nlbklik.si.web-retail.login.18-153-33-219.cprapid.com Open in urlscan Pro
18.153.33.219 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tinyurl.com/y8e29jk4
Effective URL:
https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
Submission Tags: @phish_report
Submission: On February 12 via api (February 12th 2024, 7:01:28 am UTC) from FI — Scanned from FI

Summary HTTP 28 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 28 HTTP transactions. The main IP is 18.153.33.219, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is nlbklik.si.web-retail.login.18-153-33-219.cprapid.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on February 11th 2024. Valid for: 3 months.

This is the only time nlbklik.si.web-retail.login.18-153-33-219.cprapid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::ac43:1e1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	84.38.56.23 84.38.56.23	41325 (REGIONEMA...) (REGIONEMARCHE-BKB-AS)
1 1	18.153.33.63 18.153.33.63	16509 (AMAZON-02) (AMAZON-02)
12	18.153.33.219 18.153.33.219	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:4aab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:21:... 2606:4700:21::8d65:780b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.34.83 104.18.34.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	67.202.105.31 67.202.105.31	32748 (STEADFAST) (STEADFAST)
28	9

1 2606:4700:10::ac43:1e1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tinyurl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 84.38.56.23 (Italy)

ASN41325 (REGIONEMARCHE-BKB-AS, IT)

ambiente.catrianerone.pu.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.153.33.63 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-153-33-63.eu-central-1.compute.amazonaws.com

18-153-33-63.cprapid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.153.33.219 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-153-33-219.eu-central-1.compute.amazonaws.com

nlbklik.si.web-retail.login.18-153-33-219.cprapid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:4aab (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:21::8d65:780b (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.34.83 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	cprapid.com 1 redirects 18-153-33-63.cprapid.com nlbklik.si.web-retail.login.18-153-33-219.cprapid.com	3 MB
7	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 13808 ic.tynt.com — Cisco Umbrella Rank: 11755 de.tynt.com — Cisco Umbrella Rank: 1473	10 KB
3	gstatic.com fonts.gstatic.com	75 KB
2	dtscout.com t.dtscout.com — Cisco Umbrella Rank: 14601	2 KB
2	amung.us widgets.amung.us — Cisco Umbrella Rank: 34096 whos.amung.us — Cisco Umbrella Rank: 18490	4 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
1	catrianerone.pu.it ambiente.catrianerone.pu.it	353 B
1	tinyurl.com 1 redirects tinyurl.com — Cisco Umbrella Rank: 16371	1 KB
28	8

	Domain	Requested by
12	nlbklik.si.web-retail.login.18-153-33-219.cprapid.com	ambiente.catrianerone.pu.it nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
5	ic.tynt.com	nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
3	fonts.gstatic.com	fonts.googleapis.com
2	t.dtscout.com	widgets.amung.us t.dtscout.com
1	de.tynt.com	cdn.tynt.com
1	cdn.tynt.com	widgets.amung.us
1	whos.amung.us	widgets.amung.us
1	widgets.amung.us	nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
1	fonts.googleapis.com	nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
1	18-153-33-63.cprapid.com	1 redirects
1	ambiente.catrianerone.pu.it
1	tinyurl.com	1 redirects
28	12

This site contains links to these domains. Also see Links.

Domain
www.nlb.si
kct.nlb.si
www.facebook.com
www.instagram.com
www.linkedin.com

Subject Issuer	Validity	Valid
ambiente.catrianerone.pu.it R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com ZeroSSL RSA Domain Secure Site CA	`2024-02-11` - `2024-05-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-11` - `2024-06-09`	a year	crt.sh
dtscout.com GTS CA 1P5	`2024-01-18` - `2024-04-17`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-05` - `2024-09-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
Frame ID: 231E3DC314009211E0F0CA9540AD384F
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NLB Pay

Page URL History Show full URLs

http://tinyurl.com/y8e29jk4 HTTP 301
https://ambiente.catrianerone.pu.it/si.html?44 Page URL
https://18-153-33-63.cprapid.com/nlb/ HTTP 302
https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/ Page URL

