urlscan.io logo urlscan.io
SecurityTrails logo

rabobank.protocol-klantenveiligheid.eu Open in urlscan Pro
185.82.22.193  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://u.to/HdcOEw
Effective URL: https://rabobank.protocol-klantenveiligheid.eu/login/
Submission: On August 08 via manual from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 11 domains to perform 21 HTTP transactions. The main IP is 185.82.22.193, located in Germany and belongs to DE-FIRSTCOLO www.first-colo.net, DE. The main domain is rabobank.protocol-klantenveiligheid.eu.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 8th 2018. Valid for: 3 months.
This is the only time rabobank.protocol-klantenveiligheid.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 195.216.243.155 29226 (MASTERTEL...)
3 2400:cb00:204... 13335 (CLOUDFLAR...)
3 205.185.208.52 20446 (HIGHWINDS3)
2 2a00:1450:400... 15169 (GOOGLE)
2 2400:cb00:204... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:f48:2000... 47447 (TTM)
2 185.82.22.193 44066 (DE-FIRSTC...)
1 195.181.160.222 60068 (CDN77)
21 11
1    195.216.243.155 (Moscow, Russian Federation)

ASN29226 (MASTERTEL-AS Moscow, Russia, RU)
PTR: s5.unet.com
u.to
3    2400:cb00:2048:1::681b:9474 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ip6.si
3    205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net
code.jquery.com
2    2a00:1450:4001:81c::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    2400:cb00:2048:1::681b:9574 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ip6.si
2    2a00:1450:4001:816::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:819::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
adservice.google.com
2    2a00:1450:4001:821::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:825::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
1    2a00:f48:2000:affe::50 (Germany)

ASN47447 (TTM, DE)
klantenomgeleid.lima-city.de
2    185.82.22.193 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: securemailer.linevast.de
rabobank.protocol-klantenveiligheid.eu
1    195.181.160.222 (United Kingdom)

ASN60068 (CDN77, GB)
PTR: unn-195-181-160-222.datapacket.com
s8.postimg.cc
Domain Requested by
5 ip6.si code.jquery.com
ip6.si
4 pagead2.googlesyndication.com ip6.si
pagead2.googlesyndication.com
3 code.jquery.com ip6.si
2 rabobank.protocol-klantenveiligheid.eu ip6.si
rabobank.protocol-klantenveiligheid.eu
2 www.google-analytics.com ip6.si
1 s8.postimg.cc rabobank.protocol-klantenveiligheid.eu
1 klantenomgeleid.lima-city.de 1 redirects
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 u.to 1 redirects
21 11

This site contains no links.

Subject Issuer Validity Valid
*.google-analytics.com
Google Internet Authority G3		 2018-07-24 -
2018-10-02		 2 months crt.sh
*.google.com
Google Internet Authority G3		 2018-07-24 -
2018-10-02		 2 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2018-07-24 -
2018-10-02		 2 months crt.sh
rabobank.protocol-klantenveiligheid.eu
Let's Encrypt Authority X3		 2018-08-08 -
2018-11-06		 3 months crt.sh
postimg.cc
Let's Encrypt Authority X3		 2018-07-07 -
2018-10-05		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://rabobank.protocol-klantenveiligheid.eu/login/
Frame ID: 4132FD6942A2429175258C1729A2FF2C
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20180806/r20180604/zrt_lookup.html
Frame ID: 0A781BA42D1FEE4D6D86241D246A329A
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180806/r20180604/show_ads_impl.js
Frame ID: 6C161B219B927DC0A4AEB96A40890C59
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8467549867037034&output=html&h=90&slotname=2097096211&adk=3494721624&adf=2469204067&w=970&lmt=1533739422&guci=1.2.0.0.2.2.0&format=970x90&url=http%3A%2F%2Fip6.si%2F%23OYTdeU&flash=0&wgl=1&adsid=NT&dt=1533739422379&bpp=6&bdt=129&fdt=8&idt=75&shv=r20180806&cbv=r20180604&saldr=aa&abxe=1&correlator=1322917424754&frm=20&pv=2&ga_vid=1575527567.1533739422&ga_sid=1533739422&ga_hid=615427966&ga_fc=0&iag=0&icsg=8234&dssz=9&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=360&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062171%2C368226401&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&fsb=1&xpc=RgVo6ivV2N&p=http%3A//ip6.si&dtd=93
Frame ID: F599113B66EAE43071F4218AA0601770
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://u.to/HdcOEw HTTP 302
    http://ip6.si/ Page URL
  2. https://klantenomgeleid.lima-city.de/secure.php HTTP 302
    https://rabobank.protocol-klantenveiligheid.eu/login/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i

