urlscan.io logo urlscan.io
SecurityTrails logo

be.loccitane.com Open in urlscan Pro
194.146.175.18  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.nucash.be/user/cm-l.php?sk=5aae38d9118e948c342d841c213571d58e8439c5&e=28bd562c0d803e4c8c5fb525d70c2e8d0c43...
Effective URL: https://be.loccitane.com/verzorgingsritueel-tasje-als-geschenk,79,2,94719,1326053.htm%20%20?utm_source=tradedoubler&utm_m...
Submission: On February 13 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 6 domains to perform 15 HTTP transactions. The main IP is 194.146.175.18, located in France and belongs to CLARANET-AS ClaraNET LTD, GB. The main domain is be.loccitane.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on October 4th 2019. Valid for: 9 months.
This is the only time be.loccitane.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 78.137.118.22 61323 (SECARMA)
4 2a02:21a8:0:3... 61323 (SECARMA)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 34.95.109.120 15169 (GOOGLE)
1 13.224.196.112 16509 (AMAZON-02)
1 1 54.194.187.128 16509 (AMAZON-02)
1 194.146.175.18 8426 (CLARANET-...)
1 188.165.150.178 16276 (OVH)
1 13.225.78.59 16509 (AMAZON-02)
1 52.48.12.215 16509 (AMAZON-02)
15 9
4    78.137.118.22 (Manchester, United Kingdom)

ASN61323 (SECARMA, GB)
PTR: 78.137.118.22.srvlist.ukfast.net
www.nucash.be
4    2a02:21a8:0:3::ca6b:ba66 (United Kingdom)

ASN61323 (SECARMA, GB)
static.orangebuddies.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    34.95.109.120 (United States)

ASN15169 (GOOGLE, US)
PTR: 120.109.95.34.bc.googleusercontent.com
clk.tradedoubler.com
1    13.224.196.112 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-112.fra2.r.cloudfront.net
vht.tradedoubler.com
1    54.194.187.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-187-128.eu-west-1.compute.amazonaws.com
redir.tradedoubler.com
1    194.146.175.18 (France)

ASN8426 (CLARANET-AS ClaraNET LTD, GB)
PTR: relay-occita-front01.msp.fr.clara.net
be.loccitane.com
1    188.165.150.178 (France)

ASN16276 (OVH, FR)
PTR: lb02.net.royalcactus.com
analytics.tradedoubler.com
1    13.225.78.59 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-59.fra2.r.cloudfront.net
ct.captcha-delivery.com
1    52.48.12.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-12-215.eu-west-1.compute.amazonaws.com
c.captcha-delivery.com
Domain Requested by
4 static.orangebuddies.com www.nucash.be
4 www.nucash.be www.nucash.be
2 clk.tradedoubler.com 1 redirects
1 c.captcha-delivery.com ct.captcha-delivery.com
1 ct.captcha-delivery.com be.loccitane.com
1 analytics.tradedoubler.com vht.tradedoubler.com
1 be.loccitane.com clk.tradedoubler.com
1 redir.tradedoubler.com 1 redirects
1 vht.tradedoubler.com clk.tradedoubler.com
1 fonts.googleapis.com www.nucash.be
15 10

This site contains no links.

Subject Issuer Validity Valid
www.cashbackkorting.nl
Sectigo RSA Domain Validation Secure Server CA		 2019-05-06 -
2021-05-21		 2 years crt.sh
static.orangebuddies.com
Sectigo RSA Domain Validation Secure Server CA		 2019-06-17 -
2021-06-17		 2 years crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
*.tradedoubler.com
GlobalSign Domain Validation CA - SHA256 - G2		 2018-12-10 -
2021-01-27		 2 years crt.sh
*.loccitane.com
DigiCert SHA2 High Assurance Server CA		 2019-10-04 -
2020-07-06		 9 months crt.sh
analytics.tradedoubler.com
COMODO RSA Domain Validation Secure Server CA		 2018-02-02 -
2021-02-01		 3 years crt.sh
*.captcha-delivery.com
Amazon		 2019-12-23 -
2021-01-23		 a year crt.sh

This page contains 2 frames:

Primary Page: https://be.loccitane.com/verzorgingsritueel-tasje-als-geschenk,79,2,94719,1326053.htm%20%20?utm_source=tradedoubler&utm_medium=roiAffiliate&utm_campaign=BENL_alwaysOn_performance_branding_multi&utm_content=banner_cpa&utm_term=201901_rifle_paper_offer&tduid=73fc1c283167ee81808dfded6b49d280
Frame ID: DFD8F379CBFEBFFF4E374FCD904724A6
Requests: 14 HTTP requests in this frame

Frame: https://c.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMApT_ys1Ks-1MAVZ_tIg%3D%3D&hash=05855055E4FD6CAFCCD506CE41122E&cid=Ay9BnRLM-d5o6tnhVe3hICai-8y6l5Kojf_lJBfG_KW6AijOcn6hHRvtLmFNNeM0oS6Y7vV5qYZNyVOWKqOSyld.7F_TT9kKulxcGpEn~2&t=fe
Frame ID: 0276603A50E0AEE8D7163D2B0D6E447A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.nucash.be/user/cm-l.php?sk=5aae38d9118e948c342d841c213571d58e8439c5&e=28bd562c0d803e4c... Page URL
  2. https://clk.tradedoubler.com/click?p=235511&a=1867590&g=23484176&epi=68-OBS-5e45ac003ac6068 Page URL
  3. https://clk.tradedoubler.com/click?p=235511&a=1867590&g=23484176&epi=68-OBS-5e45ac003ac6068 HTTP 302
    https://redir.tradedoubler.com/projectr/?tduid=73fc1c283167ee81808dfded6b49d280&utm_source=tradedoubler_186... HTTP 302
    https://be.loccitane.com/verzorgingsritueel-tasje-als-geschenk,79,2,94719,1326053.htm%20%20?utm_sourc... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

15
Requests

100 %
HTTPS

20 %
IPv6

6
Domains

10
Subdomains

9
IPs

5
Countries

142 kB
Transfer

395 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.nucash.be/user/cm-l.php?sk=5aae38d9118e948c342d841c213571d58e8439c5&e=28bd562c0d803e4c8c5fb525d70c2e8d0c43cbae-18064&ic=7 Page URL
  2. https://clk.tradedoubler.com/click?p=235511&a=1867590&g=23484176&epi=68-OBS-5e45ac003ac6068 Page URL
  3. https://clk.tradedoubler.com/click?p=235511&a=1867590&g=23484176&epi=68-OBS-5e45ac003ac6068 HTTP 302
    https://redir.tradedoubler.com/projectr/?tduid=73fc1c283167ee81808dfded6b49d280&utm_source=tradedoubler_1867590&utm_medium=roiAffiliate&utm_campaign=BEBE_alwaysOn_performance_branding_multi&_td_deeplink=https://be.loccitane.com/verzorgingsritueel-tasje-als-geschenk,79,2,94719,1326053.htm%20%20?utm_source=tradedoubler&utm_medium=roiAffiliate&utm_campaign=BENL_alwaysOn_performance_branding_multi&utm_content=banner_cpa&utm_term=201901_rifle_paper_offer HTTP 302
    https://be.loccitane.com/verzorgingsritueel-tasje-als-geschenk,79,2,94719,1326053.htm%20%20?utm_source=tradedoubler&utm_medium=roiAffiliate&utm_campaign=BENL_alwaysOn_performance_branding_multi&utm_content=banner_cpa&utm_term=201901_rifle_paper_offer&tduid=73fc1c283167ee81808dfded6b49d280 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set cm-l.php
www.nucash.be/user/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nucash.be/user/cm-l.php?sk=5aae38d9118e948c342d841c213571d58e8439c5&e=28bd562c0d803e4c8c5fb525d70c2e8d0c43cbae-18064&ic=7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.137.118.22 Manchester, United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
78.137.118.22.srvlist.ukfast.net
Software
nginx /
Resource Hash
28342ad0709304ed89645f549da8520bde4958228c5c5a7eba960f1a87571171
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
www.nucash.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Server
nginx
Date
Thu, 13 Feb 2020 20:05:20 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1591
Connection
keep-alive
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Xss-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
Set-Cookie
PHPSESSID=n6sbr4uvrlandqrmhuv0mgu8m4; path=/; secure; HttpOnly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
layout.css
static.orangebuddies.com/templates/www.nucash.be/march16/css/ 		245 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.orangebuddies.com/templates/www.nucash.be/march16/css/layout.css
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cm-l.php?sk=5aae38d9118e948c342d841c213571d58e8439c5&e=28bd562c0d803e4c8c5fb525d70c2e8d0c43cbae-18064&ic=7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
5bc9bfe7129b7fff288565fdd2bd30b2d9923507bf306429be1e1347203b1c83

Request headers

Referer
https://www.nucash.be/user/cm-l.php?sk=5aae38d9118e948c342d841c213571d58e8439c5&e=28bd562c0d803e4c8c5fb525d70c2e8d0c43cbae-18064&ic=7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 13 Feb 2020 20:05:20 GMT
content-encoding
gzip
last-modified
Fri, 17 Jan 2020 10:56:47 GMT
server
nginx/1.4.7
access-control-allow-origin
*
vary
Accept-Encoding
content-type
text/css
status
200
exit-page-cbk-new.css
www.nucash.be/general.assets/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nucash.be/general.assets/css/exit-page-cbk-new.css
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cm-l.php?sk=5aae38d9118e948c342d841c213571d58e8439c5&e=28bd562c0d803e4c8c5fb525d70c2e8d0c43cbae-18064&ic=7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.137.118.22 Manchester, United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
78.137.118.22.srvlist.ukfast.net
Software
nginx /
Resource Hash
ed5279e550ac7f7e7d13962a02507cc671ba8d5e41cd832edcc436687b2d1d28
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nucash.be/user/cm-l.php?sk=5aae38d9118e948c342d841c213571d58e8439c5&e=28bd562c0d803e4c8c5fb525d70c2e8d0c43cbae-18064&ic=7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Thu, 13 Feb 2020 20:05:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000, public, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
706
X-Xss-Protection
1; mode=block
jquery.min.js
www.nucash.be/general.assets/js/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nucash.be/general.assets/js/jquery.min.js
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cm-l.php?sk=5aae38d9118e948c342d841c213571d58e8439c5&e=28bd562c0d803e4c8c5fb525d70c2e8d0c43cbae-18064&ic=7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.137.118.22 Manchester, United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
78.137.118.22.srvlist.ukfast.net
Software
nginx /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nucash.be/user/cm-l.php?sk=5aae38d9118e948c342d841c213571d58e8439c5&e=28bd562c0d803e4c8c5fb525d70c2e8d0c43cbae-18064&ic=7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 13 Feb 2020 20:05:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000, public, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33430
X-Xss-Protection
1; mode=block
logo.png
static.orangebuddies.com/templates/www.nucash.be/march16/assets/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.orangebuddies.com/templates/www.nucash.be/march16/assets/logo.png
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cm-l.php?sk=5aae38d9118e948c342d841c213571d58e8439c5&e=28bd562c0d803e4c8c5fb525d70c2e8d0c43cbae-18064&ic=7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
81bfc535b798aea06763ba112fd7edc6f88fee549f9e0a4a98b0cea84bef23e6

Request headers

Referer
https://www.nucash.be/user/cm-l.php?sk=5aae38d9118e948c342d841c213571d58e8439c5&e=28bd562c0d803e4c8c5fb525d70c2e8d0c43cbae-18064&ic=7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 13 Feb 2020 20:05:20 GMT
last-modified
Wed, 02 Nov 2016 07:31:45 GMT
server
nginx/1.4.7
access-control-allow-origin
*
etag
"58199661-5511"
content-type
image/png
status
200
accept-ranges
bytes
content-length
21777
13800.jpg
static.orangebuddies.com/image/stores/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.orangebuddies.com/image/stores/13800.jpg
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cm-l.php?sk=5aae38d9118e948c342d841c213571d58e8439c5&e=28bd562c0d803e4c8c5fb525d70c2e8d0c43cbae-18064&ic=7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
5f8f10c12da91507443e45318a8d9c4676f33d3f53a423043f367ba0dd2eaf42

Request headers

Referer
https://www.nucash.be/user/cm-l.php?sk=5aae38d9118e948c342d841c213571d58e8439c5&e=28bd562c0d803e4c8c5fb525d70c2e8d0c43cbae-18064&ic=7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 13 Feb 2020 20:05:20 GMT
last-modified
Tue, 05 Feb 2019 08:24:50 GMT
server
nginx/1.4.7
access-control-allow-origin
*
etag
"5c594852-1553"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
5459
41297-ExitPage468x60.jpg
static.orangebuddies.com/image/banners/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.orangebuddies.com/image/banners/41297-ExitPage468x60.jpg
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cm-l.php?sk=5aae38d9118e948c342d841c213571d58e8439c5&e=28bd562c0d803e4c8c5fb525d70c2e8d0c43cbae-18064&ic=7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
69c78fcfbd429a5b7e7171f476c002e454c8d95f2b9cff68f7b97272f6bebe40

Request headers

Referer
https://www.nucash.be/user/cm-l.php?sk=5aae38d9118e948c342d841c213571d58e8439c5&e=28bd562c0d803e4c8c5fb525d70c2e8d0c43cbae-18064&ic=7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 13 Feb 2020 20:05:20 GMT
last-modified
Wed, 17 Apr 2019 13:21:13 GMT
server
nginx/1.4.7
access-control-allow-origin
*
etag
"5cb72849-23f2"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
9202
css
fonts.googleapis.com/ 		2 KB
589 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans+Narrow
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cm-l.php?sk=5aae38d9118e948c342d841c213571d58e8439c5&e=28bd562c0d803e4c8c5fb525d70c2e8d0c43cbae-18064&ic=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bc2d206064e6dbc975bb0bf332fb48c7af9b04187b263713b4db2f61831cb8cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.nucash.be/user/cm-l.php?sk=5aae38d9118e948c342d841c213571d58e8439c5&e=28bd562c0d803e4c8c5fb525d70c2e8d0c43cbae-18064&ic=7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 13 Feb 2020 20:05:20 GMT
server
ESF
date
Thu, 13 Feb 2020 20:05:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Feb 2020 20:05:20 GMT
bar-loading.gif
www.nucash.be/general.assets/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nucash.be/general.assets/images/bar-loading.gif
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/general.assets/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.137.118.22 Manchester, United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
78.137.118.22.srvlist.ukfast.net
Software
nginx /
Resource Hash
a03a0e52f0f18d00375e4358ede5ec2ab934ea7a739e916c7c1caa702833e1b2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nucash.be/general.assets/css/exit-page-cbk-new.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 13 Feb 2020 20:05:20 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000, public, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3161
X-Xss-Protection
1; mode=block
click
clk.tradedoubler.com/ 		897 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clk.tradedoubler.com/click?p=235511&a=1867590&g=23484176&epi=68-OBS-5e45ac003ac6068
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.109.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
120.109.95.34.bc.googleusercontent.com
Software
TXServerHttp /
Resource Hash
354c527787b693194c83f840f63ec0a1656553fadeb32fc35588170a1f35dc8d

Request headers

:method
GET
:authority
clk.tradedoubler.com
:scheme
https
:path
/click?p=235511&a=1867590&g=23484176&epi=68-OBS-5e45ac003ac6068
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
content-type
text/html; charset=ISO-8859-1
server
TXServerHttp
access-control-allow-origin
*
cache-control
private, max-age=0
pragma
no-cache
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy
origin
date
Thu, 13 Feb 2020 20:05:22 GMT
content-length
897
via
1.1 google
alt-svc
clear
prefs.js
vht.tradedoubler.com/fp/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vht.tradedoubler.com/fp/prefs.js
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=235511&a=1867590&g=23484176&epi=68-OBS-5e45ac003ac6068
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.196.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-112.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d

Request headers

Referer
https://clk.tradedoubler.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 13 Feb 2020 05:18:33 GMT
Via
1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
Age
136784
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
9481
Last-Modified
Mon, 15 Oct 2018 09:28:46 GMT
Server
Apache
ETag
"2509-57841106334e6"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800, public
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
tgVi1QmF9d3ltCbWqNdTM34P3fRLdbAird6MSGozeNCaIoWtm7Pvyg==
Expires
Wed, 19 Feb 2020 06:05:39 GMT
Primary Request Cookie set verzorgingsritueel-tasje-als-geschenk,79,2,94719,1326053.htm%20%20
be.loccitane.com/
Redirect Chain
  • https://clk.tradedoubler.com/click?p=235511&a=1867590&g=23484176&epi=68-OBS-5e45ac003ac6068
  • https://redir.tradedoubler.com/projectr/?tduid=73fc1c283167ee81808dfded6b49d280&utm_source=tradedoubler_1867590&utm_medium=roiAffiliate&utm_campaign=BEBE_alwaysOn_performance_branding_multi&_td_dee...
  • https://be.loccitane.com/verzorgingsritueel-tasje-als-geschenk,79,2,94719,1326053.htm%20%20?utm_source=tradedoubler&utm_medium=roiAffiliate&utm_campaign=BENL_alwaysOn_performance_branding_multi&utm...
531 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://be.loccitane.com/verzorgingsritueel-tasje-als-geschenk,79,2,94719,1326053.htm%20%20?utm_source=tradedoubler&utm_medium=roiAffiliate&utm_campaign=BENL_alwaysOn_performance_branding_multi&utm_content=banner_cpa&utm_term=201901_rifle_paper_offer&tduid=73fc1c283167ee81808dfded6b49d280
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=235511&a=1867590&g=23484176&epi=68-OBS-5e45ac003ac6068
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
194.146.175.18 , France, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
relay-occita-front01.msp.fr.clara.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
7c235f4786d837a75e85e483ac51ffd5c99180a58a8e9091607a3cf0eb4522c1
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Host
be.loccitane.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://clk.tradedoubler.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Origin
https://clk.tradedoubler.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://clk.tradedoubler.com/

Response headers

Cache-Control
max-age=0, private, no-cache, no-store, must-revalidate
Pragma
no-cache
Content-Type
text/html;charset=utf-8
Server
Microsoft-IIS/7.5
X-DataDome
protected
Charset
utf-8
X-DataDome-CID
AHrlqAAAAAMApT_ys1Ks-1MAVZ_tIg==
Set-Cookie
datadome=Ay9BnRLM-d5o6tnhVe3hICai-8y6l5Kojf_lJBfG_KW6AijOcn6hHRvtLmFNNeM0oS6Y7vV5qYZNyVOWKqOSyld.7F_TT9kKulxcGpEn~2; Path=/; Domain=.loccitane.com; Expires=Fri, 12-Feb-2021 20:05:24 GMT; Max-Age=31536000; SameSite=Lax
X-Powered-By
ASP.NET
X-Xss-Protection
1
access-control-allow-headers
content-type
Date
Thu, 13 Feb 2020 20:05:23 GMT
Content-Length
531

Redirect headers

Cache-control
no-cache="set-cookie"
Content-Type
text/html; charset=UTF-8
Date
Thu, 13 Feb 2020 20:05:24 GMT
Location
https://be.loccitane.com/verzorgingsritueel-tasje-als-geschenk,79,2,94719,1326053.htm%20%20?utm_source=tradedoubler&utm_medium=roiAffiliate&utm_campaign=BENL_alwaysOn_performance_branding_multi&utm_content=banner_cpa&utm_term=201901_rifle_paper_offer&tduid=73fc1c283167ee81808dfded6b49d280
Server
Apache/2.4.41 (Amazon) PHP/7.0.33
Set-Cookie
AWSELB=FF1BFB8F1C42D3E6A4BF4A0B044EDED4042A192C92991BBD6265150DC39F38E63CFF5BABDE52CC858A3682088BAF9956730AD534F0639998E2226FAE8D558457CAD9B6D0A7;PATH=/;MAX-AGE=30 AWSELBCORS=FF1BFB8F1C42D3E6A4BF4A0B044EDED4042A192C92991BBD6265150DC39F38E63CFF5BABDE52CC858A3682088BAF9956730AD534F0639998E2226FAE8D558457CAD9B6D0A7;PATH=/;MAX-AGE=30;SECURE;SAMESITE=None
X-Powered-By
PHP/7.0.33
Content-Length
1
Connection
keep-alive
/
analytics.tradedoubler.com/ 		0
187 B 		Other
General
Check archive.org
Download Go to
Full URL
https://analytics.tradedoubler.com/
Requested by
Host: vht.tradedoubler.com
URL: https://vht.tradedoubler.com/fp/prefs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.165.150.178 , France, ASN16276 (OVH, FR),
Reverse DNS
lb02.net.royalcactus.com
Software
nginx /
Resource Hash

Request headers

Referer
https://clk.tradedoubler.com/
Origin
https://clk.tradedoubler.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 13 Feb 2020 20:05:24 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
c.js
ct.captcha-delivery.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.captcha-delivery.com/c.js
Requested by
Host: be.loccitane.com
URL: https://be.loccitane.com/verzorgingsritueel-tasje-als-geschenk,79,2,94719,1326053.htm%20%20?utm_source=tradedoubler&utm_medium=roiAffiliate&utm_campaign=BENL_alwaysOn_performance_branding_multi&utm_content=banner_cpa&utm_term=201901_rifle_paper_offer&tduid=73fc1c283167ee81808dfded6b49d280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-59.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f8b2347105be1c082bc049132a5d6ab3b66a168ecad40dacc5ef36fc104ad8d3

Request headers

Referer
https://be.loccitane.com/verzorgingsritueel-tasje-als-geschenk,79,2,94719,1326053.htm%20%20?utm_source=tradedoubler&utm_medium=roiAffiliate&utm_campaign=BENL_alwaysOn_performance_branding_multi&utm_content=banner_cpa&utm_term=201901_rifle_paper_offer&tduid=73fc1c283167ee81808dfded6b49d280
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 13:25:19 GMT
via
1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
last-modified
Fri, 31 Jan 2020 08:57:13 GMT
server
AmazonS3
age
24006
etag
"f2342f2eed2cc9ed01befb8a879399d0"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
1363
x-amz-cf-id
5YCTIEX_PwPtQhFIkk3zXB0oOgLLsWn4v2d-HOfc5orrIm3if4Kh2A==
/
c.captcha-delivery.com/captcha/ Frame 0276 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMApT_ys1Ks-1MAVZ_tIg%3D%3D&hash=05855055E4FD6CAFCCD506CE41122E&cid=Ay9BnRLM-d5o6tnhVe3hICai-8y6l5Kojf_lJBfG_KW6AijOcn6hHRvtLmFNNeM0oS6Y7vV5qYZNyVOWKqOSyld.7F_TT9kKulxcGpEn~2&t=fe
Requested by
Host: ct.captcha-delivery.com
URL: https://ct.captcha-delivery.com/c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.12.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-12-215.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash

Request headers

:method
GET
:authority
c.captcha-delivery.com
:scheme
https
:path
/captcha/?initialCid=AHrlqAAAAAMApT_ys1Ks-1MAVZ_tIg%3D%3D&hash=05855055E4FD6CAFCCD506CE41122E&cid=Ay9BnRLM-d5o6tnhVe3hICai-8y6l5Kojf_lJBfG_KW6AijOcn6hHRvtLmFNNeM0oS6Y7vV5qYZNyVOWKqOSyld.7F_TT9kKulxcGpEn~2&t=fe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://be.loccitane.com/verzorgingsritueel-tasje-als-geschenk,79,2,94719,1326053.htm%20%20?utm_source=tradedoubler&utm_medium=roiAffiliate&utm_campaign=BENL_alwaysOn_performance_branding_multi&utm_content=banner_cpa&utm_term=201901_rifle_paper_offer&tduid=73fc1c283167ee81808dfded6b49d280
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://be.loccitane.com/verzorgingsritueel-tasje-als-geschenk,79,2,94719,1326053.htm%20%20?utm_source=tradedoubler&utm_medium=roiAffiliate&utm_campaign=BENL_alwaysOn_performance_branding_multi&utm_content=banner_cpa&utm_term=201901_rifle_paper_offer&tduid=73fc1c283167ee81808dfded6b49d280

Response headers

status
200
date
Thu, 13 Feb 2020 20:05:24 GMT
content-type
text/html; charset=UTF-8
server
Apache
x-datadome
protected
set-cookie
datadome=MdVKvEZLS~R3FbT-OfLI96uILala~TlZJbVn3yL6GAVcRTt-8WTbizS1mFzE0rWi-_I~.T-ZXc1L0bnVeOmkI2sy9Gt5cqccdyzQGt0zAm; Path=/; Domain=.captcha-delivery.com; Expires=Fri, 12-Feb-2021 20:05:24 GMT; Max-Age=31536000; SameSite=Lax
cache-control
no-cache, private

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dd

4 Cookies

Domain/Path Name / Value
.captcha-delivery.com/ Name: _gid
Value: GA1.2.1290310670.1581624325
.captcha-delivery.com/ Name: _gat
Value: 1
.captcha-delivery.com/ Name: _ga
Value: GA1.2.503473581.1581624325
.loccitane.com/ Name: datadome
Value: Ay9BnRLM-d5o6tnhVe3hICai-8y6l5Kojf_lJBfG_KW6AijOcn6hHRvtLmFNNeM0oS6Y7vV5qYZNyVOWKqOSyld.7F_TT9kKulxcGpEn~2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block