Page Statistics

28
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

12
Subdomains

9
IPs

4
Countries

2780 kB
Transfer

2803 kB
Size

5
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nlb.si/the-bank-today
Title: About

Search URL Search Domain Scan URL

URL: https://www.nlb.si/sporocila-za-javnost
Title: News

Search URL Search Domain Scan URL

URL: https://www.nlb.si/klik#tab-varnost
Title: Digital bank safety

Search URL Search Domain Scan URL

URL: https://www.nlb.si/general-information-on-personal-data-protection-klik.pdf
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.nlb.si/pogosta-vprasanja-faq
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.nlb.si/kontakt
Title: Contact

Search URL Search Domain Scan URL

URL: https://kct.nlb.si/wp/cm/klepet-video_en.html
Title: Video call

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NLBdd

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nlb_slo/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/nlb-d-d-

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tinyurl.com/y8e29jk4 HTTP 301
https://ambiente.catrianerone.pu.it/si.html?44 Page URL
https://18-153-33-63.cprapid.com/nlb/ HTTP 302
https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://tinyurl.com/y8e29jk4 HTTP 301
https://ambiente.catrianerone.pu.it/si.html?44

28 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

si.html
ambiente.catrianerone.pu.it/
Redirect Chain

http://tinyurl.com/y8e29jk4
https://ambiente.catrianerone.pu.it/si.html?44

182 B
353 B

395ms
90ms

Document
text/html

84.38.56.23
REGIONEMARCHE-BKB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ambiente.catrianerone.pu.it/si.html?44
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.38.56.23 , Italy, ASN41325 (REGIONEMARCHE-BKB-AS, IT),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
content-length: 182
content-type: text/html
date: Mon, 12 Feb 2024 07:01:20 GMT
etag: "d9fa9fed265cda1:0"
last-modified: Sat, 10 Feb 2024 13:42:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin

Redirect headers

CF-Cache-Status: HIT
CF-RAY: 8542f5b06aafd92a-HEL
Cache-Control: max-age=0, must-revalidate, no-cache, no-store, private
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 12 Feb 2024 07:01:20 GMT
Location: https://ambiente.catrianerone.pu.it/si.html?44
Referrer-Policy: unsafe-url
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-TinyURL-Redirect: eyJpdiI6IkxQNWdQVUpab25Za2hqYWUyVUYxaUE9PSIsInZhbHVlIjoiRzZyV2V6cm8zYU5YQ1ZaWklmMDRoaCtkZENOUDBxbEVNdDdHSE10V3hqUFV3cXZYTkJuaDQyWVdWM0p1bGRVU1lxS2xiVDBXcUZHb2Y0aEdGTFdaVEE9PSIsIm1hYyI6IjA2MTkzODdlMTRlOTYzZmNmMDEwZDdlOTc3NjhjYzY1MjkwNzZjYWQ0ZDc1ZDk5MzUzMWMyZmEwZTM0ZjM1YmMiLCJ0YWciOiIifQ==
X-TinyURL-Redirect-Type: redirect
X-XSS-Protection: 1; mode=block
alt-svc: h3=":443"; ma=86400

GET
H/1.1

200
OK

Primary Request / Show response
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
Redirect Chain

https://18-153-33-63.cprapid.com/nlb/
https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/

32 KB
32 KB

1653ms
171ms

Document
text/html

18.153.33.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
Requested by: Host: ambiente.catrianerone.pu.it
URL: https://ambiente.catrianerone.pu.it/si.html?44
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.153.33.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-33-219.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: a138ab7fa6b6fb8bc18afb1b41a820f575bab80c7c3fbaf5e02cf937904783ff

Request headers

Referer: https://ambiente.catrianerone.pu.it/si.html?44
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 12 Feb 2024 07:01:23 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 12 Feb 2024 07:01:21 GMT
Keep-Alive: timeout=5, max=100
Location: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
Server: Apache
Transfer-Encoding: chunked

