urlscan.io logo urlscan.io
SecurityTrails logo

inloggen.ikgaondernemen.com Open in urlscan Pro
168.119.9.241  Public Scan

Go To Rescan Add Verdict Report
URL: https://inloggen.ikgaondernemen.com/
Submission: On April 28 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 19 HTTP transactions. The main IP is 168.119.9.241, located in Germany and belongs to HETZNER-AS, DE. The main domain is inloggen.ikgaondernemen.com.
TLS certificate: Issued by R3 on February 26th 2021. Valid for: 3 months.
This is the only time inloggen.ikgaondernemen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 168.119.9.241 24940 (HETZNER-AS)
3 104.109.85.134 16625 (AKAMAI-AS)
1 2.18.235.40 16625 (AKAMAI-AS)
19 3
Domain Requested by
15 inloggen.ikgaondernemen.com inloggen.ikgaondernemen.com
2 s7.addthis.com inloggen.ikgaondernemen.com
s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 z.moatads.com s7.addthis.com
19 4

This site contains no links.

Subject Issuer Validity Valid
inloggen.ikgaondernemen.com
R3		 2021-02-26 -
2021-05-27		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-27		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://inloggen.ikgaondernemen.com/
Frame ID: CB585910155B412D5D2FA1F09725806A
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /mootools.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /swfobject.*\.js/i

