Submitted URL: https://nl-be.cashbackdeals.be/user/wky-l.php?sk=9a3f931b8356f4f4bc1be2bafd719a2c444fff7d&e=c2e8cbd2c660f6cfb69aa7081154e58522f...
Effective URL: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
Submission: On June 09 via api from BE

Summary

This website contacted 5 IPs in 4 countries across 6 domains to perform 21 HTTP transactions. The main IP is 185.61.154.60, located in United Kingdom and belongs to NAMECHEAP-NET - Namecheap, Inc., US. The main domain is healthblogsource.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 20th 2019. Valid for: a year.
This is the only time healthblogsource.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 78.137.118.22 34934 (UKFAST)
4 205.185.216.10 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 52.30.52.254 16509 (AMAZON-02)
10 185.61.154.60 22612 (NAMECHEAP...)
21 5
Domain Requested by
10 healthblogsource.com healthblogsource.com
4 static.orangebuddies.nl nl-be.cashbackdeals.be
4 nl-be.cashbackdeals.be nl-be.cashbackdeals.be
2 www.google-analytics.com nl-be.cashbackdeals.be
1 tracking.1ards.com 1 redirects
1 fonts.googleapis.com nl-be.cashbackdeals.be
21 6

This site contains links to these domains. Also see Links.

Domain
www.onlineshopping95.com
Subject Issuer Validity Valid
www.cashbackkorting.nl
Sectigo RSA Domain Validation Secure Server CA
2019-05-06 -
2021-05-21
2 years crt.sh
*.turbobytes.net
DigiCert SHA2 Secure Server CA
2019-05-14 -
2020-01-03
8 months crt.sh
*.googleapis.com
Google Internet Authority G3
2019-05-21 -
2019-08-13
3 months crt.sh
*.google-analytics.com
Google Internet Authority G3
2019-05-21 -
2019-08-13
3 months crt.sh
healthblogsource.com
Sectigo RSA Domain Validation Secure Server CA
2019-05-20 -
2020-05-19
a year crt.sh

This page contains 2 frames:

Primary Page: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
Frame ID: 5031F13331C6AEE83C9A036235EB5467
Requests: 14 HTTP requests in this frame

Frame: https://nl-be.cashbackdeals.be/user/weekly_campaign_text.php
Frame ID: 04E57E75B0F8C89B3900895C22146F12
Requests: 7 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://nl-be.cashbackdeals.be/user/wky-l.php?sk=9a3f931b8356f4f4bc1be2bafd719a2c444fff7d&e=c2e8cbd2c660f6c... Page URL
  2. https://nl-be.cashbackdeals.be/visit/beter-slapen-met-premium-sleep-comfort-be.php Page URL
  3. http://tracking.1ards.com/aff_c?offer_id=2676&aff_id=1047&aff_sub=40-OBS- HTTP 302
    https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&n... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Page Statistics

