nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
Open in
urlscan Pro
18.153.33.219
Public Scan
Effective URL: https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
Submission Tags: @phish_report
Submission: On February 12 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on February 11th 2024. Valid for: 3 months.
This is the only time nlbklik.si.web-retail.login.18-153-33-219.cprapid.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:10:... 2606:4700:10::ac43:1e1 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 84.38.56.23 84.38.56.23 | 41325 (REGIONEMA...) (REGIONEMARCHE-BKB-AS) | |
1 1 | 18.153.33.63 18.153.33.63 | 16509 (AMAZON-02) (AMAZON-02) | |
12 | 18.153.33.219 18.153.33.219 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:801::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:830::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2606:4700:10:... 2606:4700:10::6816:4aab | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700:21:... 2606:4700:21::8d65:780b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.18.34.83 104.18.34.83 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 67.202.105.31 67.202.105.31 | 32748 (STEADFAST) (STEADFAST) | |
28 | 9 |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-153-33-63.eu-central-1.compute.amazonaws.com
18-153-33-63.cprapid.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-153-33-219.eu-central-1.compute.amazonaws.com
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com |
ASN13335 (CLOUDFLARENET, US)
widgets.amung.us | |
whos.amung.us |
ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
ic.tynt.com | |
de.tynt.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
cprapid.com
1 redirects
18-153-33-63.cprapid.com nlbklik.si.web-retail.login.18-153-33-219.cprapid.com |
3 MB |
7 |
tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 13808 ic.tynt.com — Cisco Umbrella Rank: 11755 de.tynt.com — Cisco Umbrella Rank: 1473 |
10 KB |
3 |
gstatic.com
fonts.gstatic.com |
75 KB |
2 |
dtscout.com
t.dtscout.com — Cisco Umbrella Rank: 14601 |
2 KB |
2 |
amung.us
widgets.amung.us — Cisco Umbrella Rank: 34096 whos.amung.us — Cisco Umbrella Rank: 18490 |
4 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31 |
1 KB |
1 |
catrianerone.pu.it
ambiente.catrianerone.pu.it |
353 B |
1 |
tinyurl.com
1 redirects
tinyurl.com — Cisco Umbrella Rank: 16371 |
1 KB |
28 | 8 |
Domain | Requested by | |
---|---|---|
12 | nlbklik.si.web-retail.login.18-153-33-219.cprapid.com |
ambiente.catrianerone.pu.it
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com |
5 | ic.tynt.com |
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
|
3 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | t.dtscout.com |
widgets.amung.us
t.dtscout.com |
1 | de.tynt.com |
cdn.tynt.com
|
1 | cdn.tynt.com |
widgets.amung.us
|
1 | whos.amung.us |
widgets.amung.us
|
1 | widgets.amung.us |
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
|
1 | fonts.googleapis.com |
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
|
1 | 18-153-33-63.cprapid.com | 1 redirects |
1 | ambiente.catrianerone.pu.it | |
1 | tinyurl.com | 1 redirects |
28 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.nlb.si |
kct.nlb.si |
www.facebook.com |
www.instagram.com |
www.linkedin.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ambiente.catrianerone.pu.it R3 |
2024-01-22 - 2024-04-21 |
3 months | crt.sh |
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com ZeroSSL RSA Domain Secure Site CA |
2024-02-11 - 2024-05-11 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-06-11 - 2024-06-09 |
a year | crt.sh |
dtscout.com GTS CA 1P5 |
2024-01-18 - 2024-04-17 |
3 months | crt.sh |
*.tynt.com Sectigo RSA Domain Validation Secure Server CA |
2023-09-05 - 2024-09-30 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/
Frame ID: 231E3DC314009211E0F0CA9540AD384F
Requests: 29 HTTP requests in this frame
Screenshot
Page Title
NLB PayPage URL History Show full URLs
-
http://tinyurl.com/y8e29jk4
HTTP 301
https://ambiente.catrianerone.pu.it/si.html?44 Page URL
-
https://18-153-33-63.cprapid.com/nlb/
HTTP 302
https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/ Page URL
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
Title: About
Search URL Search Domain Scan URL
Title: News
Search URL Search Domain Scan URL
Title: Digital bank safety
Search URL Search Domain Scan URL
Title: Privacy policy
Search URL Search Domain Scan URL
Title: FAQ
Search URL Search Domain Scan URL
Title: Contact
Search URL Search Domain Scan URL
Title: Video call
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://tinyurl.com/y8e29jk4
HTTP 301
https://ambiente.catrianerone.pu.it/si.html?44 Page URL
-
https://18-153-33-63.cprapid.com/nlb/
HTTP 302
https://nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://tinyurl.com/y8e29jk4 HTTP 301
- https://ambiente.catrianerone.pu.it/si.html?44
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
si.html
ambiente.catrianerone.pu.it/ Redirect Chain