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

731 kB
Transfer

967 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
inloggen.ikgaondernemen.com/ 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://inloggen.ikgaondernemen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.9.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
remindocontent.paragin.net
Software
/
Resource Hash
0385d4e5bbfc33b41c400795f3ce8cd17e0e3466e7633526bd24f784590bc928
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
inloggen.ikgaondernemen.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 22:03:42 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
identifier=fvk01906dfpj33ov3837vqqise; path=/; secure; HttpOnly; SameSite=None
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=31536000; includeSubDomains
color.php
inloggen.ikgaondernemen.com/resources/scripts/ 		87 KB
87 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://inloggen.ikgaondernemen.com/resources/scripts/color.php?css=combined.css
Requested by
Host: inloggen.ikgaondernemen.com
URL: https://inloggen.ikgaondernemen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.9.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
remindocontent.paragin.net
Software
/
Resource Hash
9faef6dc2877a223c8b627a11aedc198250f97f7a62890b9c13fa5b3de6405ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/resources/scripts/color.php?css=combined.css
pragma
no-cache
cookie
identifier=fvk01906dfpj33ov3837vqqise
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
inloggen.ikgaondernemen.com
referer
https://inloggen.ikgaondernemen.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://inloggen.ikgaondernemen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 22:03:42 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css;charset=UTF-8
swfobject.js
inloggen.ikgaondernemen.com/resources/javascripts/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inloggen.ikgaondernemen.com/resources/javascripts/swfobject.js
Requested by
Host: inloggen.ikgaondernemen.com
URL: https://inloggen.ikgaondernemen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.9.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
remindocontent.paragin.net
Software
/
Resource Hash
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/resources/javascripts/swfobject.js
pragma
no-cache
cookie
identifier=fvk01906dfpj33ov3837vqqise
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
inloggen.ikgaondernemen.com
referer
https://inloggen.ikgaondernemen.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://inloggen.ikgaondernemen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 22:03:42 GMT
x-content-type-options
nosniff
last-modified
Wed, 28 Oct 2020 11:03:41 GMT
etag
"27ec-5b2b91dbe054a"
x-frame-options
SAMEORIGIN
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
10220
mootools-core-1.4.0.js
inloggen.ikgaondernemen.com/resources/javascripts/ 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inloggen.ikgaondernemen.com/resources/javascripts/mootools-core-1.4.0.js
Requested by
Host: inloggen.ikgaondernemen.com
URL: https://inloggen.ikgaondernemen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.9.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
remindocontent.paragin.net
Software
/
Resource Hash
7d29ab5e069f3d90c545aee6a8b4f26bbb0a07e79524ac354761fcb69ad1a380
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/resources/javascripts/mootools-core-1.4.0.js
pragma
no-cache
cookie
identifier=fvk01906dfpj33ov3837vqqise
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
inloggen.ikgaondernemen.com
referer
https://inloggen.ikgaondernemen.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://inloggen.ikgaondernemen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 22:03:42 GMT
x-content-type-options
nosniff
last-modified
Wed, 28 Oct 2020 11:03:41 GMT
etag
"16d42-5b2b91dbe054a"
x-frame-options
SAMEORIGIN
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
93506
mootools-more-1.4.0.1.js
inloggen.ikgaondernemen.com/resources/javascripts/ 		43 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inloggen.ikgaondernemen.com/resources/javascripts/mootools-more-1.4.0.1.js
Requested by
Host: inloggen.ikgaondernemen.com
URL: https://inloggen.ikgaondernemen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.9.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
remindocontent.paragin.net
Software
/
Resource Hash
8c8fbfee928491bbeeddf4c694e7f00d0dff8ef5e35282000c98acd20104b1f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/resources/javascripts/mootools-more-1.4.0.1.js
pragma
no-cache
cookie
identifier=fvk01906dfpj33ov3837vqqise
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
inloggen.ikgaondernemen.com
referer
https://inloggen.ikgaondernemen.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://inloggen.ikgaondernemen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 22:03:42 GMT
x-content-type-options
nosniff
last-modified
Wed, 28 Oct 2020 11:03:41 GMT
etag
"ad79-5b2b91dbe054a"
x-frame-options
SAMEORIGIN
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
44409
global.js
inloggen.ikgaondernemen.com/resources/javascripts/ 		23 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inloggen.ikgaondernemen.com/resources/javascripts/global.js
Requested by
Host: inloggen.ikgaondernemen.com
URL: https://inloggen.ikgaondernemen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.9.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
remindocontent.paragin.net
Software
/
Resource Hash
b25cf88fe24e8c3159aeba8721a39bd567349ffbb2bdc83b6ff90f4c2f2c9264
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/resources/javascripts/global.js
pragma
no-cache
cookie
identifier=fvk01906dfpj33ov3837vqqise
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
inloggen.ikgaondernemen.com
referer
https://inloggen.ikgaondernemen.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://inloggen.ikgaondernemen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 22:03:42 GMT
x-content-type-options
nosniff
last-modified
