urlscan.io logo urlscan.io
SecurityTrails logo

dubbel16.nl Open in urlscan Pro
2a01:7c8:eb:0:95:170:70:28  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sites.ziftsolutions.com/cisco.ziftsolutions.com/ff80818155cb9e5b0155d9bc34ae2a6a?cid=ff8081816385befc01639383f9e82fc1&ur...
Effective URL: https://dubbel16.nl/geAMsds/4866e630a403f65/
Submission: On July 25 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 2 domains to perform 23 HTTP transactions. The main IP is 2a01:7c8:eb:0:95:170:70:28, located in Netherlands and belongs to TRANSIP-AS Amsterdam, the Netherlands, NL. The main domain is dubbel16.nl.
TLS certificate: Issued by R3 on July 20th 2021. Valid for: 3 months.
This is the only time dubbel16.nl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 143.204.98.120 16509 (AMAZON-02)
1 13.224.111.84 16509 (AMAZON-02)
3 143.204.98.70 16509 (AMAZON-02)
1 35.175.165.80 14618 (AMAZON-AES)
1 13.224.111.105 16509 (AMAZON-02)
2 54.157.80.110 14618 (AMAZON-AES)
3 16 2a01:7c8:eb:0... 20857 (TRANSIP-A...)
23 8
1    143.204.98.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-120.fra50.r.cloudfront.net
sites.ziftsolutions.com
1    13.224.111.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-111-84.mad50.r.cloudfront.net
widgets.ziftsolutions.com
3    143.204.98.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-70.fra50.r.cloudfront.net
static.ziftsolutions.com
1    35.175.165.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-175-165-80.compute-1.amazonaws.com
cisco.ziftsolutions.com
1    13.224.111.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-111-105.mad50.r.cloudfront.net
dynamic.ziftsolutions.com
2    54.157.80.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-80-110.compute-1.amazonaws.com
analytics.ziftsolutions.com
16    2a01:7c8:eb:0:95:170:70:28 (Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
www.dubbel16.nl
dubbel16.nl
Domain Requested by
15 dubbel16.nl 2 redirects sites.ziftsolutions.com
dubbel16.nl
3 static.ziftsolutions.com widgets.ziftsolutions.com
2 analytics.ziftsolutions.com static.ziftsolutions.com
1 www.dubbel16.nl 1 redirects
1 dynamic.ziftsolutions.com widgets.ziftsolutions.com
1 cisco.ziftsolutions.com widgets.ziftsolutions.com
1 widgets.ziftsolutions.com sites.ziftsolutions.com
1 sites.ziftsolutions.com
23 8

This site contains no links.

Subject Issuer Validity Valid
ziftsolutions.com
Amazon		 2021-07-01 -
2022-07-30		 a year crt.sh
*.dubbel16.nl
R3		 2021-07-20 -
2021-10-18		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://dubbel16.nl/geAMsds/4866e630a403f65/
Frame ID: E79FF12126511FB7EC7A5DA037429A7B
Requests: 22 HTTP requests in this frame

Frame: https://dubbel16.nl/geAMsds/assets/prefetch.html
Frame ID: CF5BCF6C1577BCB9F36E487016EC5269
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://sites.ziftsolutions.com/cisco.ziftsolutions.com/ff80818155cb9e5b0155d9bc34ae2a6a?cid=ff8081816385bef... Page URL
  2. https://www.dubbel16.nl/geAMsds HTTP 301
    http://dubbel16.nl/geAMsds/ HTTP 301
    https://dubbel16.nl/geAMsds/ HTTP 302
    https://dubbel16.nl/geAMsds/4866e630a403f65/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i

Page Statistics

23
Requests

96 %
HTTPS

14 %
IPv6

2
Domains

8
Subdomains

8
IPs

2
Countries

782 kB
Transfer

672 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sites.ziftsolutions.com/cisco.ziftsolutions.com/ff80818155cb9e5b0155d9bc34ae2a6a?cid=ff8081816385befc01639383f9e82fc1&url=https%3A%2F%2Fwww.dubbel16.nl%2FgeAMsds Page URL
  2. https://www.dubbel16.nl/geAMsds HTTP 301
    http://dubbel16.nl/geAMsds/ HTTP 301
    https://dubbel16.nl/geAMsds/ HTTP 302
    https://dubbel16.nl/geAMsds/4866e630a403f65/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ff80818155cb9e5b0155d9bc34ae2a6a
sites.ziftsolutions.com/cisco.ziftsolutions.com/ 		542 B
933 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sites.ziftsolutions.com/cisco.ziftsolutions.com/ff80818155cb9e5b0155d9bc34ae2a6a?cid=ff8081816385befc01639383f9e82fc1&url=https%3A%2F%2Fwww.dubbel16.nl%2FgeAMsds
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-120.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
743c0c95f18dcb4ce4b59db52c8130d47b9cb8804c78e518b0638c2456d8d65f