|
182 B 353 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/ Redirect Chain
|
32 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.c827aba1a9f06249acb9.css
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/ |
2 MB 2 MB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1e96ef2d92e68959af4fca2d926499ee.png
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5f1b742cb3a5f7b2e199148b6dc8bc68.jpg
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/ |
406 KB 406 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor-bb-systemjs.js
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/ |
60 KB 60 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
config-bb-module-loader.js
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/ |
14 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bundle-1.15.1.js
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/ |
140 KB 140 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Roboto-Regular.91c246eb7465283afb63.woff2
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3qTvojGmgSyUukBzKslpBmt_.woff2
fonts.gstatic.com/s/istokweb/v24/ |
25 KB 25 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nlb-icons.7fe8134846dc74e49044.ttf
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3qTvojGmgSyUukBzKslpCGt_xkI.woff2
fonts.gstatic.com/s/istokweb/v24/ |
34 KB 34 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
small.js
widgets.amung.us/ |
8 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Roboto-Regular.31012f9b3e3da44f87e8.woff
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nlb-icons.5a7d5a5c5b79d59342b6.woff
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Roboto-Regular.25e40da956314b12d333.ttf
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb/file/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
t.dtscout.com/i/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
whos.amung.us/pingjs/ |
24 B 126 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tc.js
cdn.tynt.com/ |
26 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
439 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
t.dtscout.com/pv/ |
51 B 342 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p
ic.tynt.com/b/ |
0 228 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v2
de.tynt.com/deb/ |
4 B 327 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p
ic.tynt.com/b/ |
0 227 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p
ic.tynt.com/b/ |
0 227 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p
ic.tynt.com/b/ |
0 227 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p
ic.tynt.com/b/ |
0 227 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| $__curScript function| URLPolyfill object| SystemJS object| System object| config-bb-module-loader object| _wau object| WAU_ren function| WAU_small function| WAU_small_request function| WAU_r_s function| WAU_insert function| WAU_legacy_b function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady object| x string| x1 string| x2 object| Tynt object| _dtspv object| _33Across function| __uspapi5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/nlb | Name: cleana Value: true |
|
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com/ | Name: PHPSESSID Value: 966fa02f9a9a6b3419c86dc95012ec06 |
|
.dtscout.com/ | Name: m Value: 1 |
|
.dtscout.com/ | Name: oa Value: 1 |
|
.dtscout.com/ | Name: df Value: 1707721284 |
11 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
18-153-33-63.cprapid.com
ambiente.catrianerone.pu.it
cdn.tynt.com
de.tynt.com
fonts.googleapis.com
fonts.gstatic.com
ic.tynt.com
nlbklik.si.web-retail.login.18-153-33-219.cprapid.com
t.dtscout.com
tinyurl.com
whos.amung.us
widgets.amung.us
104.18.34.83
18.153.33.219
18.153.33.63
2606:4700:10::6816:4aab
2606:4700:10::ac43:1e1
2606:4700:21::8d65:780b
2a00:1450:4001:801::200a
2a00:1450:4001:830::2003
67.202.105.31
84.38.56.23
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1
3d9b17215ac3b3c8df6c2d7e16ed6d5ff62cc124e107fb2ac4bd2265e29c8a49
3f240532834357a6018584c16297581a6135a52947c1aff0984581fd2981e49c
4c9e2f5fc071efd2a294c192e499efd047aca4efd2e252fc15df9aec53214624
6a202fff38bebc732c9792c0abd1eb4b11fa26d338194d70d42a9bf0a1b1c837
7f88f843fd3a40a34580fa54d768952b5b5ac612ba82b32431f5fab32abc5d96
83e2cfba6e2b886afbf5fca7b77e8a1b7635a276a91667079a422c8a3ec995c2
88f1af1e3a1563257c1f5d8e9d1a99f38a783d6af5d0f03fa8b1a4f4ebedb2c7
a138ab7fa6b6fb8bc18afb1b41a820f575bab80c7c3fbaf5e02cf937904783ff
bfcab854ada488b5d85aea0de32217f117128089f747a8b2e29df59414abfc8f
c384e4c0a70490fc5e6a582fed54d26bba849dcb25a8fbdadddf40ea9796c8c8
cc161482fcde60f7391b35d8bb5ba6426d5b50246f4bdba26b6ea6e0d321a0be
ccb3f35da19985c50a05cc2d3465ddb7bd255f894ce890cc21f344163b99a10e
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
df92371a548b99f90afb3caeb15fdd106cbb37809b0f3f9db3db055e581ac28a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f473a74362b30729bb90acd43af51bb35142e29400387d063c3d48ce9d78b2b1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac