alliv.bms.webnl.nl
Open in
urlscan Pro
63.33.17.94
Public Scan
Effective URL: https://alliv.bms.webnl.nl/404?url=/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On September 17 via api from FR — Scanned from NL
Summary
TLS certificate: Issued by R3 on July 20th 2023. Valid for: 3 months.
This is the only time alliv.bms.webnl.nl was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 52.51.23.169 52.51.23.169 | 16509 (AMAZON-02) (AMAZON-02) | |
5 | 63.33.17.94 63.33.17.94 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 52.222.174.42 52.222.174.42 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2a04:4e42:600... 2a04:4e42:600::622 | 54113 (FASTLY) (FASTLY) | |
2 | 104.18.70.113 104.18.70.113 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a02:26f0:780... 2a02:26f0:780::210:a418 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
15 | 6 |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-23-169.eu-west-1.compute.amazonaws.com
alliv.bms.webnl.nl |
ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-17-94.eu-west-1.compute.amazonaws.com
alliv.bms.webnl.nl |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-42.cdg50.r.cloudfront.net
cdn.zeroheight.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
webnl.nl
1 redirects
alliv.bms.webnl.nl |
44 KB |
3 |
appcues.com
fast.appcues.com — Cisco Umbrella Rank: 5258 |
133 KB |
2 |
zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2396 ekr.zdassets.com — Cisco Umbrella Rank: 2695 |
6 KB |
2 |
zeroheight.com
cdn.zeroheight.com |
447 KB |
1 |
licdn.com
snap.licdn.com — Cisco Umbrella Rank: 970 |
4 KB |
15 | 5 |
Domain | Requested by | |
---|---|---|
6 | alliv.bms.webnl.nl |
1 redirects
alliv.bms.webnl.nl
cdn.zeroheight.com |
3 | fast.appcues.com |
alliv.bms.webnl.nl
fast.appcues.com |
2 | cdn.zeroheight.com |
alliv.bms.webnl.nl
|
1 | snap.licdn.com |
alliv.bms.webnl.nl
snap.licdn.com |
1 | ekr.zdassets.com |
static.zdassets.com
|
1 | static.zdassets.com |
alliv.bms.webnl.nl
static.zdassets.com |
15 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
alliv.bms.webnl.nl R3 |
2023-07-20 - 2023-10-18 |
3 months | crt.sh |
cdn.zeroheight.com Amazon RSA 2048 M03 |
2023-09-11 - 2024-10-09 |
a year | crt.sh |
fast.appcues.com GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-08-05 - 2024-09-05 |
a year | crt.sh |
zdassets.com Cloudflare Inc ECC CA-3 |
2022-11-10 - 2023-11-09 |
a year | crt.sh |
snap.licdn.com DigiCert SHA2 Secure Server CA |
2023-02-01 - 2024-01-31 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://alliv.bms.webnl.nl/404?url=/
Frame ID: 36BD423C603F59A18DF8BC485037E45F
Requests: 14 HTTP requests in this frame
Frame:
https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js
Frame ID: F8E77B80D80F3471E3079BA441AAD4F3
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
zeroheight - not foundPage URL History Show full URLs
-
http://alliv.bms.webnl.nl/
HTTP 301
https://alliv.bms.webnl.nl/ Page URL
- https://alliv.bms.webnl.nl/404?url=/ Page URL
Detected technologies
Linkedin Insight Tag (Analytics) ExpandDetected patterns
- snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://alliv.bms.webnl.nl/
HTTP 301
https://alliv.bms.webnl.nl/ Page URL
- https://alliv.bms.webnl.nl/404?url=/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://alliv.bms.webnl.nl/ HTTP 301
- https://alliv.bms.webnl.nl/
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
alliv.bms.webnl.nl/ Redirect Chain
|
11 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
plugin-c5806030a7bbf4291531b5267046ee57f3195691ce2bc7e3b0a6c28ae9a46aa3.css
alliv.bms.webnl.nl/the-other-assets/ |
75 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
cdn.zeroheight.com/1.5.9.4051/ |
418 KB 53 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SpaceGrotesk.css
alliv.bms.webnl.nl/fonts/ |
635 B 894 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
119582.js
fast.appcues.com/ |
22 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
snippet.js
static.zdassets.com/ekr/ |
10 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
public.js
cdn.zeroheight.com/1.5.9.4051/ |
1 MB 393 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appcues.main.2f564471ce2707179abbe1adb7e62d7b1b2b0e73.js
fast.appcues.com/generic/main/4.60.22/ |
441 KB 125 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4e92de70-6fb3-4abf-81a3-b1598809f1ba
ekr.zdassets.com/compose/ |
1 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
12 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.2f564471ce2707179abbe1adb7e62d7b1b2b0e73.css
fast.appcues.com/generic/main/4.60.22/ |
16 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
404
alliv.bms.webnl.nl/ |
842 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
insight.old.min.js
snap.licdn.com/li.lms-analytics/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
web-widget-main-4b22769.js
static.zdassets.com/web_widget/classic/latest/ Frame F8E7 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
forgotten-password.jpg
alliv.bms.webnl.nl/images/zhapp/onboarding/ |
23 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- snap.licdn.com
- URL
- https://snap.licdn.com/li.lms-analytics/insight.old.min.js
- Domain
- static.zdassets.com
- URL
- https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
alliv.bms.webnl.nl/ | Name: landing_cookie_loc_code Value: NL |
|
.webnl.nl/ | Name: _zh_session Value: d3NNQ1ZxcnoySU9ZOTRPY1RYNFlRK1ozUUhRUmZDZXgxTGl0M2N2andReFpXeFlRdFl1NnNOZkxmWTd2eXdHWU1ieUZDam1zNUZ2WVZuY1B4ckFkeWEvNHM1MSswMVJqeXpyQ3oyWGFqVVRRN1RaNzRkWE1ib0FsclFnUVVsK1BLYkxNQUw3QW1MYVNZRlEzYXBWdDF3PT0tLWk5empVaU1YakZFWDh3RXhsUEsyY1E9PQ%3D%3D--c1a3c74b7755c06082d970ec127d22f305b2260c |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src https: 'self'; connect-src *.hotjar.com:* vc.hotjar.io:* surveystats.hotjar.io wss://*.hotjar.com wss://api.appcues.net:* https: 'self' wss://*.zeroheight.dev:* wss://replay.uxtweak.com:* *.google-analytics.com *.analytics.google.com *.googletagmanager.com; font-src 'self' data: script.hotjar.com https:; img-src 'self' https: data: blob: script.hotjar.com *.google-analytics.com *.googletagmanager.com; object-src 'none'; script-src 'self' https: js.stripe.c 'unsafe-eval' static.hotjar.com script.hotjar.com js.stripe.com maps.googleapis.com public.profitwell.com fast.appcues.com static.zdassets.com *.googletagmanager.com js.hs-scripts.com snap.licdn.com js.hs-banner.com js.hs-analytics.net js.hsforms.net js.usemessages.com js.hsadspixel.net cdn.amplitude.com www.google-analytics.com static.ads-twitter.com ethn.io *.ads.linkedin.com *.google.com *.facebook.net 'nonce-sNPzDl7mssqqCOPIq6bcgsOKHOc9JZqv0wcqzq/ss5o=' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline' |
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | sameorigin |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
alliv.bms.webnl.nl
cdn.zeroheight.com
ekr.zdassets.com
fast.appcues.com
snap.licdn.com
static.zdassets.com
snap.licdn.com
static.zdassets.com
104.18.70.113
2a02:26f0:780::210:a418
2a04:4e42:600::622
52.222.174.42
52.51.23.169
63.33.17.94
16dc5c19d54aaaa51a1cbe67afa557b5205773433a1d9ac5b7820fc4c5a39bcb
425038ed677478ae8e0ee73b30475fdc77186555d1e6e044968809ee120c9533
67dde21b21b06b6050f3f7ad9aa389232f4b9c56a3771763e3bb0f5c6e90b2d2
99cd9b92d84e47fe0371e331b2cc7395e1fac14f0eceb67f52d08210092edef9
9d6bc673da8459803b24621dd2a278e425c6aca2b32490c46c20163b1849d6db
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
a8845dca8981bba295e84d43ec7db3fea638f16eee799d71b2c3dd949fdd0a2c
b6ee8fa2ae144e755e0358d8d7f76dfd55d557e437fa25170c765a7b19b7efd0
c4b68e63f4b806e930d4c4afb580437d26aec602e1e49458cc96d98584762eb0
c5806030a7bbf4291531b5267046ee57f3195691ce2bc7e3b0a6c28ae9a46aa3