=1701586548&t=timing&_s=3&dl=https%3A%2F%2Finloggen.fbto.nl%2Fadfs%2Fls%2F&dp=%2Fadfs%2Fls%2F&ul=en-us&de=UTF-8&dt=FBTO%20-%20Inloggen%20op%20MijnFBTO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=724&pdt=0&dns=39&rrt=0&srt=64&tcp=54&dit=354&clt=354&_gst=326&_gbt=399&_u=aGDAAUADQ~&cid=1261790502.1592127560&tid=UA-26169827-1&_gid=342155394.1592127560&cd38=mijnfbto%7Cadfs%7Cls%7C&cd39=1&cd40=1592127560076.rq2x19lq&cd41=1261790502.1592127560&z=495072792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://inloggen.fbto.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jun 2020 01:20:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
375508
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j82&aip=1&a=1701586548&t=timing&_s=2&dl=https%3A%2F%2Finloggen.fbto.nl%2Fadfs%2Fls%2F&dp=%2Fadfs%2Fls%2F&ul=en-us&de=UTF-8&dt=FBTO%20-%20Inloggen%20op%20MijnFBTO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=724&pdt=0&dns=39&rrt=0&srt=64&tcp=54&dit=354&clt=354&_gst=326&_gbt=399&_u=aGDAAUADQ~&cid=1261790502.1592127560&tid=UA-26169827-9&_gid=342155394.1592127560&z=1549441436
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://inloggen.fbto.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jun 2020 01:20:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
375508
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
jsEvent.js
celebrus.fbto.nl/5691/1583722582/XBW09WEA78JG/ 		2 KB
563 B 		Script
General
Check archive.org
Download Go to
Full URL
https://celebrus.fbto.nl/5691/1583722582/XBW09WEA78JG/jsEvent.js?z=0_0_979caf3278f44316ba6637af78a78275&y=2637!392158!1DR+59567E=!aa56+a7=1272104ucont3dop=mec97z=alemp+tte3f4baf9c78324af82a163766781!1397+a7521=!a!0b3758672615956+E==1aD2+t9c9279605z=81643732aff47a778766baaf3792158582=1+a367E=!!12637!612721aaDJ+59=imp=e0656+a06bed1+sagadlo+7927ft==9tzca163a63448f6b35+271f77a788a:a=tphts
Requested by
Host: celebrus.fbto.nl
URL: https://celebrus.fbto.nl/fbto_aws/insert/JavascriptInsert.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.63.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-63-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5206cf03013280ca8a39844129124746941876ead4ab4d5152e1aed3b6089876
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://inloggen.fbto.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jun 2020 09:39:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NON ADMo DEVo PSAo PSDo IVAo IVDo OUR IND UNI COM NAV INT CNT LOC STA PUR PHY ONL"
status
200
cache-control
no-store, no-cache
content-type
application/x-javascript
content-length
211
jsEvent.js
celebrus.fbto.nl/5691/1583722582/XBW09WEA78JG/ 		2 KB
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://celebrus.fbto.nl/5691/1583722582/XBW09WEA78JG/jsEvent.js?z=0_0_979caf3278f44316ba6637af78a78275&y=2637!392158!1Db+59067E=!aa56+t7=1272109c7832297z=af93766743f4ba16a75:h8af82a7+=1pstt
Requested by
Host: celebrus.fbto.nl
URL: https://celebrus.fbto.nl/fbto_aws/insert/JavascriptInsert.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.63.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-63-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
fdab2dd8852cf22d6adb260f5226d18e72518a0e99fb49a23b861aee733df4b8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://inloggen.fbto.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jun 2020 09:39:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NON ADMo DEVo PSAo PSDo IVAo IVDo OUR IND UNI COM NAV INT CNT LOC STA PUR PHY ONL"
status
200
cache-control
no-store, no-cache
content-type
application/x-javascript
content-length
211
jsEvent.js
celebrus.fbto.nl/5691/1583722582/XBW09WEA78JG/ 		2 KB
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://celebrus.fbto.nl/5691/1583722582/XBW09WEA78JG/jsEvent.js?z=0_0_979caf3278f44316ba6637af78a78275&y=2637!392158!1Db+59067E=!aa56+t3=1272117c7832497z=af93766743f4ba16a75:h8af82a7+=1pstt