Request headers

:method
GET
:authority
sites.ziftsolutions.com
:scheme
https
:path
/cisco.ziftsolutions.com/ff80818155cb9e5b0155d9bc34ae2a6a?cid=ff8081816385befc01639383f9e82fc1&url=https%3A%2F%2Fwww.dubbel16.nl%2FgeAMsds
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html;charset=UTF-8
content-length
542
last-modified
Thu, 12 Apr 2018 23:17:39 GMT
x-amz-meta-channel-marketing-service
Zift Solutions
accept-ranges
bytes
server
AmazonS3
date
Sun, 25 Jul 2021 17:39:47 GMT
cache-control
no-cache
etag
"4928423ef2742499933b5c9b7aa59ff1"
x-cache
RefreshHit from cloudfront
via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
-JiVueOMj3eYwK5IBHExR5v_CmBSJL5dXrQyqQBp3UbD-ohWkNPZkA==
ff80818155cb9e5b0155d9bc34ae2a6a
widgets.ziftsolutions.com/cisco.ziftsolutions.com/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.ziftsolutions.com/cisco.ziftsolutions.com/js/ff80818155cb9e5b0155d9bc34ae2a6a
Requested by
Host: sites.ziftsolutions.com
URL: https://sites.ziftsolutions.com/cisco.ziftsolutions.com/ff80818155cb9e5b0155d9bc34ae2a6a?cid=ff8081816385befc01639383f9e82fc1&url=https%3A%2F%2Fwww.dubbel16.nl%2FgeAMsds
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.111.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-84.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
218e54287719754c522cb29718424e2d167555f34f43c059ad9a58eb7cdec74e