GET
H/1.1 200
OK styles.c827aba1a9f06249acb9.css
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/ 2 MB
2 MB 106ms
55ms Stylesheet
text/css 18.153.33.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/styles.c827aba1a9f06249acb9.css
Requested by: Host: nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.153.33.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-33-219.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 88f1af1e3a1563257c1f5d8e9d1a99f38a783d6af5d0f03fa8b1a4f4ebedb2c7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Feb 2024 07:01:23 GMT
Last-Modified: Fri, 09 Feb 2024 16:01:16 GMT
Server: Apache
Content-Type: text/css
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2077964
Expires: 0

GET
H/1.1 200
OK 1e96ef2d92e68959af4fca2d926499ee.png
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/ 4 KB
4 KB 169ms
57ms Image
image/png 18.153.33.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/1e96ef2d92e68959af4fca2d926499ee.png
Requested by: Host: nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.153.33.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-33-219.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 7f88f843fd3a40a34580fa54d768952b5b5ac612ba82b32431f5fab32abc5d96

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Feb 2024 07:01:23 GMT
Last-Modified: Fri, 09 Feb 2024 16:01:16 GMT
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4193
Expires: 0

GET
H/1.1 200
OK 5f1b742cb3a5f7b2e199148b6dc8bc68.jpg
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/ 406 KB
406 KB 169ms
56ms Image
image/jpeg 18.153.33.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/5f1b742cb3a5f7b2e199148b6dc8bc68.jpg
Requested by: Host: nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.153.33.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-33-219.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: cc161482fcde60f7391b35d8bb5ba6426d5b50246f4bdba26b6ea6e0d321a0be

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Feb 2024 07:01:23 GMT
Last-Modified: Fri, 09 Feb 2024 16:01:16 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 415901
Expires: 0

GET
H/1.1 200
OK vendor-bb-systemjs.js Show response
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/ 60 KB
60 KB 113ms
55ms Script
text/javascript 18.153.33.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/vendor-bb-systemjs.js
Requested by: Host: nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.153.33.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-33-219.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 6a202fff38bebc732c9792c0abd1eb4b11fa26d338194d70d42a9bf0a1b1c837

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Feb 2024 07:01:23 GMT
Last-Modified: Fri, 09 Feb 2024 16:01:16 GMT
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 61438
Expires: 0

GET
H/1.1 200
OK config-bb-module-loader.js Show response
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/ 14 KB
15 KB 166ms
57ms Script
text/javascript 18.153.33.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/config-bb-module-loader.js
Requested by: Host: nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.153.33.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-33-219.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 4c9e2f5fc071efd2a294c192e499efd047aca4efd2e252fc15df9aec53214624

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Feb 2024 07:01:23 GMT
Last-Modified: Fri, 09 Feb 2024 16:01:16 GMT
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 14650
Expires: 0

GET
H/1.1 200
OK bundle-1.15.1.js Show response
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/ 140 KB
140 KB 167ms
56ms Script
text/javascript 18.153.33.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/bundle-1.15.1.js
Requested by: Host: nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.153.33.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-33-219.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 83e2cfba6e2b886afbf5fca7b77e8a1b7635a276a91667079a422c8a3ec995c2

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Feb 2024 07:01:23 GMT
Last-Modified: Fri, 09 Feb 2024 16:01:16 GMT
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 143157
Expires: 0

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 194ms
69ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Istok+Web:400,700|Roboto:400,700

Requested by

Host: nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/styles.c827aba1a9f06249acb9.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f240532834357a6018584c16297581a6135a52947c1aff0984581fd2981e49c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Feb 2024 07:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 07:01:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Feb 2024 07:01:24 GMT

GET
H/1.1 404
Not Found Roboto-Regular.91c246eb7465283afb63.woff2
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/ 0
0 55ms
55ms Font
text/html 18.153.33.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/Roboto-Regular.91c246eb7465283afb63.woff2
Requested by: Host: nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/styles.c827aba1a9f06249acb9.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.153.33.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-33-219.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/styles.c827aba1a9f06249acb9.css
Origin: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Mon, 12 Feb 2024 07:01:24 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 3qTvojGmgSyUukBzKslpBmt_.woff2
fonts.gstatic.com/s/istokweb/v24/ 25 KB
25 KB 186ms
60ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/istokweb/v24/3qTvojGmgSyUukBzKslpBmt_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Istok+Web:400,700|Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccb3f35da19985c50a05cc2d3465ddb7bd255f894ce890cc21f344163b99a10e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:03:20 GMT
x-content-type-options: nosniff
age: 370684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25280
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 22:09:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 00:03:20 GMT