Requested by
Host: celebrus.fbto.nl
URL: https://celebrus.fbto.nl/fbto_aws/insert/JavascriptInsert.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.63.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-63-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
594b5b77174314acd76a4affb2c90da49d64daca08ca8f86b74f2e697bbd9b5b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://inloggen.fbto.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jun 2020 09:39:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NON ADMo DEVo PSAo PSDo IVAo IVDo OUR IND UNI COM NAV INT CNT LOC STA PUR PHY ONL"
status
200
cache-control
no-store, no-cache
content-type
application/x-javascript
content-length
211
jsEvent.js
celebrus.fbto.nl/5691/1583722582/XBW09WEA78JG/ 		2 KB
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://celebrus.fbto.nl/5691/1583722582/XBW09WEA78JG/jsEvent.js?z=0_0_979caf3278f44316ba6637af78a78275&y=2637!392158!1Db+59067E=!aa56+t9=1272136c7832397z=af93766743f4ba16a75:h8af82a7+=1pstt
Requested by
Host: celebrus.fbto.nl
URL: https://celebrus.fbto.nl/fbto_aws/insert/JavascriptInsert.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.63.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-63-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ed1bd967485462421951295c4fa20f8ef3697baa0b8aa0004e6e81ac380e525c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://inloggen.fbto.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jun 2020 09:39:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NON ADMo DEVo PSAo PSDo IVAo IVDo OUR IND UNI COM NAV INT CNT LOC STA PUR PHY ONL"
status
200
cache-control
no-store, no-cache
content-type
application/x-javascript
content-length
211
jsEvent.js
celebrus.fbto.nl/5691/1583722582/XBW09WEA78JG/ 		2 KB
417 B 		Script
General
Check archive.org
Download Go to
Full URL
https://celebrus.fbto.nl/5691/1583722582/XBW09WEA78JG/jsEvent.js?z=0_0_979caf3278f44316ba6637af78a78275&y=2637!392158!1Db+59067E=!aa56+t5=1272168c7832797z=af93766743f4ba16a75:h8af82a7+=1pstt
Requested by
Host: celebrus.fbto.nl
URL: https://celebrus.fbto.nl/fbto_aws/insert/JavascriptInsert.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.63.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-63-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
73286222477580974436ac7d638635b4b504a4b2ef700b683f2313438ee35f37
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://inloggen.fbto.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jun 2020 09:39:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NON ADMo DEVo PSAo PSDo IVAo IVDo OUR IND UNI COM NAV INT CNT LOC STA PUR PHY ONL"
status
200
cache-control
no-store, no-cache
content-type
application/x-javascript
content-length
172
jsEvent.js
celebrus.fbto.nl/5691/1583722582/XBW09WEA78JG/ 		2 KB
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://celebrus.fbto.nl/5691/1583722582/XBW09WEA78JG/jsEvent.js?z=0_0_979caf3278f44316ba6637af78a78275&y=2637!392158!1Db+59067E=!aa57+t5=1272137c7832997z=af93766743f4ba16a75:h8af82a7+=1pstt
Requested by
Host: celebrus.fbto.nl
URL: https://celebrus.fbto.nl/fbto_aws/insert/JavascriptInsert.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.63.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-63-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
73286222477580974436ac7d638635b4b504a4b2ef700b683f2313438ee35f37
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://inloggen.fbto.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jun 2020 09:39:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NON ADMo DEVo PSAo PSDo IVAo IVDo OUR IND UNI COM NAV INT CNT LOC STA PUR PHY ONL"
status
200