Request headers

Referer
https://sites.ziftsolutions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 17:39:47 GMT
content-encoding
gzip
last-modified
Tue, 26 Feb 2019 07:08:45 GMT
server
AmazonS3
x-amz-meta-channel-marketing-service
Zift Solutions
etag
W/"5353fa452dfebfe100812424c4b8ee33"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 315f537a0be356b37267f2ae21a5363d.cloudfront.net (CloudFront)
cache-control
no-cache
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
2KC9hkSNfg0f4UQcbizZ6nhaJxIrUwznsooWgmYvV04I00SM66OgPw==
zpanel_20170605.js
static.ziftsolutions.com/widgets/js/ 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ziftsolutions.com/widgets/js/zpanel_20170605.js
Requested by
Host: widgets.ziftsolutions.com
URL: https://widgets.ziftsolutions.com/cisco.ziftsolutions.com/js/ff80818155cb9e5b0155d9bc34ae2a6a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9ecd8dea1d12cb88d51df4fb8b88115460220c90d0d30d79b116d4d2bc7558f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src 'self' ziftsolutions.ccindex.cn *.ziftsolutions.com *.staging.ziftone.com *.ziftone.com *.google-analytics.com blob: ; img-src 'self' http: https: ziftsolutions.ccindex.cn *.ziftsolutions.com s3.amazonaws.com *.google-analytics.com data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: checkout.stripe.com *.ziftsolutions.com *.ziftone.com *.getbee.io *.googleapis.com *.google-analytics.com *.zdassets.com *.googletagmanager.com *.google.com *.pendo.io browser-update.org static.zdassets.com s3.amazonaws.com *.zopim.com *.churnzero.net *.marketo.com data: ; connect-src 'self' https: ziftsolutions.ccindex.cn *.ziftsolutions.com *.ziftone.com *.zift123.com *.zendesk.com *.zdassets.com *.zopim.com wss://widget-mediator.zopim.com *.churnzero.net *.getbee.io *.google-analytics.com data: ; style-src 'self' 'unsafe-inline' https: ; font-src 'self' https: data:; media-src 'self' https: ziftsolutions.ccindex.cn *.ziftsolutions.com *.zift123.com *.ziftone.com *.looker.com *.ziftmarcom.com *.lenovo.com; object-src 'self' https: *.ziftsolutions.com *.ziftsolutions.com *.zift123.com *.ziftone.com *.looker.com *.ziftmarcom.com; frame-src 'self' https: *.onserro.com *.onserrodemo.com ziftsolutions.ccindex.cn *.ziftsolutions.com *.zift123.com *.staging.ziftone.com *.ziftone.com *.looker.com *.ziftmarcom.com *.getbee.io *.getbee.com; frame-ancestors 'self' https: *.onserro.com *.onserrodemo.com ziftsolutions.ccindex.cn *.ziftsolutions.com *.zift123.com *.ziftone.com *.looker.com *.ziftmarcom.com;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sites.ziftsolutions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 17:39:48 GMT
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-request-id
ZXPE8DCRFKTN9HSJ
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
16897
x-amz-id-2
GG1/uPPyO80XeGkr+l9gMb3K/2zzjNGE6rlQFf+Kk+tCKdTjm8JLRnqGbkLESAfk3FSGg4M78s8=
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 05 Jun 2017 19:07:22 GMT
server
AmazonS3
etag
"e702914e529bdff988825715f0ca934d"
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-amz-version-id
SpKjys_W6tPucqmJuYIu1HylehNqAJqJ
x-xss-protection
1; mode=block
x-robots-tag
noindex
content-security-policy
upgrade-insecure-requests; default-src 'self' ziftsolutions.ccindex.cn *.ziftsolutions.com *.staging.ziftone.com *.ziftone.com *.google-analytics.com blob: ; img-src 'self' http: https: ziftsolutions.ccindex.cn *.ziftsolutions.com s3.amazonaws.com *.google-analytics.com data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: checkout.stripe.com *.ziftsolutions.com *.ziftone.com *.getbee.io *.googleapis.com *.google-analytics.com *.zdassets.com *.googletagmanager.com *.google.com *.pendo.io browser-update.org static.zdassets.com s3.amazonaws.com *.zopim.com *.churnzero.net *.marketo.com data: ; connect-src 'self' https: ziftsolutions.ccindex.cn *.ziftsolutions.com *.ziftone.com *.zift123.com *.zendesk.com *.zdassets.com *.zopim.com wss://widget-mediator.zopim.com *.churnzero.net *.getbee.io *.google-analytics.com data: ; style-src 'self' 'unsafe-inline' https: ; font-src 'self' https: data:; media-src 'self' https: ziftsolutions.ccindex.cn *.ziftsolutions.com *.zift123.com *.ziftone.com *.looker.com *.ziftmarcom.com *.lenovo.com; object-src 'self' https: *.ziftsolutions.com *.ziftsolutions.com *.zift123.com *.ziftone.com *.looker.com *.ziftmarcom.com; frame-src 'self' https: *.onserro.com *.onserrodemo.com ziftsolutions.ccindex.cn *.ziftsolutions.com *.zift123.com *.staging.ziftone.com *.ziftone.com *.looker.com *.ziftmarcom.com *.getbee.io *.getbee.com; frame-ancestors 'self' https: *.onserro.com *.onserrodemo.com ziftsolutions.ccindex.cn *.ziftsolutions.com *.zift123.com *.ziftone.com *.looker.com *.ziftmarcom.com;
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
text/javascript
x-amz-cf-id
zUM3ChFYYwmry_XLk4gnlKo738y9p7gFePqtEsB44V1ysFuJEsYE2g==
zsizzle.20110528.js
static.ziftsolutions.com/widgets/js/ 		21 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ziftsolutions.com/widgets/js/zsizzle.20110528.js
Requested by
Host: widgets.ziftsolutions.com
URL: https://widgets.ziftsolutions.com/cisco.ziftsolutions.com/js/ff80818155cb9e5b0155d9bc34ae2a6a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f29b9469f49eec6610c10039e8a7a82535979f35bef16085894a858e289daefb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src 'self' ziftsolutions.ccindex.cn *.ziftsolutions.com *.staging.ziftone.com *.ziftone.com *.google-analytics.com blob: ; img-src 'self' http: https: ziftsolutions.ccindex.cn *.ziftsolutions.com s3.amazonaws.com *.google-analytics.com data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: checkout.stripe.com *.ziftsolutions.com *.ziftone.com *.getbee.io *.googleapis.com *.google-analytics.com *.zdassets.com *.googletagmanager.com *.google.com *.pendo.io browser-update.org static.zdassets.com s3.amazonaws.com *.zopim.com *.churnzero.net *.marketo.com data: ; connect-src 'self' https: ziftsolutions.ccindex.cn *.ziftsolutions.com *.ziftone.com *.zift123.com *.zendesk.com *.zdassets.com *.zopim.com wss://widget-mediator.zopim.com *.churnzero.net *.getbee.io *.google-analytics.com data: ; style-src 'self' 'unsafe-inline' https: ; font-src 'self' https: data:; media-src 'self' https: ziftsolutions.ccindex.cn *.ziftsolutions.com *.zift123.com *.ziftone.com *.looker.com *.ziftmarcom.com *.lenovo.com; object-src 'self' https: *.ziftsolutions.com *.ziftsolutions.com *.zift123.com *.ziftone.com *.looker.com *.ziftmarcom.com; frame-src 'self' https: *.onserro.com *.onserrodemo.com ziftsolutions.ccindex.cn *.ziftsolutions.com *.zift123.com *.staging.ziftone.com *.ziftone.com *.looker.com *.ziftmarcom.com *.getbee.io *.getbee.com; frame-ancestors 'self' https: *.onserro.com *.onserrodemo.com ziftsolutions.ccindex.cn *.ziftsolutions.com *.zift123.com *.ziftone.com *.looker.com *.ziftmarcom.com;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sites.ziftsolutions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 17:39:48 GMT
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-request-id
ZXP2K2EXPMEQ80Y2
x-cache
Miss from cloudfront
vary
Accept-Encoding
content-length
21218
x-amz-id-2
BvqUY6byo8/XcBPXPMCGnsyX4NPs3M7hJ7SN+/uJQjIpZxBTvc9qcb7oTjmRY4ahSvmoQWlRNXw=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 11 Jul 2012 14:24:12 GMT
server
AmazonS3
etag
"467c29db2b0d4c4aeceda23afdbb7c93"
x-robots-tag
noindex
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-amz-version-id
null
x-xss-protection
1; mode=block
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests; default-src 'self' ziftsolutions.ccindex.cn *.ziftsolutions.com *.staging.ziftone.com *.ziftone.com *.google-analytics.com blob: ; img-src 'self' http: https: ziftsolutions.ccindex.cn *.ziftsolutions.com s3.amazonaws.com *.google-analytics.com data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: checkout.stripe.com *.ziftsolutions.com *.ziftone.com *.getbee.io *.googleapis.com *.google-analytics.com *.zdassets.com *.googletagmanager.com *.google.com *.pendo.io browser-update.org static.zdassets.com s3.amazonaws.com *.zopim.com *.churnzero.net *.marketo.com data: ; connect-src 'self' https: ziftsolutions.ccindex.cn *.ziftsolutions.com *.ziftone.com *.zift123.com *.zendesk.com *.zdassets.com *.zopim.com wss://widget-mediator.zopim.com *.churnzero.net *.getbee.io *.google-analytics.com data: ; style-src 'self' 'unsafe-inline' https: ; font-src 'self' https: data:; media-src 'self' https: ziftsolutions.ccindex.cn *.ziftsolutions.com *.zift123.com *.ziftone.com *.looker.com *.ziftmarcom.com *.lenovo.com; object-src 'self' https: *.ziftsolutions.com *.ziftsolutions.com *.zift123.com *.ziftone.com *.looker.com *.ziftmarcom.com; frame-src 'self' https: *.onserro.com *.onserrodemo.com ziftsolutions.ccindex.cn *.ziftsolutions.com *.zift123.com *.staging.ziftone.com *.ziftone.com *.looker.com *.ziftmarcom.com *.getbee.io *.getbee.com; frame-ancestors 'self' https: *.onserro.com *.onserrodemo.com ziftsolutions.ccindex.cn *.ziftsolutions.com *.zift123.com *.ziftone.com *.looker.com *.ziftmarcom.com;
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
text/javascript
x-amz-cf-id
YVuEgGhQlYPL9fwwN5i5HanPUXKXX3PcQpwzRR5SUIw62N4cFS8jng==
ztrack.20170214.js
static.ziftsolutions.com/widgets/js/ 		9 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ziftsolutions.com/widgets/js/ztrack.20170214.js
Requested by
Host: widgets.ziftsolutions.com
URL: https://widgets.ziftsolutions.com/cisco.ziftsolutions.com/js/ff80818155cb9e5b0155d9bc34ae2a6a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