Page Statistics

21
Requests

48 %
HTTPS

67 %
IPv6

11
Domains

11
Subdomains

11
IPs

5
Countries

394 kB
Transfer

848 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://u.to/HdcOEw HTTP 302
    http://ip6.si/ Page URL
  2. https://klantenomgeleid.lima-city.de/secure.php HTTP 302
    https://rabobank.protocol-klantenveiligheid.eu/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://u.to/HdcOEw HTTP 302
  • http://ip6.si/

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
ip6.si/
Redirect Chain
  • http://u.to/HdcOEw
  • http://ip6.si/
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ip6.si/
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681b:9474 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b0e53fc1c2b56b0f1325b0ecb35d6a9af148105aa729c67c13b616d335f8415

Request headers

Host
ip6.si
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
4132FD6942A2429175258C1729A2FF2C

Response headers

Date
Wed, 08 Aug 2018 14:43:42 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d2cf17eb66ddefdbcf41cd49075c804841533739422; expires=Thu, 08-Aug-19 14:43:42 GMT; path=/; domain=.ip6.si; HttpOnly SESSION=f4b27adb; expires=Wed, 08-Aug-2018 15:43:29 GMT; Max-Age=3600
X-Powered-By
X-ASPNET-VERSION
Server
cloudflare
CF-RAY
4472c1bc957e96d6-FRA
Content-Encoding
gzip

Redirect headers

Server
uServ/1.5.1
Date
Wed, 08 Aug 2018 14:43:43 GMT
Content-Type
text/html; charset=iso-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Set-Cookie
lng=de; path=/; expires=Thu, 08-Aug-2019 14:43:43 GMT; domain=.u.to;
Location
http://ip6.si#OYTdeU
jquery-1.10.2.min.js
code.jquery.com/ 		91 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://code.jquery.com/jquery-1.10.2.min.js
Requested by
Host: ip6.si
URL: http://ip6.si/
Protocol
HTTP/1.1
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

Referer
http://ip6.si/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 08 Aug 2018 14:43:42 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:07 GMT
Server
nginx
ETag
W/"54499a47-16bb3"
Vary
Accept-Encoding
X-HW
1533739422.dop001.fr8.t,1533739422.cds032.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
38145
jquery-ui.min.js
code.jquery.com/ui/1.10.4/ 		223 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://code.jquery.com/ui/1.10.4/jquery-ui.min.js
Requested by
Host: ip6.si
URL: http://ip6.si/
Protocol
HTTP/1.1
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
a13c96acd88fe907edbb8becda0d113c22abde0d5ae904e5213360a1e6f145ce

Request headers

Referer
http://ip6.si/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 08 Aug 2018 14:43:42 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:08 GMT
Server
nginx
ETag
W/"54499a48-37cbb"
Vary
Accept-Encoding
X-HW
1533739422.dop001.fr8.t,1533739422.cds009.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
75244
jquery-ui.min.css
code.jquery.com/ui/1.10.4/themes/redmond/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://code.jquery.com/ui/1.10.4/themes/redmond/jquery-ui.min.css
Requested by
Host: ip6.si
URL: http://ip6.si/
Protocol
HTTP/1.1
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
ddc940750da907becde977e7932a30d68cce47c8648e57b81532d2ba8f1ca346