cache-control
no-store, no-cache
content-type
application/x-javascript
content-length
172
jsEvent.js
celebrus.fbto.nl/5691/1583722582/XBW09WEA78JG/ 		2 KB
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://celebrus.fbto.nl/5691/1583722582/XBW09WEA78JG/jsEvent.js?z=0_0_979caf3278f44316ba6637af78a78275&y=2637!392158!1pK+et767E=!aa+b775=nrkwov=7x=+b7w=+b5014275b9215751272146y5+59=12z=12957+b04151=1ca275755+01550D2159572751242=+a92157=9f3c75tz5+794a66ba8f273142778a7a638af7=5+ht1:tps
Requested by
Host: celebrus.fbto.nl
URL: https://celebrus.fbto.nl/fbto_aws/insert/JavascriptInsert.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.63.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-63-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
73286222477580974436ac7d638635b4b504a4b2ef700b683f2313438ee35f37
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://inloggen.fbto.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jun 2020 09:39:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NON ADMo DEVo PSAo PSDo IVAo IVDo OUR IND UNI COM NAV INT CNT LOC STA PUR PHY ONL"
status
200
cache-control
no-store, no-cache
content-type
application/x-javascript
content-length
172

Verdicts & Comments Add Verdict or Comment

165 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate undefined| fbtostprofile string| _stVersion function| _st object| _stq object| _stTracker object| pars2 number| j boolean| checkURLParameters object| _stCookiePopup function| optin function| anonymize function| optout function| loadCelebrus_Prod function| loadCelebrus_Acc object| body object| head string| GoogleAnalyticsObject function| ga object| lookupTable object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| google_tag_manager object| google_optimize function| fbtoCSAsessionShutdownPeriodExceeded function| fbtoCSAperiodicAssessShutdownState boolean| fbtoCSAGL function| fbtoCSAGo function| fbtoCSAsessionset function| fbtoCSApersisted function| fbtoCSAlegacyset function| fbtoCSAkeyset function| fbtoCSADBIDset function| fbtoCSAuvt function| fbtoCSAsetShutdown string| fbtoCSAcompatVersion string| fbtoCSApacketVersion string| fbtoCSAuseCorsForInitialRequest string| fbtoCSAuseJsonFormatForInitialCorsRequest object| CelebrusDataPrivacy function| fbtoCSApPO function| fbtoCSAoptOut function| fbtoCSAoptIn function| fbtoCSAanonymous object| fbtoCSApendingManualEvents object| fbtoCSAqueuedYoutubeReferences function| fbtoCSAevent function| fbtoCSAclick function| fbtoCSAtextchange function| fbtoCSAformsubmit function| fbtoCSASendJsonData function| fbtoCSAtrackYouTubeIframePlayer function| fbtoCSAinitialExecutionCanProceed function| fbtoCSAblockExecutionForInsertAlreadyPresent function| fbtoCSASL function| fbtoCSAsendScriptRequests function| fbtoCSAcookieAllowsScriptToProceed function| fbtoCSASC function| fbtoCSAfindCookieVal function| fbtoCSAdeleteLegacyCookies function| fbtoCSAdoDeleteCookie boolean| fbtoCSALF string| fbtoCSATCP string| fbtoCSASSL function| fbtoCSAgPr function| fbtoCSAclearStoppedState function| fbtoCSAstop function| fbtoCSAgenerateUUID object| fbtoCSAcookieList function| fbtoCSAgC function| fbtoCSAae function| fbtoCSAclient_event function| fbtoCSAGP function| fbtoCSAGPWID function| fbtoCSAexecuteJsonResponse function| fbtoCSAdynamicCreateScript function| fbtoCSALC string| fbtoCSATWID function| fbtoCSAresetCSA function| fbtoCSAdoReInit function| fbtoCSAexecuteReInitNow function| fbtoCSAtmoPoll boolean| fbtoCSAjsInsertAlreadyLoaded function| fbtoCSAgetSD string| fbtoCSAappSessionObject string| fbtoCSAwindowID number| fbtoCSATm object| fbtoCSAsImgArr object| fbtoCSARTEHandler undefined| fbtoCSAisReinit number| fbtoCSAwid number| fbtoCSAsn number| fbtoCSAcfg number| fbtoCSAln string| fbtoCSAgetInputs string| fbtoCSAmultiAttribJsRules