21
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

5
IPs

4
Countries

2193 kB
Transfer

3165 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://nl-be.cashbackdeals.be/user/wky-l.php?sk=9a3f931b8356f4f4bc1be2bafd719a2c444fff7d&e=c2e8cbd2c660f6cfb69aa7081154e58522f8dedb-1593&cm=406ebb060241b67087d66602ef2f739aff6e7413-17029 Page URL
  2. https://nl-be.cashbackdeals.be/visit/beter-slapen-met-premium-sleep-comfort-be.php Page URL
  3. http://tracking.1ards.com/aff_c?offer_id=2676&aff_id=1047&aff_sub=40-OBS- HTTP 302
    https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set wky-l.php
nl-be.cashbackdeals.be/user/
570 B
1016 B
Document
General
Full URL
https://nl-be.cashbackdeals.be/user/wky-l.php?sk=9a3f931b8356f4f4bc1be2bafd719a2c444fff7d&e=c2e8cbd2c660f6cfb69aa7081154e58522f8dedb-1593&cm=406ebb060241b67087d66602ef2f739aff6e7413-17029
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.137.118.22 , United Kingdom, ASN34934 (UKFAST, GB),
Reverse DNS
78.137.118.22.srvlist.ukfast.net
Software
nginx /
Resource Hash
698fb4dffd76025bbbdc7055ce7c48639ea6364842e3e1713c8e7b9891926b38
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
nl-be.cashbackdeals.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Sun, 09 Jun 2019 19:28:21 GMT
Content-Type
text/html; charset=utf-8
Content-Length
387
Connection
keep-alive
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Xss-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
Set-Cookie
PHPSESSID=8f824n9empufjbc33cpmmb08d5; path=/; secure; HttpOnly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
weekly_campaign_text.php
nl-be.cashbackdeals.be/user/ Frame 04E5
2 KB
1 KB
Document
General
Full URL
https://nl-be.cashbackdeals.be/user/weekly_campaign_text.php
Requested by
Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/user/wky-l.php?sk=9a3f931b8356f4f4bc1be2bafd719a2c444fff7d&e=c2e8cbd2c660f6cfb69aa7081154e58522f8dedb-1593&cm=406ebb060241b67087d66602ef2f739aff6e7413-17029
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.137.118.22 , United Kingdom, ASN34934 (UKFAST, GB),
Reverse DNS
78.137.118.22.srvlist.ukfast.net
Software
nginx / PHP/5.6.25
Resource Hash
0995a672ee60b49c96d94524ea11a5ab25c3080ce2942f076fd4f593dabf930f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
nl-be.cashbackdeals.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://nl-be.cashbackdeals.be/user/wky-l.php?sk=9a3f931b8356f4f4bc1be2bafd719a2c444fff7d&e=c2e8cbd2c660f6cfb69aa7081154e58522f8dedb-1593&cm=406ebb060241b67087d66602ef2f739aff6e7413-17029
Accept-Encoding
gzip, deflate, br
Cookie
PHPSESSID=8f824n9empufjbc33cpmmb08d5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://nl-be.cashbackdeals.be/user/wky-l.php?sk=9a3f931b8356f4f4bc1be2bafd719a2c444fff7d&e=c2e8cbd2c660f6cfb69aa7081154e58522f8dedb-1593&cm=406ebb060241b67087d66602ef2f739aff6e7413-17029

Response headers

Server
nginx
Date
Sun, 09 Jun 2019 19:28:21 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
1011
Connection
keep-alive
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Xss-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
X-Powered-By
PHP/5.6.25
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
layout.css
static.orangebuddies.nl/templates/nl-be.cashbackdeals.be/march16/css/ Frame 04E5
241 KB
51 KB
Stylesheet
General
Full URL
https://static.orangebuddies.nl/templates/nl-be.cashbackdeals.be/march16/css/layout.css
Requested by
Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/user/weekly_campaign_text.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
e59f0c0d2b21752b5e7bf4358e0bbe5046bde84044a9a7f2a42643707059552e

Request headers

Referer
https://nl-be.cashbackdeals.be/user/weekly_campaign_text.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 09 Jun 2019 19:28:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Apr 2019 11:44:25 GMT
ETag
"1556624665"
X-HW
1560108529.dop103.lo4.shc,1560108529.dop103.lo4.t,1560108529.cds076.lo4.c
Content-Type
text/css
Cache-Control
max-age=78620
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
51535
jquery.min.js
nl-be.cashbackdeals.be/general.assets/js/ Frame 04E5
91 KB
33 KB
Script
General
Full URL
https://nl-be.cashbackdeals.be/general.assets/js/jquery.min.js
Requested by
Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/user/weekly_campaign_text.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.137.118.22 , United Kingdom, ASN34934 (UKFAST, GB),
Reverse DNS
78.137.118.22.srvlist.ukfast.net
Software
nginx /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nl-be.cashbackdeals.be/user/weekly_campaign_text.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 09 Jun 2019 19:28:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Feb 2018 05:34:37 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
Accept-Ranges
bytes
Content-Length
33430
X-Xss-Protection
1; mode=block
logo.png
static.orangebuddies.nl/templates/nl-be.cashbackdeals.be/march16/assets/ Frame 04E5
25 KB
25 KB
Image
General
Full URL
https://static.orangebuddies.nl/templates/nl-be.cashbackdeals.be/march16/assets/logo.png
Requested by
Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/user/weekly_campaign_text.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
1821515652f419cb9b6065faa25715d249f3826189145ff854f31324f4877303