Wed, 28 Oct 2020 11:03:41 GMT
etag
"5df4-5b2b91dbdf992"
x-frame-options
SAMEORIGIN
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
24052
logo_print.png
inloggen.ikgaondernemen.com/resources/images/layout/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inloggen.ikgaondernemen.com/resources/images/layout/logo_print.png
Requested by
Host: inloggen.ikgaondernemen.com
URL: https://inloggen.ikgaondernemen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.9.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
remindocontent.paragin.net
Software
/
Resource Hash
d028431b87a5a95667309aebe0b777cbba704f6bfa993164fe57eca2dae55cc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/resources/images/layout/logo_print.png
pragma
no-cache
cookie
identifier=fvk01906dfpj33ov3837vqqise
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
inloggen.ikgaondernemen.com
referer
https://inloggen.ikgaondernemen.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://inloggen.ikgaondernemen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 22:03:42 GMT
x-content-type-options
nosniff
last-modified
Wed, 28 Oct 2020 11:03:41 GMT
etag
"1ba0-5b2b91dbdf1c2"
x-frame-options
SAMEORIGIN
content-type
image/png
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
7072
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: inloggen.ikgaondernemen.com
URL: https://inloggen.ikgaondernemen.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-85-134.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://inloggen.ikgaondernemen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Wed, 28 Apr 2021 22:03:42 GMT
x-host
s7.addthis.com
content-length
116325
html.jpg
inloggen.ikgaondernemen.com/resources/images/layout/ 		295 KB
295 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inloggen.ikgaondernemen.com/resources/images/layout/html.jpg
Requested by
Host: inloggen.ikgaondernemen.com
URL: https://inloggen.ikgaondernemen.com/resources/scripts/color.php?css=combined.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.9.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
remindocontent.paragin.net
Software
/
Resource Hash
7f73b64716b07e42096e11029414c8eb97cfc585e8520ac44a33e7b5903c5b7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/resources/images/layout/html.jpg
pragma
no-cache
cookie
identifier=fvk01906dfpj33ov3837vqqise
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
inloggen.ikgaondernemen.com
referer
https://inloggen.ikgaondernemen.com/resources/scripts/color.php?css=combined.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://inloggen.ikgaondernemen.com/resources/scripts/color.php?css=combined.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 22:03:42 GMT
x-content-type-options
nosniff
last-modified
Wed, 28 Oct 2020 11:03:41 GMT
etag
"49aa9-5b2b91dbdf1c2"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
301737
body.png
inloggen.ikgaondernemen.com/resources/images/layout/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inloggen.ikgaondernemen.com/resources/images/layout/body.png
Requested by
Host: inloggen.ikgaondernemen.com
URL: https://inloggen.ikgaondernemen.com/resources/scripts/color.php?css=combined.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.9.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
remindocontent.paragin.net
Software
/
Resource Hash
9d71c6e35561b1a2bdbe819c4ba7a065792b2da690d8b0dde9b6e459f92ef651
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/resources/images/layout/body.png
pragma
no-cache
cookie
identifier=fvk01906dfpj33ov3837vqqise
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
inloggen.ikgaondernemen.com
referer
https://inloggen.ikgaondernemen.com/resources/scripts/color.php?css=combined.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://inloggen.ikgaondernemen.com/resources/scripts/color.php?css=combined.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 22:03:42 GMT
x-content-type-options
nosniff
last-modified
Wed, 28 Oct 2020 11:03:41 GMT
etag
"498-5b2b91dbde9f2"
x-frame-options
SAMEORIGIN
content-type
image/png
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
1176
header.png
inloggen.ikgaondernemen.com/resources/images/layout/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inloggen.ikgaondernemen.com/resources/images/layout/header.png
Requested by
Host: inloggen.ikgaondernemen.com
URL: https://inloggen.ikgaondernemen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.9.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
remindocontent.paragin.net
Software
/
Resource Hash
bb1ee967c73c11b34c51e82d38f1c9f3865076215c24af13cc2e6fb3a8a068ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/resources/images/layout/header.png
pragma
no-cache
cookie
identifier=fvk01906dfpj33ov3837vqqise
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
inloggen.ikgaondernemen.com
referer
https://inloggen.ikgaondernemen.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://inloggen.ikgaondernemen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 22:03:42 GMT
x-content-type-options
nosniff
last-modified
Wed, 28 Oct 2020 11:03:41 GMT
etag
"9b47-5b2b91dbdedda"
x-frame-options
SAMEORIGIN
content-type
image/png
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
39751
topheader_wide.png
inloggen.ikgaondernemen.com/resources/images/layout/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inloggen.ikgaondernemen.com/resources/images/layout/topheader_wide.png
Requested by
Host: inloggen.ikgaondernemen.com
URL: https://inloggen.ikgaondernemen.com/resources/scripts/color.php?css=combined.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.9.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
remindocontent.paragin.net
Software
/
Resource Hash
c19d5cadda4d21985752607a6c7d6a41f25426931f7c9fdb682ec847688cfcad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/resources/images/layout/topheader_wide.png
pragma
no-cache
cookie
identifier=fvk01906dfpj33ov3837vqqise
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
inloggen.ikgaondernemen.com
referer
https://inloggen.ikgaondernemen.com/resources/scripts/color.php?css=combined.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://inloggen.ikgaondernemen.com/resources/scripts/color.php?css=combined.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 22:03:42 GMT
x-content-type-options
nosniff
last-modified
Wed, 28 Oct 2020 11:03:41 GMT
etag
"56d-5b2b91dbdf1c2"
x-frame-options
SAMEORIGIN
content-type
image/png
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
1389
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
https://inloggen.ikgaondernemen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 22:03:42 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=52288
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
content_wide.png
inloggen.ikgaondernemen.com/resources/images/layout/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inloggen.ikgaondernemen.com/resources/images/layout/content_wide.png
Requested by
Host: inloggen.ikgaondernemen.com
URL: https://inloggen.ikgaondernemen.com/resources/scripts/color.php?css=combined.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.9.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
remindocontent.paragin.net
Software
/
Resource Hash
558965d8881cbab98fe071cc6a61eefff266f09e056661d7138b4abb442c2aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/resources/images/layout/content_wide.png
pragma
no-cache
cookie
identifier=fvk01906dfpj33ov3837vqqise
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
inloggen.ikgaondernemen.com
referer
https://inloggen.ikgaondernemen.com/resources/scripts/color.php?css=combined.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://inloggen.ikgaondernemen.com/resources/scripts/color.php?css=combined.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 22:03:42 GMT
x-content-type-options
nosniff
last-modified
Wed, 28 Oct 2020 11:03:41 GMT
etag
"5d8-5b2b91dbdedda"
x-frame-options
SAMEORIGIN
content-type
image/png
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
1496
formshadow.png
inloggen.ikgaondernemen.com/resources/images/styles/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inloggen.ikgaondernemen.com/resources/images/styles/formshadow.png
Requested by
Host: inloggen.ikgaondernemen.com
URL: https://inloggen.ikgaondernemen.com/resources/scripts/color.php?css=combined.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.9.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
remindocontent.paragin.net
Software
/
Resource Hash
c210b92f06524a834564593b952f14c491983b2e57a55886ff1470dcb35f6975
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/resources/images/styles/formshadow.png
pragma
no-cache
cookie
identifier=fvk01906dfpj33ov3837vqqise
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
inloggen.ikgaondernemen.com
referer
https://inloggen.ikgaondernemen.com/resources/scripts/color.php?css=combined.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://inloggen.ikgaondernemen.com/resources/scripts/color.php?css=combined.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 22:03:42 GMT
x-content-type-options
nosniff
last-modified
Wed, 28 Oct 2020 11:03:41 GMT
etag
"459-5b2b91dbdf1c2"
x-frame-options
SAMEORIGIN
content-type
image/png
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
1113
frmtext_bg.gif
inloggen.ikgaondernemen.com/resources/images/layout/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inloggen.ikgaondernemen.com/resources/images/layout/frmtext_bg.gif
Requested by
Host: inloggen.ikgaondernemen.com
URL: https://inloggen.ikgaondernemen.com/resources/scripts/color.php?css=combined.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.9.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
remindocontent.paragin.net
Software
/
Resource Hash
56ecbb132db4ff4ec7ee6f37cac1591723e69087dcc611e7ef6c40d8618d65c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/resources/images/layout/frmtext_bg.gif
pragma
no-cache
cookie
identifier=fvk01906dfpj33ov3837vqqise
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
inloggen.ikgaondernemen.com
referer
https://inloggen.ikgaondernemen.com/resources/scripts/color.php?css=combined.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://inloggen.ikgaondernemen.com/resources/scripts/color.php?css=combined.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 22:03:42 GMT
x-content-type-options
nosniff
last-modified
Wed, 28 Oct 2020 11:03:41 GMT
etag
"65c-5b2b91dbdedda"
x-frame-options
SAMEORIGIN
content-type
image/gif
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
1628
content_bottom_wide.png
inloggen.ikgaondernemen.com/resources/images/layout/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inloggen.ikgaondernemen.com/resources/images/layout/content_bottom_wide.png
Requested by
Host: inloggen.ikgaondernemen.com
URL: https://inloggen.ikgaondernemen.com/resources/scripts/color.php?css=combined.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.9.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
remindocontent.paragin.net
Software
/
Resource Hash
98f612acb81e1496e4174d3c60ac817743f0b1a53cb4f788813a3ae030ae94ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/resources/images/layout/content_bottom_wide.png
pragma
no-cache
cookie
identifier=fvk01906dfpj33ov3837vqqise
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
inloggen.ikgaondernemen.com
referer
https://inloggen.ikgaondernemen.com/resources/scripts/color.php?css=combined.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://inloggen.ikgaondernemen.com/resources/scripts/color.php?css=combined.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 22:03:42 GMT
x-content-type-options
nosniff
last-modified
Wed, 28 Oct 2020 11:03:41 GMT
etag
"5d9-5b2b91dbdedda"
x-frame-options
SAMEORIGIN
content-type
image/png
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
1497
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-513d84155936d4ab/ 		27 B
207 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-513d84155936d4ab/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-85-134.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836

Request headers

Referer
https://inloggen.ikgaondernemen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 22:03:42 GMT
content-encoding
gzip
content-disposition
attachment; filename=1.txt
cache-control
public, max-age=60, s-maxage=86400
content-length
47
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
client.nl.min.json
s7.addthis.com/l10n/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/l10n/client.nl.min.json
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-85-134.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
f0b48856c4c8e5bbea338319fd8cde2204587ea067ab557ca8baf1a9f0b81407
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://inloggen.ikgaondernemen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Tue, 10 Sep 2019 15:15:17 GMT
server
nginx/1.15.8
etag
W/"5d77be05-e18"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, s-maxage=604800
date
Wed, 28 Apr 2021 22:03:42 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
1720

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| swfobject function| $pick function| $try function| IFrame function| Elements object| contains function| injectCombinator function| Cookie object| MooTools function| typeOf function| instanceOf function| Type function| Hash function| Native function| $A function| $arguments function| $chk function| $clear function| $defined function| $each function| $empty function| $extend function| $H function| $merge function| $lambda function| $mixin function| $random function| $splat function| $time function| $type function| $unlink function| $uid number| uid object| Browser function| $constructor function| $family function| $exec function| DOMEvent function| Class function| Chain function| Events function| Options object| Slick function| $ function| getDocument function| getWindow object| Selectors function| $$ function| addListener function| removeListener function| retrieve function| store function| eliminate function| addEvent function| removeEvent function| addEvents function| removeEvents function| fireEvent function| cloneEvents function| getSize function| getScroll function| getScrollSize function| getPosition function| getCoordinates function| getHeight function| getWidth function| getScrollTop function| getScrollLeft function| getScrollHeight function| getScrollWidth function| getTop function| getLeft function| Fx function| Swiff function| Drag function| Sortables object| Asset function| URI function| Tips string| site_base object| indexparent object| uploadFields boolean| canFlashUpload function| get_header_id function| openOrCloseElement function| attach_toggle_next_event function| bgpicker function| toggle function| check_item function| popup function| InfoIcon function| iconSwitcher function| propagateList function| containedStickyScroll function| addFileUpload function| deleteUpload function| cloneUpload function| checkUploads function| ajaxupdate function| ajaxupdate_select function| ajaxupdate_html function| ajax_clearselect function| ajax_clearblock object| addthis_config function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| a object| addthis_share boolean| __@@##MUH object| oattr string| addthis_services_loc string| addthis_services_loc_mob object| addthis_translations

3 Cookies

Domain/Path Name / Value
inloggen.ikgaondernemen.com/ Name: __atuvs
Value: 6089dbbe4bb5a938000
inloggen.ikgaondernemen.com/ Name: __atuvc
Value: 1%7C17
inloggen.ikgaondernemen.com/ Name: identifier
Value: fvk01906dfpj33ov3837vqqise

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

inloggen.ikgaondernemen.com
s7.addthis.com
v1.addthisedge.com
z.moatads.com
104.109.85.134
168.119.9.241
2.18.235.40
0385d4e5bbfc33b41c400795f3ce8cd17e0e3466e7633526bd24f784590bc928
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836
558965d8881cbab98fe071cc6a61eefff266f09e056661d7138b4abb442c2aa4
56ecbb132db4ff4ec7ee6f37cac1591723e69087dcc611e7ef6c40d8618d65c5
7d29ab5e069f3d90c545aee6a8b4f26bbb0a07e79524ac354761fcb69ad1a380
7f73b64716b07e42096e11029414c8eb97cfc585e8520ac44a33e7b5903c5b7c
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
8c8fbfee928491bbeeddf4c694e7f00d0dff8ef5e35282000c98acd20104b1f4
98f612acb81e1496e4174d3c60ac817743f0b1a53cb4f788813a3ae030ae94ae
9d71c6e35561b1a2bdbe819c4ba7a065792b2da690d8b0dde9b6e459f92ef651
9faef6dc2877a223c8b627a11aedc198250f97f7a62890b9c13fa5b3de6405ce
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b25cf88fe24e8c3159aeba8721a39bd567349ffbb2bdc83b6ff90f4c2f2c9264
bb1ee967c73c11b34c51e82d38f1c9f3865076215c24af13cc2e6fb3a8a068ab
c19d5cadda4d21985752607a6c7d6a41f25426931f7c9fdb682ec847688cfcad
c210b92f06524a834564593b952f14c491983b2e57a55886ff1470dcb35f6975
d028431b87a5a95667309aebe0b777cbba704f6bfa993164fe57eca2dae55cc4
f0b48856c4c8e5bbea338319fd8cde2204587ea067ab557ca8baf1a9f0b81407