string| fbtoCSAjsRules string| fbtoCSAmetaTagRules string| fbtoCSAcontentRules string| fbtoCSAregExRules string| fbtoCSAfbRules string| fbtoCSAgpRules string| fbtoCSAtwRules string| fbtoCSAsvId string| fbtoCSAexceptionRules string| fbtoCSAdbId boolean| fbtoCSAlookups string| fbtoCSAcontentKey number| fbtoCSAidl number| fbtoCSAsST number| fbtoCSAmST boolean| fbtoCSAdoCapture boolean| fbtoCSAuSC string| fbtoCSAaCI boolean| fbtoCSAuseCors boolean| fbtoCSAuseJsonFormatRequest string| fbtoCSAoptOutStatus function| fbtoCSAfbtoCSAsessionset boolean| fbtoCSAqNI number| fbtoCSAdCBValTS number| fbtoCSAdCBVal object| varList object| fbtoCSAContentIdArray function| fbtoCSAiBd function| fbtoCSABd boolean| fbtoCSAoTP object| fbtoCSAoWA number| fbtoCSAwI boolean| fbtoCSAsWO function| fbtoCSAjsSHA function| fbtoCSAdoCelebrusInsertInvocation number| fbtoCSAlstActv boolean| fbtoCSAnavSent function| fbtoCSAgetConfig function| fbtoCSAsessionStorageEnabled function| fbtoCSAdeleteSessionCookie function| fbtoCSAvariableStateChange string| fbtoCSAcheckVariableCaptureTimeout string| fbtoCSAperiodicContentRuleCheckTimeout object| fbtoCSAiAy function| fbtoCSAeQI function| fbtoCSAdCB function| fbtoCSAflushEvents function| fbtoCSApollForReset function| fbtoCSAdoResetCSA function| fbtoCSAstopEvents function| fbtoCSAmediaEvent function| fbtoCSAtwitterAnywhereTweet function| fbtoCSAgplusAuthResponse function| fbtoCSAplusOne function| fbtoCSAlinkedInShare function| fbtoCSAcOP function| fbtoCSAqueueUserEvent function| fbtoCSAflashEvent function| fbtoCSAreportContentAction function| fbtoCSAgHW boolean| fbtoCSAcfgAlreadyDirectedHandlerUse object| fbtoCSAsACW function| onYouTubePlayerReady number| fbtoCSAisReady object| fbtoCSAtargetElement

7 Cookies

Domain/Path Name / Value
.inloggen.fbto.nl/ Name: TS011d985d
Value: 012e411f238e161960ddeb1fcb969aac9ff12efcc92479107c53b2a0e4da7f8295943804e85ffef61b8d8aaf23a43cd83f1999d60e9c224b53230732682f27ce200834ed44
.fbto.nl/ Name: _gid
Value: GA1.2.342155394.1592127560
.fbto.nl/ Name: fbtoCSAsession
Value: 158372667_1592127560254_1592127560369_5691_979caf3278f44316ba6637af78a78275
.fbto.nl/ Name: _ga
Value: GA1.2.1261790502.1592127560
.fbto.nl/ Name: fbtoCSApersisted
Value: 0_0_____
.fbto.nl/ Name: _svs
Value: %7B%22v%22%3A1%7D
inloggen.fbto.nl/adfs/ls Name: _stCookieTest
Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

celebrus.fbto.nl
inloggen.fbto.nl
mijn.fbto.nl
tdn.r42tag.com
www.google-analytics.com
13.225.87.116
2a00:1450:4001:81b::200e
2a04:b0c0:d::91db:a41
2a04:b0c0:d::91db:e85
52.19.63.112
11e689b83d12130fa496707eae13330a4befdc76b58a2db4d72e5e21f5362b75
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
393bfd4235cb177b2a036a6f4db6ee299ccad60bd3cda946f45a9f3dad1da188
4319cb75db5143402c8266d0d114d3272498b0076fb31586898de91bed625e0e
4c653084a8bab718ebc26fd191bf84d95fac0e94aca4abeea799b5f6a333efd1
5206cf03013280ca8a39844129124746941876ead4ab4d5152e1aed3b6089876
594b5b77174314acd76a4affb2c90da49d64daca08ca8f86b74f2e697bbd9b5b
73286222477580974436ac7d638635b4b504a4b2ef700b683f2313438ee35f37
7ff5244537cca864f7b69c08f86efb9a7d8ca8917b98d7b5855a7129af02ecc5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e3df5ed255f1aa5527a5769b4f8780701ebe0cf652c637969a5d495f743f0e4
9782939c8321feea124e04c9e5671f9a8f2ac43124726616e486482138a6becd
b031e26235c31852873ef32b96b824c91430f1755cf044fd99fd2878ea66b7dd
ce990ee62c34cc6daef1b6563e010e635e781d3b2ed2960b19d3605ac1af5779
e54d9a9d7333e5b5e5820734139c0ea47a2739eb58bdc63d6e76b0b0fb8e384b
ed1bd967485462421951295c4fa20f8ef3697baa0b8aa0004e6e81ac380e525c
edf27b007f332f4ecba1daad6e1d469159064a0bf21ad1e6d395b840647554fb
fcf04e03e20cbc52d02a28b8e08582a9132215bfd7c381365fa6793d2e043f18
fdab2dd8852cf22d6adb260f5226d18e72518a0e99fb49a23b861aee733df4b8