www.zip-quotes.ua838268.serversignin.com Open in urlscan Pro
138.201.211.238 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.zip-quotes.ua838268.serversignin.com/
Effective URL:
https://www.zip-quotes.ua838268.serversignin.com/
Submission Tags: @phish_report
Submission: On July 16 via api (July 16th 2024, 3:42:50 am UTC) from FI — Scanned from AU

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 16 HTTP transactions. The main IP is 138.201.211.238, located in Mannheim, Germany and belongs to HETZNER-AS, DE. The main domain is www.zip-quotes.ua838268.serversignin.com.
TLS certificate: Issued by R11 on July 16th 2024. Valid for: 3 months.

This is the only time www.zip-quotes.ua838268.serversignin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	138.201.211.238 138.201.211.238	24940 (HETZNER-AS) (HETZNER-AS)
1	142.250.66.228 142.250.66.228	15169 (GOOGLE) (GOOGLE)
1	142.251.221.67 142.251.221.67	15169 (GOOGLE) (GOOGLE)
1	142.250.71.74 142.250.71.74	15169 (GOOGLE) (GOOGLE)
1	142.250.71.67 142.250.71.67	15169 (GOOGLE) (GOOGLE)
16	6

11 138.201.211.238 (Mannheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: mail.eu8681.clients.hostm.net

www.zip-quotes.ua838268.serversignin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.66.228 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.221.67 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.71.74 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.71.67 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	serversignin.com www.zip-quotes.ua838268.serversignin.com	160 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	223 KB
1	googleapis.com ajax.googleapis.com Failed fonts.googleapis.com — Cisco Umbrella Rank: 110	971 B
1	google.com www.google.com — Cisco Umbrella Rank: 10	588 B
16	4

	Domain	Requested by
11	www.zip-quotes.ua838268.serversignin.com	www.zip-quotes.ua838268.serversignin.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.zip-quotes.ua838268.serversignin.com
1	www.gstatic.com	www.google.com
1	www.google.com	www.zip-quotes.ua838268.serversignin.com
0	ajax.googleapis.com Failed	www.zip-quotes.ua838268.serversignin.com
16	6

This site contains no links.

Subject Issuer	Validity	Valid
paulshuster.com R11	`2024-07-16` - `2024-10-14`	3 months	crt.sh
*.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.zip-quotes.ua838268.serversignin.com/
Frame ID: F95A49F3D9BD9308997AA1F4E0397CBF
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FormLoom3 | Renovations

Page URL History Show full URLs

http://www.zip-quotes.ua838268.serversignin.com/ HTTP 307
https://www.zip-quotes.ua838268.serversignin.com/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

16
Requests

94 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

6
IPs

2
Countries

385 kB
Transfer

992 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.zip-quotes.ua838268.serversignin.com/ HTTP 307
https://www.zip-quotes.ua838268.serversignin.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.zip-quotes.ua838268.serversignin.com/
Redirect Chain

http://www.zip-quotes.ua838268.serversignin.com/
https://www.zip-quotes.ua838268.serversignin.com/

5 KB
2 KB

910ms
266ms

Document
text/html

138.201.211.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zip-quotes.ua838268.serversignin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.201.211.238 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

mail.eu8681.clients.hostm.net

Software

Resource Hash

91a026b0e385ed4fbfd71601084909ac363f0808d4251d7f6346311ba5389cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
content-length: 1492
content-type: text/html; charset=UTF-8
date: Tue, 16 Jul 2024 03:42:43 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Tue, 16 Jul 2024 03:42:43 GMT
pragma: no-cache
strict-transport-security: max-age=15552000
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

Location: https://www.zip-quotes.ua838268.serversignin.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 consolidated.css
www.zip-quotes.ua838268.serversignin.com/rw_common/themes/aqualicious/ 28 KB
5 KB 266ms
264ms Stylesheet
text/css 138.201.211.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zip-quotes.ua838268.serversignin.com/rw_common/themes/aqualicious/consolidated.css

Requested by

Host: www.zip-quotes.ua838268.serversignin.com
URL: https://www.zip-quotes.ua838268.serversignin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.201.211.238 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

mail.eu8681.clients.hostm.net

Software

Resource Hash

8f6ecfa8d785821768823ffeebc0b8a5da6637944e7700b846637b2060e2a934

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zip-quotes.ua838268.serversignin.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Jul 2024 03:42:43 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
last-modified: Thu, 07 Jul 2016 22:34:36 GMT
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
accept-ranges: bytes
content-length: 4815

GET
H2 200 javascript.js Show response
www.zip-quotes.ua838268.serversignin.com/rw_common/themes/aqualicious/ 14 KB
4 KB 266ms
265ms Script
application/javascript 138.201.211.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zip-quotes.ua838268.serversignin.com/rw_common/themes/aqualicious/javascript.js

Requested by

Host: www.zip-quotes.ua838268.serversignin.com
URL: https://www.zip-quotes.ua838268.serversignin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.201.211.238 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

mail.eu8681.clients.hostm.net

Software

Resource Hash

fc19d4295dae3a373ccab00f96eae9ad1defa1d3ff2be293e6547857e648fd7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zip-quotes.ua838268.serversignin.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Jul 2024 03:42:43 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
last-modified: Thu, 07 Jul 2016 22:34:37 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
content-length: 4299

GET
H2 200 formloom-page0.js Show response
www.zip-quotes.ua838268.serversignin.com/files/ 234 KB
64 KB 266ms
265ms Script
application/javascript 138.201.211.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zip-quotes.ua838268.serversignin.com/files/formloom-page0.js

Requested by

Host: www.zip-quotes.ua838268.serversignin.com
URL: https://www.zip-quotes.ua838268.serversignin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.201.211.238 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

mail.eu8681.clients.hostm.net

Software

Resource Hash

d0adbc66a838ac19eb9f22de86d2141ec0841f8b79baf4a28bca2aa3636a1fd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zip-quotes.ua838268.serversignin.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Jul 2024 03:42:43 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
last-modified: Fri, 08 Jul 2016 02:09:05 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
content-length: 65421

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 870 B
588 B 202ms
101ms Script
text/javascript 142.250.66.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=

Requested by

Host: www.zip-quotes.ua838268.serversignin.com
URL: https://www.zip-quotes.ua838268.serversignin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.228 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f4.1e100.net

Software

GSE /

Resource Hash

587d5394ddb17dec6f39de2e973431f161a1e08a45d499fe7c7a6333a93904cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zip-quotes.ua838268.serversignin.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Jul 2024 03:42:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 16 Jul 2024 03:42:43 GMT

GET
H2 200 formloom-page0.css
www.zip-quotes.ua838268.serversignin.com/files/ 95 KB
18 KB 266ms
265ms Stylesheet
text/css 138.201.211.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zip-quotes.ua838268.serversignin.com/files/formloom-page0.css?v=87

Requested by

Host: www.zip-quotes.ua838268.serversignin.com
URL: https://www.zip-quotes.ua838268.serversignin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.201.211.238 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

mail.eu8681.clients.hostm.net

Software

Resource Hash

fedefa6b64719ff90e5b2bde418049493933b4f0560f0bd5bd831bd2de29e9d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zip-quotes.ua838268.serversignin.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Jul 2024 03:42:43 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
last-modified: Fri, 08 Jul 2016 02:09:08 GMT
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
accept-ranges: bytes
content-length: 18482

GET jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1/ 0
0

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/ 534 KB
212 KB 105ms
3ms Script
text/javascript 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

0ec782544506a0aea967ea044659c633e1ee735b79e5172cb263797cc5cefe3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zip-quotes.ua838268.serversignin.com/
Origin: https://www.zip-quotes.ua838268.serversignin.com
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 13 Jul 2024 17:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210639
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 216123
x-xss-protection: 0
last-modified: Sun, 23 Jun 2024 08:01:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 13 Jul 2025 17:12:05 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
971 B 209ms
104ms Stylesheet
text/css 142.250.71.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,300

Requested by

Host: www.zip-quotes.ua838268.serversignin.com
URL: https://www.zip-quotes.ua838268.serversignin.com/files/formloom-page0.css?v=87

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.74 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f10.1e100.net

Software

ESF /

Resource Hash

90b729c751869fea225ead98a060e8b4c9f52bdf97d0ffedeefb24974c44c11a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.zip-quotes.ua838268.serversignin.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Jul 2024 03:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Tue, 16 Jul 2024 03:42:45 GMT