GET
H/1.1 404
Not Found nlb-icons.7fe8134846dc74e49044.ttf
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/ 0
0 56ms
56ms Font
text/html 18.153.33.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/nlb-icons.7fe8134846dc74e49044.ttf
Requested by: Host: nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/styles.c827aba1a9f06249acb9.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.153.33.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-33-219.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/styles.c827aba1a9f06249acb9.css
Origin: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Mon, 12 Feb 2024 07:01:24 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 3qTvojGmgSyUukBzKslpCGt_xkI.woff2
fonts.gstatic.com/s/istokweb/v24/ 34 KB
34 KB 245ms
121ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/istokweb/v24/3qTvojGmgSyUukBzKslpCGt_xkI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Istok+Web:400,700|Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c384e4c0a70490fc5e6a582fed54d26bba849dcb25a8fbdadddf40ea9796c8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 14:04:36 GMT
x-content-type-options: nosniff
age: 233808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35096
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 22:09:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 14:04:36 GMT

GET
H2 200 small.js Show response
widgets.amung.us/ 8 KB
4 KB 146ms
62ms Script
application/x-javascript 2606:4700:10::6816:4aab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.amung.us/small.js
Requested by: Host: nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 07:01:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 17:19:22 GMT
server: cloudflare
age: 467
etag: W/"63c0411a-2170"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 8542f5ca88e54c88-HEL
alt-svc: h3=":443"; ma=86400
expires: Tue, 13 Feb 2024 06:53:37 GMT

GET
H/1.1 404
Not Found Roboto-Regular.31012f9b3e3da44f87e8.woff
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/ 0
0 56ms
55ms Font
text/html 18.153.33.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/Roboto-Regular.31012f9b3e3da44f87e8.woff
Requested by: Host: nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/styles.c827aba1a9f06249acb9.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.153.33.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-33-219.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/styles.c827aba1a9f06249acb9.css
Origin: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Mon, 12 Feb 2024 07:01:24 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found nlb-icons.5a7d5a5c5b79d59342b6.woff
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/ 0
0 56ms
56ms Font
text/html 18.153.33.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/nlb-icons.5a7d5a5c5b79d59342b6.woff
Requested by: Host: nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/styles.c827aba1a9f06249acb9.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.153.33.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-33-219.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/styles.c827aba1a9f06249acb9.css
Origin: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Mon, 12 Feb 2024 07:01:24 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Roboto-Regular.25e40da956314b12d333.ttf
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/ 0
0 55ms
55ms Font
text/html 18.153.33.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/Roboto-Regular.25e40da956314b12d333.ttf
Requested by: Host: nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/styles.c827aba1a9f06249acb9.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.153.33.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-33-219.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/styles.c827aba1a9f06249acb9.css
Origin: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Mon, 12 Feb 2024 07:01:24 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 / Show response
t.dtscout.com/i/ 2 KB
2 KB 403ms
294ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fnlbklik.si.web-retail.login.18-153-33-219.cprapid.com%2Fnlb%2F&j=https%3A%2F%2Fambiente.catrianerone.pu.it%2F
Requested by: Host: widgets.amung.us
URL: https://widgets.amung.us/small.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d9b17215ac3b3c8df6c2d7e16ed6d5ff62cc124e107fb2ac4bd2265e29c8a49

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 07:01:24 GMT
x-t: 0.285
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0oYRKeIYgGaqq2Pgk3pHw55nUE3FKr02GpziuELojGw3%2FR37u6f0Upj5QBFetFpgZAd%2F9wb77KLbBdbAwZXJNgCD69lgmTSnFGAU0h3jWpBwm1Oby8D40Gds66ZDEKz000fPlsPoS2qM3jg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 8542f5cbbc10ffec-VNO
expires: Mon, 12 Feb 2024 07:01:23 GMT

GET
H2 200 / Show response
whos.amung.us/pingjs/ 24 B
126 B 275ms
258ms Script
text/javascript 2606:4700:10::6816:4aab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=nlbpay&t=NLB%20Pay&c=s&x=https%3A%2F%2Fnlbklik.si.web-retail.login.18-153-33-219.cprapid.com%2Fnlb%2F&y=https%3A%2F%2Fambiente.catrianerone.pu.it%2F&a=0&d=3.6&v=27&r=4565
Requested by: Host: widgets.amung.us
URL: https://widgets.amung.us/small.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfcab854ada488b5d85aea0de32217f117128089f747a8b2e29df59414abfc8f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 07:01:24 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8542f5cb19884c88-HEL
alt-svc: h3=":443"; ma=86400
content-type: text/javascript;charset=UTF-8

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 119ms
119ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Istok+Web:400,700|Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 23:49:55 GMT
x-content-type-options: nosniff
age: 198689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 23:49:55 GMT

GET
H2 200 tc.js Show response
cdn.tynt.com/ 26 KB
9 KB 154ms
49ms Script
application/javascript 104.18.34.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: widgets.amung.us
URL: https://widgets.amung.us/small.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df92371a548b99f90afb3caeb15fdd106cbb37809b0f3f9db3db055e581ac28a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 07:01:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 15:08:56 GMT
server: cloudflare
age: 91998
etag: W/"651ed188-66a6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8542f5cd6a8d70d4-ARN
expires: Thu, 15 Feb 2024 07:01:24 GMT

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 / Show response
t.dtscout.com/pv/ 51 B
342 B 285ms
285ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=nlbklik.si.web-retail.login.18-153-33-219.cprapid.com&_ss=54ya6auzi0&_pv=1&_ls=0&_u1=1&_u3=1&_cc=fi&_pl=d&_cbid=49fy&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fnlbklik.si.web-retail.login.18-153-33-219.cprapid.com%2Fnlb%2F&j=https%3A%2F%2Fambiente.catrianerone.pu.it%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f473a74362b30729bb90acd43af51bb35142e29400387d063c3d48ce9d78b2b1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 07:01:24 GMT
x-t: 0.167
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2BwBR5X9XTiF0UgHhxlskIL7ArIRe8Rvp9pL1wvBA7TMNztQPkJn4QTXkmYcsxoOukycl971HeIEwILSls1uc6qfVuhp1GCXi4b%2F9yq551it5GEC4wDPkl%2BZNeYscZfSD8%2FdJjRi2DEF6Iw%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8542f5cd8de7ffec-VNO
expires: Mon, 12 Feb 2024 07:01:23 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
228 B 449ms
145ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!nlbpay&lm=0&ts=1707721284789&dn=TC&iso=0&pu=https%3A%2F%2Fnlbklik.si.web-retail.login.18-153-33-219.cprapid.com%2Fnlb%2F&r=https%3A%2F%2Fambiente.catrianerone.pu.it%2F&t=NLB%20Pay&chmob=0
Requested by: Host: nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Mon, 12 Feb 2024 07:01:25 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
327 B 446ms
145ms Script
application/javascript 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!nlbpay&dn=TC&cc=1&chmob=0&r=https%3A%2F%2Fambiente.catrianerone.pu.it%2F&pu=https%3A%2F%2Fnlbklik.si.web-retail.login.18-153-33-219.cprapid.com%2Fnlb%2F
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Mon, 12 Feb 2024 07:01:25 GMT
cache-control: max-age=86400
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length: 4
expires: Tue, 13 Feb 2024 07:01:25 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 145ms
145ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!nlbpay&lm=0&ts=1707721284789&dn=TC&iso=0&pu=https%3A%2F%2Fnlbklik.si.web-retail.login.18-153-33-219.cprapid.com%2Fnlb%2F&r=https%3A%2F%2Fambiente.catrianerone.pu.it%2F&t=NLB%20Pay
Requested by: Host: nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Mon, 12 Feb 2024 07:01:25 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 145ms
145ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!nlbpay&lm=0&ts=1707721284789&dn=TC&iso=0&pu=https%3A%2F%2Fnlbklik.si.web-retail.login.18-153-33-219.cprapid.com%2Fnlb%2F&r=https%3A%2F%2Fambiente.catrianerone.pu.it%2F
Requested by: Host: nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Mon, 12 Feb 2024 07:01:25 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 146ms
146ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!nlbpay&lm=0&ts=1707721284789&dn=TC&iso=0&pu=https%3A%2F%2Fnlbklik.si.web-retail.login.18-153-33-219.cprapid.com%2Fnlb%2F
Requested by: Host: nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Mon, 12 Feb 2024 07:01:25 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 145ms
145ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!nlbpay&lm=0&ts=1707721284789&dn=TC&iso=0&pu=https%3A%2F%2Fnlbklik.si.web-retail.login.18-153-33-219.cprapid.com%2Fnlb%2F
Requested by: Host: nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Mon, 12 Feb 2024 07:01:25 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb	1969-12-31 23:59:59	Name: cleana Value: true
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 966fa02f9a9a6b3419c86dc95012ec06
.dtscout.com/	1970-01-20 18:22:06	Name: m Value: 1
.dtscout.com/	1970-01-20 18:22:15	Name: oa Value: 1
.dtscout.com/	1970-01-20 20:46:01	Name: df Value: 1707721284

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/Roboto-Regular.91c246eb7465283afb63.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/nlb-icons.7fe8134846dc74e49044.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/Roboto-Regular.31012f9b3e3da44f87e8.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/nlb-icons.5a7d5a5c5b79d59342b6.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/Roboto-Regular.25e40da956314b12d333.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

18-153-33-63.cprapid.com
ambiente.catrianerone.pu.it
cdn.tynt.com
de.tynt.com
fonts.googleapis.com
fonts.gstatic.com
ic.tynt.com
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
t.dtscout.com
tinyurl.com
whos.amung.us
widgets.amung.us
104.18.34.83
18.153.33.219
18.153.33.63
2606:4700:10::6816:4aab
2606:4700:10::ac43:1e1
2606:4700:21::8d65:780b
2a00:1450:4001:801::200a
2a00:1450:4001:830::2003
67.202.105.31
84.38.56.23
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1
3d9b17215ac3b3c8df6c2d7e16ed6d5ff62cc124e107fb2ac4bd2265e29c8a49
3f240532834357a6018584c16297581a6135a52947c1aff0984581fd2981e49c
4c9e2f5fc071efd2a294c192e499efd047aca4efd2e252fc15df9aec53214624
6a202fff38bebc732c9792c0abd1eb4b11fa26d338194d70d42a9bf0a1b1c837
7f88f843fd3a40a34580fa54d768952b5b5ac612ba82b32431f5fab32abc5d96
83e2cfba6e2b886afbf5fca7b77e8a1b7635a276a91667079a422c8a3ec995c2
88f1af1e3a1563257c1f5d8e9d1a99f38a783d6af5d0f03fa8b1a4f4ebedb2c7
a138ab7fa6b6fb8bc18afb1b41a820f575bab80c7c3fbaf5e02cf937904783ff
bfcab854ada488b5d85aea0de32217f117128089f747a8b2e29df59414abfc8f
c384e4c0a70490fc5e6a582fed54d26bba849dcb25a8fbdadddf40ea9796c8c8
cc161482fcde60f7391b35d8bb5ba6426d5b50246f4bdba26b6ea6e0d321a0be
ccb3f35da19985c50a05cc2d3465ddb7bd255f894ce890cc21f344163b99a10e
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
df92371a548b99f90afb3caeb15fdd106cbb37809b0f3f9db3db055e581ac28a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f473a74362b30729bb90acd43af51bb35142e29400387d063c3d48ce9d78b2b1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

nlbklik.si.web-retail.login.18-153-33-219.cprapid.com Open in urlscan Pro 18.153.33.219 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

28 Requests

100 %HTTPS

50 %IPv6

8 Domains

12 Subdomains

9 IPs

4 Countries

2780 kBTransfer

2803 kBSize

5 Cookies

10 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nlbklik.si.web-retail.login.18-153-33-219.cprapid.com Open in urlscan Pro
18.153.33.219 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

12
Subdomains

9
IPs

4
Countries

2780 kB
Transfer

2803 kB
Size

5
Cookies

28 HTTP transactions
1 data transactions