701e16f9669e6ed4c0d367125e69fd7fe69d5ef04711d6d2cac9a29813f5858d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src 'self' ziftsolutions.ccindex.cn *.ziftsolutions.com *.staging.ziftone.com *.ziftone.com *.google-analytics.com blob: ; img-src 'self' http: https: ziftsolutions.ccindex.cn *.ziftsolutions.com s3.amazonaws.com *.google-analytics.com data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: checkout.stripe.com *.ziftsolutions.com *.ziftone.com *.getbee.io *.googleapis.com *.google-analytics.com *.zdassets.com *.googletagmanager.com *.google.com *.pendo.io browser-update.org static.zdassets.com s3.amazonaws.com *.zopim.com *.churnzero.net *.marketo.com data: ; connect-src 'self' https: ziftsolutions.ccindex.cn *.ziftsolutions.com *.ziftone.com *.zift123.com *.zendesk.com *.zdassets.com *.zopim.com wss://widget-mediator.zopim.com *.churnzero.net *.getbee.io *.google-analytics.com data: ; style-src 'self' 'unsafe-inline' https: ; font-src 'self' https: data:; media-src 'self' https: ziftsolutions.ccindex.cn *.ziftsolutions.com *.zift123.com *.ziftone.com *.looker.com *.ziftmarcom.com *.lenovo.com; object-src 'self' https: *.ziftsolutions.com *.ziftsolutions.com *.zift123.com *.ziftone.com *.looker.com *.ziftmarcom.com; frame-src 'self' https: *.onserro.com *.onserrodemo.com ziftsolutions.ccindex.cn *.ziftsolutions.com *.zift123.com *.staging.ziftone.com *.ziftone.com *.looker.com *.ziftmarcom.com *.getbee.io *.getbee.com; frame-ancestors 'self' https: *.onserro.com *.onserrodemo.com ziftsolutions.ccindex.cn *.ziftsolutions.com *.zift123.com *.ziftone.com *.looker.com *.ziftmarcom.com;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sites.ziftsolutions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 17:39:48 GMT
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-request-id
ZXP5C61QAZVZED4N
x-cache
Miss from cloudfront
vary
Accept-Encoding
content-length
9219
x-amz-id-2
WkTtbpKaS8/0lgRDL4AcxAB26yO4fG9Q94rKYMlynDpIAtlRd62bRS5FaoO8ZLLd2+3pjvI/4EM=
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Jun 2020 15:14:25 GMT
server
AmazonS3
etag
"b31a05b47a3838d46f0b68604e10e281"
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-amz-version-id
pPqmSY1OflGSw9oDacDeyFgh_iq6dfhZ
x-xss-protection
1; mode=block
x-robots-tag
noindex
content-security-policy
upgrade-insecure-requests; default-src 'self' ziftsolutions.ccindex.cn *.ziftsolutions.com *.staging.ziftone.com *.ziftone.com *.google-analytics.com blob: ; img-src 'self' http: https: ziftsolutions.ccindex.cn *.ziftsolutions.com s3.amazonaws.com *.google-analytics.com data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: checkout.stripe.com *.ziftsolutions.com *.ziftone.com *.getbee.io *.googleapis.com *.google-analytics.com *.zdassets.com *.googletagmanager.com *.google.com *.pendo.io browser-update.org static.zdassets.com s3.amazonaws.com *.zopim.com *.churnzero.net *.marketo.com data: ; connect-src 'self' https: ziftsolutions.ccindex.cn *.ziftsolutions.com *.ziftone.com *.zift123.com *.zendesk.com *.zdassets.com *.zopim.com wss://widget-mediator.zopim.com *.churnzero.net *.getbee.io *.google-analytics.com data: ; style-src 'self' 'unsafe-inline' https: ; font-src 'self' https: data:; media-src 'self' https: ziftsolutions.ccindex.cn *.ziftsolutions.com *.zift123.com *.ziftone.com *.looker.com *.ziftmarcom.com *.lenovo.com; object-src 'self' https: *.ziftsolutions.com *.ziftsolutions.com *.zift123.com *.ziftone.com *.looker.com *.ziftmarcom.com; frame-src 'self' https: *.onserro.com *.onserrodemo.com ziftsolutions.ccindex.cn *.ziftsolutions.com *.zift123.com *.staging.ziftone.com *.ziftone.com *.looker.com *.ziftmarcom.com *.getbee.io *.getbee.com; frame-ancestors 'self' https: *.onserro.com *.onserrodemo.com ziftsolutions.ccindex.cn *.ziftsolutions.com *.zift123.com *.ziftone.com *.looker.com *.ziftmarcom.com;
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
4rQuK2DYZsU4G-a-1n8M-g4mMvTqFqB9hnwLXLscSTKqsB4vbep2Nw==
v
cisco.ziftsolutions.com/uuid/ 		0
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cisco.ziftsolutions.com/uuid/v?s=https%3A%2F%2Fdynamic.ziftsolutions.com%2Fcisco.ziftsolutions.com%2F8abfca7a5260e1c7015268d14c716bb0%2F
Requested by
Host: widgets.ziftsolutions.com
URL: https://widgets.ziftsolutions.com/cisco.ziftsolutions.com/js/ff80818155cb9e5b0155d9bc34ae2a6a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.175.165.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-165-80.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sites.ziftsolutions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 17:39:47 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
server
Apache-Coyote/1.1
content-type
text/javascript;charset=ISO-8859-1
0
dynamic.ziftsolutions.com/8a0c5e3b4b61cb0f014b62d8b5de00a1/Default/ff80818155cb9e5b0155d9bc34ae2a6a/ 		317 B
706 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.ziftsolutions.com/8a0c5e3b4b61cb0f014b62d8b5de00a1/Default/ff80818155cb9e5b0155d9bc34ae2a6a/0
Requested by
Host: widgets.ziftsolutions.com
URL: https://widgets.ziftsolutions.com/cisco.ziftsolutions.com/js/ff80818155cb9e5b0155d9bc34ae2a6a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.111.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-105.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ff13ba51d3a8635d3242731c2b43b9bec775092e4cd021b71825acaf83364a6

Request headers

Referer
https://sites.ziftsolutions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 17:39:48 GMT
via
1.1 d8c266ed74a4ecc05eeffe79fa473f7e.cloudfront.net (CloudFront)
last-modified
Tue, 26 Feb 2019 07:08:45 GMT
server
AmazonS3
x-amz-meta-channel-marketing-service
Zift Solutions
etag
"3ba787e42ca1f8592aeab363713f4b04"
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
no-cache
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
content-length
317
x-amz-cf-id
goGUqYlKEidhArJ6DAlL_i-TExlphr1KRSB-bufyBbgmDtJV9BmC1g==
v
analytics.ziftsolutions.com/trk/ 		48 B
662 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.ziftsolutions.com/trk/v?id=ff80818155cb9e5b0155d9bc34ae2a6a&clid=8a12350747c4c06e0147c691962f772a&u=null&ekey=&p=8abfca7a5260e1c7015268d14c716bb0&uuid_holder=zt_zkBLSl8G&fr=true&refurl=
Requested by
Host: static.ziftsolutions.com
URL: https://static.ziftsolutions.com/widgets/js/ztrack.20170214.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.157.80.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-80-110.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer
https://sites.ziftsolutions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 17:39:47 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
server
Apache-Coyote/1.1
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
content-type
text/javascript;charset=ISO-8859-1
c
analytics.ziftsolutions.com/trk/ 		70 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.ziftsolutions.com/trk/c?id=ff80818155cb9e5b0155d9bc34ae2a6a&clid=8a12350747c4c06e0147c691962f772a&u=null&ekey=&p=8abfca7a5260e1c7015268d14c716bb0&uuid_holder=zt_zkBLSl8G&url=https%3A//www.dubbel16.nl/geAMsds&refurl=&random=0.3563238653561349
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.157.80.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-80-110.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer
https://sites.ziftsolutions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 17:39:47 GMT
server
Apache-Coyote/1.1
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
content-type
image/png;charset=UTF-8
Primary Request /
dubbel16.nl/geAMsds/4866e630a403f65/
Redirect Chain
  • https://www.dubbel16.nl/geAMsds
  • http://dubbel16.nl/geAMsds/
  • https://dubbel16.nl/geAMsds/
  • https://dubbel16.nl/geAMsds/4866e630a403f65/
203 KB
203 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dubbel16.nl/geAMsds/4866e630a403f65/
Requested by
Host: sites.ziftsolutions.com
URL: https://sites.ziftsolutions.com/cisco.ziftsolutions.com/ff80818155cb9e5b0155d9bc34ae2a6a?cid=ff8081816385befc01639383f9e82fc1&url=https%3A%2F%2Fwww.dubbel16.nl%2FgeAMsds
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:7c8:eb:0:95:170:70:28 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software
Apache /
Resource Hash
f68d1762e067c25b07eceed2203661ea4998bd3867ab50e0be054a1ce12633df

Request headers

Host
dubbel16.nl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PHPSESSID=d05c78176df625ce1d658974df89d389
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sites.ziftsolutions.com/cisco.ziftsolutions.com/ff80818155cb9e5b0155d9bc34ae2a6a?cid=ff8081816385befc01639383f9e82fc1&url=https%3A%2F%2Fwww.dubbel16.nl%2FgeAMsds

Response headers

Date
Sun, 25 Jul 2021 17:39:48 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
X-TransIP-Backend
web834
X-TransIP-Balancer
balancer1

Redirect headers

Date
Sun, 25 Jul 2021 17:39:47 GMT
Server
Apache
Set-Cookie
PHPSESSID=d05c78176df625ce1d658974df89d389; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
location
4866e630a403f65/
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
X-TransIP-Backend
web834
X-TransIP-Balancer
balancer1
v
analytics.ziftsolutions.com/trk/ 		0
0
/
dubbel16.nl/geAMsds/4866e630a403f65/ 		0
203 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dubbel16.nl/geAMsds/4866e630a403f65/
Requested by
Host: dubbel16.nl
URL: https://dubbel16.nl/geAMsds/4866e630a403f65/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:7c8:eb:0:95:170:70:28 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Purpose
prefetch
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
dubbel16.nl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://dubbel16.nl/geAMsds/4866e630a403f65/
Cookie
PHPSESSID=d05c78176df625ce1d658974df89d389
Connection
keep-alive
Referer
https://dubbel16.nl/geAMsds/4866e630a403f65/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Jul 2021 17:39:48 GMT
X-TransIP-Balancer
balancer0
X-TransIP-Backend
web834
Server
Apache
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Expires
Thu, 19 Nov 1981 08:52:00 GMT
ConvergedLogin_PCore_FZ20atAlhirHa_737xNftg2.js.download
dubbel16.nl/geAMsds/assets/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://dubbel16.nl/geAMsds/assets/ConvergedLogin_PCore_FZ20atAlhirHa_737xNftg2.js.download
Requested by
Host: dubbel16.nl
URL: https://dubbel16.nl/geAMsds/4866e630a403f65/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:7c8:eb:0:95:170:70:28 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://dubbel16.nl
Accept-Encoding
gzip, deflate, br
Host
dubbel16.nl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://dubbel16.nl/geAMsds/4866e630a403f65/
Cookie
PHPSESSID=d05c78176df625ce1d658974df89d389
Connection
keep-alive
Origin
https://dubbel16.nl
Referer
https://dubbel16.nl/geAMsds/4866e630a403f65/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 17:39:48 GMT
X-TransIP-Balancer
balancer1
X-TransIP-Backend
web834
Server
Apache
Content-Length
196
Content-Type
text/html; charset=iso-8859-1
logos.svg
dubbel16.nl/geAMsds/assets/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dubbel16.nl/geAMsds/assets/img/logos.svg
Requested by
Host: dubbel16.nl
URL: https://dubbel16.nl/geAMsds/4866e630a403f65/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:7c8:eb:0:95:170:70:28 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software
Apache /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
dubbel16.nl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://dubbel16.nl/geAMsds/4866e630a403f65/
Cookie
PHPSESSID=d05c78176df625ce1d658974df89d389
Connection
keep-alive
Referer
https://dubbel16.nl/geAMsds/4866e630a403f65/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 17:39:48 GMT
Origin
https://www.fbi.gov
Last-Modified
Fri, 23 Jul 2021 18:43:33 GMT
X_FORWARDED_FOR
104.16.77.187
X-Forwarded-Proto
https
Content-Length
3651
X-XSS-Protection
1; mode=block
Server
Apache
X-Content-Type
nosniff
X-TransIP-Balancer
balancer1
REMOTE_ADDR
104.16.77.187
X-TransIP-Backend
web834
X-Forwarded-Host
www.fbi.gov
Host
www.fbi.gov
ETag
"e43-5c7cec7d6ac7b"
Content-Type
image/svg+xml
Referer
https://www.fbi.gov
Accept-Ranges
bytes
sec.svg
dubbel16.nl/geAMsds/assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dubbel16.nl/geAMsds/assets/img/sec.svg
Requested by
Host: dubbel16.nl
URL: https://dubbel16.nl/geAMsds/4866e630a403f65/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:7c8:eb:0:95:170:70:28 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software
Apache /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
dubbel16.nl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://dubbel16.nl/geAMsds/4866e630a403f65/
Cookie
PHPSESSID=d05c78176df625ce1d658974df89d389
Connection
keep-alive
Referer
https://dubbel16.nl/geAMsds/4866e630a403f65/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 17:39:48 GMT
Origin
https://www.fbi.gov
Last-Modified
Fri, 23 Jul 2021 18:43:33 GMT
X_FORWARDED_FOR
104.16.77.187
X-Forwarded-Proto
https
Content-Length
1592
X-XSS-Protection
1; mode=block
Server
Apache
X-Content-Type
nosniff
X-TransIP-Balancer
balancer0
REMOTE_ADDR
104.16.77.187
X-TransIP-Backend
web834
X-Forwarded-Host
www.fbi.gov
Host
www.fbi.gov
ETag
"638-5c7cec7d6ac7b"
Content-Type
image/svg+xml
Referer
https://www.fbi.gov
Accept-Ranges
bytes
ConvergedLogin_PCore_FZ20atAlhirHa_737xNftg2.js.download
dubbel16.nl/geAMsds/assets/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://dubbel16.nl/geAMsds/assets/ConvergedLogin_PCore_FZ20atAlhirHa_737xNftg2.js.download
Requested by
Host: dubbel16.nl
URL: https://dubbel16.nl/geAMsds/4866e630a403f65/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:7c8:eb:0:95:170:70:28 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://dubbel16.nl
Accept-Encoding
gzip, deflate, br
Host
dubbel16.nl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://dubbel16.nl/geAMsds/4866e630a403f65/
Cookie
PHPSESSID=d05c78176df625ce1d658974df89d389
Connection
keep-alive
Origin
https://dubbel16.nl
Referer
https://dubbel16.nl/geAMsds/4866e630a403f65/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 17:39:48 GMT
X-TransIP-Balancer
balancer4
X-TransIP-Backend
web834
Server
Apache
Content-Length
196
Content-Type
text/html; charset=iso-8859-1
css.css
dubbel16.nl/geAMsds/assets/css/ 		0
105 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dubbel16.nl/geAMsds/assets/css/css.css
Requested by
Host: dubbel16.nl
URL: https://dubbel16.nl/geAMsds/4866e630a403f65/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:7c8:eb:0:95:170:70:28 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Purpose
prefetch
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
dubbel16.nl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://dubbel16.nl/geAMsds/4866e630a403f65/
Cookie
PHPSESSID=d05c78176df625ce1d658974df89d389
Connection
keep-alive
Referer
https://dubbel16.nl/geAMsds/4866e630a403f65/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 17:39:48 GMT
Origin
https://www.fbi.gov
Last-Modified
Fri, 23 Jul 2021 18:43:33 GMT
X_FORWARDED_FOR
104.16.77.187
X-Forwarded-Proto
https
Content-Length
107456
X-XSS-Protection
1; mode=block
Server
Apache
X-Content-Type
nosniff
X-TransIP-Balancer
balancer1
REMOTE_ADDR
104.16.77.187
X-TransIP-Backend
web834
X-Forwarded-Host
www.fbi.gov
Host
www.fbi.gov
ETag
"1a3c0-5c7cec7d6856b"
Content-Type
text/css
Referer
https://www.fbi.gov
Accept-Ranges
bytes
prefetch.html
dubbel16.nl/geAMsds/assets/ Frame CF5B 		196 B
399 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dubbel16.nl/geAMsds/assets/prefetch.html
Requested by
Host: dubbel16.nl
URL: https://dubbel16.nl/geAMsds/4866e630a403f65/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:7c8:eb:0:95:170:70:28 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software
Apache /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

Host
dubbel16.nl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://dubbel16.nl/geAMsds/4866e630a403f65/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PHPSESSID=d05c78176df625ce1d658974df89d389
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dubbel16.nl/geAMsds/4866e630a403f65/

Response headers

Date
Sun, 25 Jul 2021 17:39:48 GMT
Server
Apache
Content-Length
196
Content-Type
text/html; charset=iso-8859-1
X-TransIP-Backend
web834
X-TransIP-Balancer
balancer0
bk.svg
dubbel16.nl/geAMsds/assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dubbel16.nl/geAMsds/assets/img/bk.svg
Requested by
Host: dubbel16.nl
URL: https://dubbel16.nl/geAMsds/4866e630a403f65/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:7c8:eb:0:95:170:70:28 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software
Apache /
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
dubbel16.nl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://dubbel16.nl/geAMsds/4866e630a403f65/
Cookie
PHPSESSID=d05c78176df625ce1d658974df89d389
Connection
keep-alive
Referer
https://dubbel16.nl/geAMsds/4866e630a403f65/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 17:39:48 GMT
Origin
https://www.fbi.gov
Last-Modified
Fri, 23 Jul 2021 18:43:33 GMT
X_FORWARDED_FOR
104.16.77.187
X-Forwarded-Proto
https
Content-Length
1864
X-XSS-Protection
1; mode=block
Server
Apache
X-Content-Type
nosniff
X-TransIP-Balancer
balancer4
REMOTE_ADDR
104.16.77.187
X-TransIP-Backend
web834
X-Forwarded-Host
www.fbi.gov
Host
www.fbi.gov
ETag
"748-5c7cec7d6ac7b"
Content-Type
image/svg+xml
Referer
https://www.fbi.gov
Accept-Ranges
bytes
ConvergedLogin_PCore_FZ20atAlhirHa_737xNftg2.js.download
dubbel16.nl/geAMsds/assets/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://dubbel16.nl/geAMsds/assets/ConvergedLogin_PCore_FZ20atAlhirHa_737xNftg2.js.download
Requested by
Host: dubbel16.nl
URL: https://dubbel16.nl/geAMsds/4866e630a403f65/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:7c8:eb:0:95:170:70:28 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://dubbel16.nl
Accept-Encoding
gzip, deflate, br
Host
dubbel16.nl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://dubbel16.nl/geAMsds/4866e630a403f65/
Cookie
PHPSESSID=d05c78176df625ce1d658974df89d389
Connection
keep-alive
Origin
https://dubbel16.nl
Referer
https://dubbel16.nl/geAMsds/4866e630a403f65/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 17:39:48 GMT
X-TransIP-Balancer
balancer0
X-TransIP-Backend
web834
Server
Apache
Content-Length
196
Content-Type
text/html; charset=iso-8859-1
/
dubbel16.nl/geAMsds/4866e630a403f65/ 		0
203 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dubbel16.nl/geAMsds/4866e630a403f65/
Requested by
Host: dubbel16.nl
URL: https://dubbel16.nl/geAMsds/4866e630a403f65/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:7c8:eb:0:95:170:70:28 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Purpose
prefetch
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
dubbel16.nl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://dubbel16.nl/geAMsds/4866e630a403f65/
Cookie
PHPSESSID=d05c78176df625ce1d658974df89d389
Connection
keep-alive
Referer
https://dubbel16.nl/geAMsds/4866e630a403f65/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Jul 2021 17:39:48 GMT
X-TransIP-Balancer
balancer0
X-TransIP-Backend
web834
Server
Apache
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cookie set /
dubbel16.nl/geAMsds/4866e630a403f65/ 		203 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dubbel16.nl/geAMsds/4866e630a403f65/
Requested by
Host: dubbel16.nl
URL: https://dubbel16.nl/geAMsds/4866e630a403f65/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:7c8:eb:0:95:170:70:28 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
dubbel16.nl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://dubbel16.nl/geAMsds/4866e630a403f65/
Connection
keep-alive
Referer
https://dubbel16.nl/geAMsds/4866e630a403f65/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Jul 2021 17:39:53 GMT
X-TransIP-Balancer
balancer0
X-TransIP-Backend
web834
Server
Apache
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Set-Cookie
PHPSESSID=afeda01d5688400143709b0277235c76; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cookie set /
dubbel16.nl/geAMsds/4866e630a403f65/ 		203 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dubbel16.nl/geAMsds/4866e630a403f65/
Requested by
Host: dubbel16.nl
URL: https://dubbel16.nl/geAMsds/4866e630a403f65/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:7c8:eb:0:95:170:70:28 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
dubbel16.nl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://dubbel16.nl/geAMsds/4866e630a403f65/
Connection
keep-alive
Referer
https://dubbel16.nl/geAMsds/4866e630a403f65/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Jul 2021 17:39:53 GMT
X-TransIP-Balancer
balancer6
X-TransIP-Backend
web834
Server
Apache
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Set-Cookie
PHPSESSID=18221a0b079ef2cbb6dc2cbb57606557; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
analytics.ziftsolutions.com
URL
https://analytics.ziftsolutions.com/trk/v?id=ff80818155cb9e5b0155d9bc34ae2a6a&clid=8a12350747c4c06e0147c691962f772a&u=DEC0620247680BE6EADE&ekey=&p=8abfca7a5260e1c7015268d14c716bb0&uuid_holder=zt_zkBLSl8G&fr=true&duration=0.825&random=0.7879478738629551

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| $Debug object| $Do function| $Loader function| GetString function| GetErrorString function| GetUrl object| $B object| StringRepository object| PROOF boolean| __

1 Cookies

Domain/Path Name / Value
dubbel16.nl/ Name: PHPSESSID
Value: d05c78176df625ce1d658974df89d389