Request headers

Referer
http://ip6.si/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 08 Aug 2018 14:43:42 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:08 GMT
Server
nginx
ETag
W/"54499a48-6a42"
Vary
Accept-Encoding
X-HW
1533739422.dop003.fr8.t,1533739422.cds002.fr8.c
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
6423
short_url.php
ip6.si/ 		52 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ip6.si/short_url.php?hash=OYTdeU&json=1
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-1.10.2.min.js
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681b:9474 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ip6.si
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
http://ip6.si/
X-Requested-With
XMLHttpRequest
Cookie
__cfduid=d2cf17eb66ddefdbcf41cd49075c804841533739422; SESSION=f4b27adb
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/javascript, */*; q=0.01
Referer
http://ip6.si/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 08 Aug 2018 14:43:42 GMT
Content-Encoding
gzip
Server
cloudflare
X-ASPNET-VERSION
X-Powered-By
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
CF-RAY
4472c1bd75cc96d6-FRA
analytics.js
www.google-analytics.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ip6.si
URL: http://ip6.si/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://ip6.si/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 01:10:24 GMT
server
Golfe2
age
6294
date
Wed, 08 Aug 2018 12:58:48 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
14386
expires
Wed, 08 Aug 2018 14:58:48 GMT
bg.jpg
ip6.si/images/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ip6.si/images/bg.jpg
Requested by
Host: ip6.si
URL: http://ip6.si/
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681b:9574 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ip6.si
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://ip6.si/
Cookie
__cfduid=d2cf17eb66ddefdbcf41cd49075c804841533739422; SESSION=f4b27adb
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ip6.si/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 08 Aug 2018 14:43:42 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 27 Jan 2017 17:53:52 GMT
Server
cloudflare
X-ASPNET-VERSION
X-Powered-By
ETag
"413a6e52c678d21:0"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4472c1bd863564c3-FRA
Content-Length
70254
Expires
Wed, 08 Aug 2018 18:43:42 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ip6.si
URL: http://ip6.si/
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
c7784aad796c3e52bba098ddbe612903b874d46d2ba5ac4a74d151b5ae081445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ip6.si/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Wed, 08 Aug 2018 14:43:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
6080319237384920637
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
27673
X-XSS-Protection
1; mode=block
Expires
Wed, 08 Aug 2018 14:43:42 GMT
ip6.gif
ip6.si/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ip6.si/images/ip6.gif
Requested by
Host: ip6.si
URL: http://ip6.si/
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681b:9474 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ip6.si
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://ip6.si/
Cookie
__cfduid=d2cf17eb66ddefdbcf41cd49075c804841533739422; SESSION=f4b27adb
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ip6.si/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 08 Aug 2018 14:43:42 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 27 Jan 2017 17:29:33 GMT
Server
cloudflare
X-ASPNET-VERSION
X-Powered-By
ETag
"c159eecc278d21:0"
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4472c1bd82d896a0-FRA
Content-Length
16323
Expires
Wed, 08 Aug 2018 18:43:42 GMT
footer.png
ip6.si/images/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ip6.si/images/footer.png
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-1.10.2.min.js
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681b:9574 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ip6.si
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://ip6.si/
Cookie
__cfduid=d2cf17eb66ddefdbcf41cd49075c804841533739422; SESSION=f4b27adb
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ip6.si/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 08 Aug 2018 14:43:42 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 27 Jan 2017 17:29:33 GMT
Server
cloudflare
X-ASPNET-VERSION
X-Powered-By
ETag
"de137fecc278d21:0"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4472c1bd85f7640f-FRA
Content-Length
26797
Expires
Wed, 08 Aug 2018 18:43:42 GMT
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j68&a=615427966&t=pageview&_s=1&dl=http%3A%2F%2Fip6.si%2F&ul=en-us&de=UTF-8&dt=IP6%20Short%20URL%20-%20Free%20service&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=250900050&gjid=910726568&cid=1575527567.1533739422&tid=UA-92596452-1&_gid=872361433.1533739422&_r=1&z=1888828050
Requested by
Host: ip6.si
URL: http://ip6.si/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://ip6.si/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Aug 2018 14:43:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ip6.si
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ip6.si/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Aug 2018 14:43:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ip6.si
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ip6.si/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Aug 2018 14:43:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
ca-pub-8467549867037034.js
pagead2.googlesyndication.com/pub-config/r20160913/ 		133 B
234 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-8467549867037034.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ip6.si/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 08 Aug 2018 14:43:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 05 Aug 2018 21:21:06 GMT
server
sffe
age
0
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
125
x-xss-protection
1; mode=block
expires
Thu, 09 Aug 2018 02:43:42 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20180806/r20180604/ Frame 0A78 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20180806/r20180604/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20180806/r20180604/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://ip6.si/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
4132FD6942A2429175258C1729A2FF2C
Referer
http://ip6.si/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Tue, 07 Aug 2018 05:48:59 GMT
expires
Tue, 21 Aug 2018 05:48:59 GMT
content-type
text/html; charset=UTF-8
etag
7521803712505135873
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6934
x-xss-protection
1; mode=block
cache-control
public, max-age=1209600
age
118483
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180806/r20180604/ Frame 6C16 		187 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20180806/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ip6.si/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Wed, 08 Aug 2018 14:43:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
5624220501969597904
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
70926
X-XSS-Protection
1; mode=block
Expires
Wed, 08 Aug 2018 14:43:42 GMT
Primary Request /
rabobank.protocol-klantenveiligheid.eu/login/
Redirect Chain
  • https://klantenomgeleid.lima-city.de/secure.php
  • https://rabobank.protocol-klantenveiligheid.eu/login/
682 B
925 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rabobank.protocol-klantenveiligheid.eu/login/
Requested by
Host: ip6.si
URL: http://ip6.si/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.82.22.193 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
securemailer.linevast.de
Software
Apache /
Resource Hash
e093632e245f530fa015de351a0bf3d99311838be2c68ec4948973b1ebc076f2