Request headers

Referer
https://nl-be.cashbackdeals.be/user/weekly_campaign_text.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 09 Jun 2019 19:28:49 GMT
Last-Modified
Wed, 02 Nov 2016 07:31:44 GMT
ETag
"1478071904"
X-HW
1560108529.dop103.lo4.shc,1560108529.dop103.lo4.t,1560108529.cds100.lo4.c
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=74662
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25603
cashmail_text.jpg
static.orangebuddies.nl/templates/nl-be.cashbackdeals.be/march16/assets/ Frame 04E5
5 KB
6 KB
Image
General
Full URL
https://static.orangebuddies.nl/templates/nl-be.cashbackdeals.be/march16/assets/cashmail_text.jpg
Requested by
Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/user/weekly_campaign_text.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
fc01325ae65aa4bd02183ee4fdf3f8a7c5ce29a0ed8102ebfdee29c5113c9858

Request headers

Referer
https://nl-be.cashbackdeals.be/user/weekly_campaign_text.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 09 Jun 2019 19:28:49 GMT
Last-Modified
Mon, 27 Jun 2016 07:29:34 GMT
ETag
"1467012574"
X-HW
1560108529.dop090.lo4.shc,1560108529.dop090.lo4.t,1560108529.cds044.lo4.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=861181
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5299
css
fonts.googleapis.com/ Frame 04E5
2 KB
549 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=PT+Sans+Narrow
Requested by
Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/user/weekly_campaign_text.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
71ce8fc7d2207e9fc8c455121b8c45e6cc0a68313c88bc2beee5b3818c44dbb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nl-be.cashbackdeals.be/user/weekly_campaign_text.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 09 Jun 2019 19:28:49 GMT
server
ESF
access-control-allow-origin
*
date
Sun, 09 Jun 2019 19:28:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Sun, 09 Jun 2019 19:28:49 GMT
bg.jpg
static.orangebuddies.nl/templates/nl-be.cashbackdeals.be/march16/assets/ Frame 04E5
14 KB
15 KB
Image
General
Full URL
https://static.orangebuddies.nl/templates/nl-be.cashbackdeals.be/march16/assets/bg.jpg
Requested by
Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/general.assets/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
276ed23fdaae28019edf73bb462d0738ec8312b97f26698518bb303fc5a9bd9f

Request headers

Referer
https://static.orangebuddies.nl/templates/nl-be.cashbackdeals.be/march16/css/layout.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 09 Jun 2019 19:28:49 GMT
Last-Modified
Wed, 02 Nov 2016 07:31:44 GMT
ETag
"1478071904"
X-HW
1560108529.dop103.lo4.shc,1560108529.dop103.lo4.t,1560108529.cds091.lo4.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=254636
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
14785
Cookie set beter-slapen-met-premium-sleep-comfort-be.php
nl-be.cashbackdeals.be/visit/
810 B
1 KB
Document
General
Full URL
https://nl-be.cashbackdeals.be/visit/beter-slapen-met-premium-sleep-comfort-be.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.137.118.22 , United Kingdom, ASN34934 (UKFAST, GB),
Reverse DNS
78.137.118.22.srvlist.ukfast.net
Software
nginx /
Resource Hash
60c8e887ce8911a04feb91794c67624f5d9e354ba1c419aa130930ab9a14f7cd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
nl-be.cashbackdeals.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://nl-be.cashbackdeals.be/user/wky-l.php?sk=9a3f931b8356f4f4bc1be2bafd719a2c444fff7d&e=c2e8cbd2c660f6cfb69aa7081154e58522f8dedb-1593&cm=406ebb060241b67087d66602ef2f739aff6e7413-17029
Accept-Encoding
gzip, deflate, br
Cookie
PHPSESSID=8f824n9empufjbc33cpmmb08d5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://nl-be.cashbackdeals.be/user/wky-l.php?sk=9a3f931b8356f4f4bc1be2bafd719a2c444fff7d&e=c2e8cbd2c660f6cfb69aa7081154e58522f8dedb-1593&cm=406ebb060241b67087d66602ef2f739aff6e7413-17029

Response headers

Server
nginx
Date
Sun, 09 Jun 2019 19:28:24 GMT
Content-Type
text/html; charset=utf-8
Content-Length
487
Connection
keep-alive
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Xss-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie
visitedStoresKey=a%3A1%3A%7Bi%3A0%3Bs%3A41%3A%22beter-slapen-met-premium-sleep-comfort-be%22%3B%7D; expires=Mon, 24-Jun-2019 19:27:32 GMT; Max-Age=1296000; path=/
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/visit/beter-slapen-met-premium-sleep-comfort-be.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nl-be.cashbackdeals.be/visit/beter-slapen-met-premium-sleep-comfort-be.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 May 2019 23:53:44 GMT
server
Golfe2
age
6978
date
Sun, 09 Jun 2019 17:32:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17595
expires
Sun, 09 Jun 2019 19:32:35 GMT
collect
www.google-analytics.com/r/
35 B
102 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1106377845&t=pageview&_s=1&dl=https%3A%2F%2Fnl-be.cashbackdeals.be%2Fvisit%2Fbeter-slapen-met-premium-sleep-comfort-be.php&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=463885059&gjid=1108700464&cid=772391250.1560108533&tid=UA-45189585-1&_gid=1428557638.1560108533&_r=1&z=1542890935
Requested by
Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/visit/beter-slapen-met-premium-sleep-comfort-be.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nl-be.cashbackdeals.be/visit/beter-slapen-met-premium-sleep-comfort-be.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jun 2019 19:28:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
Primary Request /
healthblogsource.com/beterslapen/
Redirect Chain
  • http://tracking.1ards.com/aff_c?offer_id=2676&aff_id=1047&aff_sub=40-OBS-
  • https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
623 KB
87 KB
Document
General
Full URL
https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
premium60-3.web-hosting.com
Software
Apache / PHP/5.6.40
Resource Hash
0ce8298816a9931a86537eb407be361a07adc15519b8e68e0453a9b9bb3a31da

Request headers

:method
GET
:authority
healthblogsource.com
:scheme
https
:path
/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 09 Jun 2019 19:28:53 GMT
server
Apache
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html; charset=UTF-8

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=iso-8859-1
Date
Sun, 09 Jun 2019 19:28:53 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
P3P
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Server
nginx/1.13.12
Set-Cookie
enc_aff_session_2676=ENC0366eb344309dac43c11461557f28329dab0bbc54a42432ce698831f42b6cae7b6b8e8cf43d70b46982d1e1aafa973867c9e716bcef77a9df51ad7e3fb096bd9cfe9b6b325fb1084bc7331ada48afe932be1ee180722e16883732d6ef3029bdd946a50f550a22b490bd701936b300ff4e2b35fcec68a3d1afb405718dd4b79805328446ecf; expires=Tue, 09 Jul 2019 19:28:53 GMT; path=/; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI3NC4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=; expires=Wed, 04 May 2022 06:08:53 GMT; path=/;
tracking_id
1023c6475548753d1f60e483183085
X-Robots-Tag
noindex, nofollow
Content-Length
301
Connection
keep-alive
lander.css
healthblogsource.com/beterslapen/
167 KB
31 KB
Stylesheet
General
Full URL
https://healthblogsource.com/beterslapen/lander.css
Requested by
Host: healthblogsource.com
URL: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
premium60-3.web-hosting.com
Software
Apache /
Resource Hash
1fa2acd0a07e6c3cb5c6c9f4dc031b20d7d8bd94c321b8a66621df46f45fdb8f

Request headers

Referer
https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 09 Jun 2019 19:28:53 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2019 07:40:06 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
31372
font-awesome.min.css
healthblogsource.com/beterslapen/
30 KB
7 KB
Stylesheet
General
Full URL
https://healthblogsource.com/beterslapen/font-awesome.min.css
Requested by
Host: healthblogsource.com
URL: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
premium60-3.web-hosting.com
Software
Apache /
Resource Hash
a819de1cc70e12a320ad71643989f2c4bfcb704fc37f6b515b1f4e7dcbc7deab

Request headers

Referer
https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 09 Jun 2019 19:28:53 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2019 07:40:06 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
6968
css.css
healthblogsource.com/beterslapen/
6 KB
1 KB
Stylesheet
General
Full URL
https://healthblogsource.com/beterslapen/css.css
Requested by
Host: healthblogsource.com
URL: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
premium60-3.web-hosting.com
Software
Apache /
Resource Hash
dd318cf00ce1835537b55e5eadb81f1eeaafdcd008b753842cdb7ac8aaad8055

Request headers

Referer
https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 09 Jun 2019 19:28:53 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2019 07:40:06 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
1080
closemodal.png
healthblogsource.com/beterslapen/
788 B
900 B
Image
General
Full URL
https://healthblogsource.com/beterslapen/closemodal.png
Requested by
Host: healthblogsource.com
URL: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
premium60-3.web-hosting.com
Software
Apache /
Resource Hash
e2bcaa68f0a7810ee95b5a352a707a941602cec2a5f1fde91e6cd1e8ee5326f8

Request headers

Referer
https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 09 Jun 2019 19:28:53 GMT
last-modified
Thu, 06 Jun 2019 07:40:04 GMT
server
Apache
accept-ranges
bytes
content-length
788
content-type
image/png
sleep-comfort.png
healthblogsource.com/beterslapen/
410 KB
411 KB
Image
General
Full URL
https://healthblogsource.com/beterslapen/sleep-comfort.png
Requested by
Host: healthblogsource.com
URL: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
premium60-3.web-hosting.com
Software
Apache /
Resource Hash
8ec40280ad54536647aa5380adf302110b7d93a293111c136b2b5938f767f417

Request headers

Referer
https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 09 Jun 2019 19:28:53 GMT
last-modified
Thu, 06 Jun 2019 07:40:04 GMT
server
Apache
accept-ranges
bytes
content-length
420122
content-type
image/png
2.jpg
healthblogsource.com/beterslapen/
140 KB
140 KB
Image
General
Full URL
https://healthblogsource.com/beterslapen/2.jpg
Requested by
Host: healthblogsource.com
URL: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
premium60-3.web-hosting.com
Software
Apache /
Resource Hash
986eab7f63faea79e5397797dbd1a741e8a4e58db32a772909fc122f55d307f1

Request headers

Referer
https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 09 Jun 2019 19:28:53 GMT
last-modified
Thu, 06 Jun 2019 07:40:04 GMT
server
Apache
accept-ranges
bytes
content-length
143253
content-type
image/jpeg
couple.png
healthblogsource.com/beterslapen/
443 KB
444 KB
Image
General
Full URL
https://healthblogsource.com/beterslapen/couple.png
Requested by
Host: healthblogsource.com
URL: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
premium60-3.web-hosting.com
Software
Apache /
Resource Hash
25b64a7c451ce019bfe75f7fb17825c640e6f62170b5e1e21ee914ede0b40c1e

Request headers

Referer
https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 09 Jun 2019 19:28:53 GMT
last-modified
Thu, 06 Jun 2019 07:40:04 GMT
server
Apache
accept-ranges
bytes
content-length
453777
content-type
image/png
relax.png
healthblogsource.com/beterslapen/
481 KB
481 KB
Image
General
Full URL
https://healthblogsource.com/beterslapen/relax.png
Requested by
Host: healthblogsource.com
URL: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
premium60-3.web-hosting.com
Software
Apache /
Resource Hash
d0516f12b8140b076e3a51f91513e57c40a57f2df8a9f1055c06326b848e5ce4

Request headers

Referer
https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 09 Jun 2019 19:28:53 GMT
last-modified
Thu, 06 Jun 2019 07:40:04 GMT
server
Apache
accept-ranges
bytes
content-length
492469
content-type
image/png
office.png
healthblogsource.com/beterslapen/
439 KB
439 KB
Image
General
Full URL
https://healthblogsource.com/beterslapen/office.png
Requested by
Host: healthblogsource.com
URL: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
premium60-3.web-hosting.com
Software
Apache /
Resource Hash
4547ed4ff510c5d75aee4e94518cf9fe6b6e1d1eab2aaf71010228bb6eccc40e

Request headers

Referer
https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 09 Jun 2019 19:28:53 GMT
last-modified
Thu, 06 Jun 2019 07:40:04 GMT
server
Apache
accept-ranges
bytes
content-length
449538
content-type
image/png

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
healthblogsource.com
nl-be.cashbackdeals.be
static.orangebuddies.nl
tracking.1ards.com
www.google-analytics.com
185.61.154.60
205.185.216.10
2a00:1450:4001:806::200e
2a00:1450:4001:81e::200a
52.30.52.254
78.137.118.22
0995a672ee60b49c96d94524ea11a5ab25c3080ce2942f076fd4f593dabf930f
0ce8298816a9931a86537eb407be361a07adc15519b8e68e0453a9b9bb3a31da
1821515652f419cb9b6065faa25715d249f3826189145ff854f31324f4877303
1fa2acd0a07e6c3cb5c6c9f4dc031b20d7d8bd94c321b8a66621df46f45fdb8f
25b64a7c451ce019bfe75f7fb17825c640e6f62170b5e1e21ee914ede0b40c1e
276ed23fdaae28019edf73bb462d0738ec8312b97f26698518bb303fc5a9bd9f
4547ed4ff510c5d75aee4e94518cf9fe6b6e1d1eab2aaf71010228bb6eccc40e
60c8e887ce8911a04feb91794c67624f5d9e354ba1c419aa130930ab9a14f7cd
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
698fb4dffd76025bbbdc7055ce7c48639ea6364842e3e1713c8e7b9891926b38
71ce8fc7d2207e9fc8c455121b8c45e6cc0a68313c88bc2beee5b3818c44dbb2
8ec40280ad54536647aa5380adf302110b7d93a293111c136b2b5938f767f417
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
986eab7f63faea79e5397797dbd1a741e8a4e58db32a772909fc122f55d307f1
a819de1cc70e12a320ad71643989f2c4bfcb704fc37f6b515b1f4e7dcbc7deab
d0516f12b8140b076e3a51f91513e57c40a57f2df8a9f1055c06326b848e5ce4
dd318cf00ce1835537b55e5eadb81f1eeaafdcd008b753842cdb7ac8aaad8055
e2bcaa68f0a7810ee95b5a352a707a941602cec2a5f1fde91e6cd1e8ee5326f8
e59f0c0d2b21752b5e7bf4358e0bbe5046bde84044a9a7f2a42643707059552e
fc01325ae65aa4bd02183ee4fdf3f8a7c5ce29a0ed8102ebfdee29c5113c9858