GET
H3 200 menu_shadow.png
www.zip-quotes.ua838268.serversignin.com/rw_common/themes/aqualicious/images/ 87 B
316 B 266ms
266ms Image
image/png 138.201.211.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zip-quotes.ua838268.serversignin.com/rw_common/themes/aqualicious/images/menu_shadow.png

Requested by

Host: www.zip-quotes.ua838268.serversignin.com
URL: https://www.zip-quotes.ua838268.serversignin.com/rw_common/themes/aqualicious/consolidated.css

Protocol

Security

QUIC, , AES_128_GCM

Server

138.201.211.238 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

mail.eu8681.clients.hostm.net

Software

Resource Hash

c7b128ce2254ae789c38c61a818baf5321f92bde5725216573f7374edaf1475c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zip-quotes.ua838268.serversignin.com/rw_common/themes/aqualicious/consolidated.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Jul 2024 03:42:44 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
last-modified: Thu, 07 Jul 2016 22:34:31 GMT
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 87

GET
H3 200 menu_bg.png
www.zip-quotes.ua838268.serversignin.com/rw_common/themes/aqualicious/images/blue/ 151 B
193 B 268ms
267ms Image
image/png 138.201.211.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zip-quotes.ua838268.serversignin.com/rw_common/themes/aqualicious/images/blue/menu_bg.png

Requested by

Host: www.zip-quotes.ua838268.serversignin.com
URL: https://www.zip-quotes.ua838268.serversignin.com/rw_common/themes/aqualicious/consolidated.css

Protocol

Security

QUIC, , AES_128_GCM

Server

138.201.211.238 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

mail.eu8681.clients.hostm.net

Software

Resource Hash

3e53200e1d1abafc48434bc382d180c8b2762a6b87bd86676a061d92ce689e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zip-quotes.ua838268.serversignin.com/rw_common/themes/aqualicious/consolidated.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Jul 2024 03:42:44 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
last-modified: Thu, 07 Jul 2016 22:32:03 GMT
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
content-length: 151

GET
H3 200 menu_starter.png
www.zip-quotes.ua838268.serversignin.com/rw_common/themes/aqualicious/images/ 84 B
126 B 269ms
267ms Image
image/png 138.201.211.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zip-quotes.ua838268.serversignin.com/rw_common/themes/aqualicious/images/menu_starter.png

Requested by

Host: www.zip-quotes.ua838268.serversignin.com
URL: https://www.zip-quotes.ua838268.serversignin.com/rw_common/themes/aqualicious/consolidated.css

Protocol

Security

QUIC, , AES_128_GCM

Server

138.201.211.238 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

mail.eu8681.clients.hostm.net

Software

Resource Hash

23a398d78204b7665a3236ccefab4101559f982aa993eb8d2ae466b8094545c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zip-quotes.ua838268.serversignin.com/rw_common/themes/aqualicious/consolidated.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Jul 2024 03:42:44 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
last-modified: Thu, 07 Jul 2016 22:34:27 GMT
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
content-length: 84

GET
H3 200 button_over.png
www.zip-quotes.ua838268.serversignin.com/rw_common/themes/aqualicious/images/blue/ 741 B
784 B 270ms
268ms Image
image/png 138.201.211.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zip-quotes.ua838268.serversignin.com/rw_common/themes/aqualicious/images/blue/button_over.png

Requested by

Host: www.zip-quotes.ua838268.serversignin.com
URL: https://www.zip-quotes.ua838268.serversignin.com/rw_common/themes/aqualicious/consolidated.css

Protocol

Security

QUIC, , AES_128_GCM

Server

138.201.211.238 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

mail.eu8681.clients.hostm.net

Software

Resource Hash

86befa15ecae1b2ae4dd7242b83f10bb48dac61f7baba90f5a453125dcd433d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zip-quotes.ua838268.serversignin.com/rw_common/themes/aqualicious/consolidated.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Jul 2024 03:42:44 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
last-modified: Thu, 07 Jul 2016 22:32:01 GMT
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
content-length: 741

GET
H3 200 button_normal.png
www.zip-quotes.ua838268.serversignin.com/rw_common/themes/aqualicious/images/ 437 B
481 B 268ms
267ms Image
image/png 138.201.211.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zip-quotes.ua838268.serversignin.com/rw_common/themes/aqualicious/images/button_normal.png

Requested by

Host: www.zip-quotes.ua838268.serversignin.com
URL: https://www.zip-quotes.ua838268.serversignin.com/rw_common/themes/aqualicious/consolidated.css

Protocol

Security

QUIC, , AES_128_GCM

Server

138.201.211.238 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

mail.eu8681.clients.hostm.net

Software

Resource Hash

a09afbf6d4b5d7dfad11523662b39776edf49d07acc5e146ed91a30d096342b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zip-quotes.ua838268.serversignin.com/rw_common/themes/aqualicious/consolidated.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Jul 2024 03:42:44 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
last-modified: Thu, 07 Jul 2016 22:34:36 GMT
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
content-length: 437

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 3742ms
5ms Font
font/woff2 142.250.71.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.67 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f3.1e100.net

Software

sffe /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zip-quotes.ua838268.serversignin.com
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 13 Jul 2024 01:21:19 GMT
x-content-type-options: nosniff
age: 267689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11028
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Jul 2025 01:21:19 GMT

GET
H3 200 fontawesome-webfont.woff2
www.zip-quotes.ua838268.serversignin.com/files/formloom3/fonts/ 65 KB
65 KB 267ms
266ms Font
font/woff2 138.201.211.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zip-quotes.ua838268.serversignin.com/files/formloom3/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: www.zip-quotes.ua838268.serversignin.com
URL: https://www.zip-quotes.ua838268.serversignin.com/files/formloom-page0.css?v=87

Protocol

Security

QUIC, , AES_128_GCM

Server

138.201.211.238 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

mail.eu8681.clients.hostm.net

Software

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zip-quotes.ua838268.serversignin.com/files/formloom-page0.css?v=87
Origin: https://www.zip-quotes.ua838268.serversignin.com
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Jul 2024 03:42:45 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
last-modified: Fri, 08 Jul 2016 02:09:12 GMT
vary: Accept-Encoding
content-type: font/woff2
accept-ranges: bytes
content-length: 66624

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.zip-quotes.ua838268.serversignin.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: loi8ntbkbfm7hjr4e43domeh70

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.zip-quotes.ua838268.serversignin.com/ Message: Mixed Content: The page at 'https://www.zip-quotes.ua838268.serversignin.com/' was loaded over HTTPS, but requested an insecure script 'http://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
www.google.com
www.gstatic.com
www.zip-quotes.ua838268.serversignin.com
ajax.googleapis.com
138.201.211.238
142.250.66.228
142.250.71.67
142.250.71.74
142.251.221.67
0ec782544506a0aea967ea044659c633e1ee735b79e5172cb263797cc5cefe3a
23a398d78204b7665a3236ccefab4101559f982aa993eb8d2ae466b8094545c1
3e53200e1d1abafc48434bc382d180c8b2762a6b87bd86676a061d92ce689e5d
587d5394ddb17dec6f39de2e973431f161a1e08a45d499fe7c7a6333a93904cd
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
86befa15ecae1b2ae4dd7242b83f10bb48dac61f7baba90f5a453125dcd433d0
8f6ecfa8d785821768823ffeebc0b8a5da6637944e7700b846637b2060e2a934
90b729c751869fea225ead98a060e8b4c9f52bdf97d0ffedeefb24974c44c11a
91a026b0e385ed4fbfd71601084909ac363f0808d4251d7f6346311ba5389cff
a09afbf6d4b5d7dfad11523662b39776edf49d07acc5e146ed91a30d096342b6
c7b128ce2254ae789c38c61a818baf5321f92bde5725216573f7374edaf1475c
d0adbc66a838ac19eb9f22de86d2141ec0841f8b79baf4a28bca2aa3636a1fd8
fc19d4295dae3a373ccab00f96eae9ad1defa1d3ff2be293e6547857e648fd7c
fedefa6b64719ff90e5b2bde418049493933b4f0560f0bd5bd831bd2de29e9d3
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.zip-quotes.ua838268.serversignin.com Open in urlscan Pro 138.201.211.238 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

94 %HTTPS

0 %IPv6

4 Domains

6 Subdomains

6 IPs

2 Countries

385 kBTransfer

992 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

www.zip-quotes.ua838268.serversignin.com Open in urlscan Pro
138.201.211.238 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

94 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

6
IPs

2
Countries

385 kB
Transfer

992 kB
Size

1
Cookies

16 HTTP transactions
0 data transactions