Request headers

Host
rabobank.protocol-klantenveiligheid.eu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://ip6.si/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
4132FD6942A2429175258C1729A2FF2C
Referer
http://ip6.si/

Response headers

Date
Wed, 08 Aug 2018 14:43:42 GMT
Server
Apache
Last-Modified
Wed, 08 Aug 2018 11:47:11 GMT
Accept-Ranges
bytes
Content-Length
682
Keep-Alive
timeout=10, max=100
Connection
Keep-Alive
Content-Type
text/html

Redirect headers

status
302
server
openresty
date
Wed, 08 Aug 2018 14:43:42 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://rabobank.protocol-klantenveiligheid.eu/login/
x-lima-id
arKOjhQq33OCyRwpIh
set-cookie
_lcp=a; Path=/; expires=Mon Mar 20 2034 13:02:58
content-security-policy
upgrade-insecure-requests
x-powered-by
PHP/5.6.36
ads
googleads.g.doubleclick.net/pagead/ Frame F599 		0
0
osd.js
pagead2.googlesyndication.com/pagead/js/r20180806/r20180604/ 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180806/r20180604/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180806/r20180604/show_ads_impl.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ip6.si/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 07 Aug 2018 04:50:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122022
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
26268
x-xss-protection
1; mode=block
server
cafe
etag
2346024023569693673
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Aug 2018 04:50:00 GMT
bar.jpg
s8.postimg.cc/a3ud6c439/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8.postimg.cc/a3ud6c439/bar.jpg
Requested by
Host: rabobank.protocol-klantenveiligheid.eu
URL: https://rabobank.protocol-klantenveiligheid.eu/login/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.181.160.222 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-160-222.datapacket.com
Software
nginx /
Resource Hash
635dffbae84a80ea3bccd04c0005ff036ebe869073ac2d4f0cebbe08d5505acb

Request headers

Referer
https://rabobank.protocol-klantenveiligheid.eu/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 08 Aug 2018 14:43:42 GMT
Last-Modified
Tue, 24 Jul 2018 01:07:57 GMT
Server
nginx
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6771
Expires
Thu, 31 Dec 2037 23:55:55 GMT
360.gif
rabobank.protocol-klantenveiligheid.eu/login/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rabobank.protocol-klantenveiligheid.eu/login/360.gif
Requested by
Host: rabobank.protocol-klantenveiligheid.eu
URL: https://rabobank.protocol-klantenveiligheid.eu/login/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.82.22.193 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
securemailer.linevast.de
Software
Apache /
Resource Hash
3791fdf22822e74762412ebb0f10eba9b188ac78b310a3369afe1a58e2ceb410

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rabobank.protocol-klantenveiligheid.eu
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://rabobank.protocol-klantenveiligheid.eu/login/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://rabobank.protocol-klantenveiligheid.eu/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 08 Aug 2018 14:43:42 GMT
Last-Modified
Wed, 08 Aug 2018 11:47:09 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=99
Content-Length
14540

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8467549867037034&output=html&h=90&slotname=2097096211&adk=3494721624&adf=2469204067&w=970&lmt=1533739422&guci=1.2.0.0.2.2.0&format=970x90&url=http%3A%2F%2Fip6.si%2F%23OYTdeU&flash=0&wgl=1&adsid=NT&dt=1533739422379&bpp=6&bdt=129&fdt=8&idt=75&shv=r20180806&cbv=r20180604&saldr=aa&abxe=1&correlator=1322917424754&frm=20&pv=2&ga_vid=1575527567.1533739422&ga_sid=1533739422&ga_hid=615427966&ga_fc=0&iag=0&icsg=8234&dssz=9&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=360&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062171%2C368226401&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&fsb=1&xpc=RgVo6ivV2N&p=http%3A//ip6.si&dtd=93

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies