healthblogsource.com Open in urlscan Pro
185.61.154.60 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://nl-be.cashbackdeals.be/user/wky-l.php?sk=9a3f931b8356f4f4bc1be2bafd719a2c444fff7d&e=c2e8cbd2c660f6cfb69aa7081154e58522f...
Effective URL:
https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
Submission: On June 09 via api (June 9th 2019, 7:29:05 pm UTC) from BE

Summary HTTP 21 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 6 domains to perform 21 HTTP transactions. The main IP is 185.61.154.60, located in United Kingdom and belongs to NAMECHEAP-NET - Namecheap, Inc., US. The main domain is healthblogsource.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 20th 2019. Valid for: a year.

This is the only time healthblogsource.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	78.137.118.22 78.137.118.22	34934 (UKFAST) (UKFAST)
4	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	52.30.52.254 52.30.52.254	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
10	185.61.154.60 185.61.154.60	22612 (NAMECHEAP...) (NAMECHEAP-NET - Namecheap)
21	5

4 78.137.118.22 (United Kingdom)

ASN34934 (UKFAST, GB)
PTR: 78.137.118.22.srvlist.ukfast.net

nl-be.cashbackdeals.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 205.185.216.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net

static.orangebuddies.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.52.254 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-30-52-254.eu-west-1.compute.amazonaws.com

tracking.1ards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.61.154.60 (United Kingdom)

ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US)
PTR: premium60-3.web-hosting.com

healthblogsource.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	healthblogsource.com healthblogsource.com	2 MB
4	orangebuddies.nl static.orangebuddies.nl	96 KB
4	cashbackdeals.be nl-be.cashbackdeals.be	37 KB
2	google-analytics.com www.google-analytics.com	17 KB
1	1ards.com 1 redirects tracking.1ards.com	1 KB
1	googleapis.com fonts.googleapis.com	549 B
21	6

	Domain	Requested by
10	healthblogsource.com	healthblogsource.com
4	static.orangebuddies.nl	nl-be.cashbackdeals.be
4	nl-be.cashbackdeals.be	nl-be.cashbackdeals.be
2	www.google-analytics.com	nl-be.cashbackdeals.be
1	tracking.1ards.com	1 redirects
1	fonts.googleapis.com	nl-be.cashbackdeals.be
21	6

This site contains links to these domains. Also see Links.

Domain
www.onlineshopping95.com

Subject Issuer	Validity	Valid
www.cashbackkorting.nl Sectigo RSA Domain Validation Secure Server CA	`2019-05-06` - `2021-05-21`	2 years	crt.sh
*.turbobytes.net DigiCert SHA2 Secure Server CA	`2019-05-14` - `2020-01-03`	8 months	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
healthblogsource.com Sectigo RSA Domain Validation Secure Server CA	`2019-05-20` - `2020-05-19`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
Frame ID: 5031F13331C6AEE83C9A036235EB5467
Requests: 14 HTTP requests in this frame

Frame: https://nl-be.cashbackdeals.be/user/weekly_campaign_text.php
Frame ID: 04E57E75B0F8C89B3900895C22146F12
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://nl-be.cashbackdeals.be/user/wky-l.php?sk=9a3f931b8356f4f4bc1be2bafd719a2c444fff7d&e=c2e8cbd2c660f6c... Page URL
https://nl-be.cashbackdeals.be/visit/beter-slapen-met-premium-sleep-comfort-be.php Page URL
http://tracking.1ards.com/aff_c?offer_id=2676&aff_id=1047&aff_sub=40-OBS- HTTP 302
https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&n... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Page Statistics

21
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

5
IPs

4
Countries

2193 kB
Transfer

3165 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.onlineshopping95.com/premium-sleep-comfort/order.php?tr_id=1023c6475548753d1f60e483183085

Search URL Search Domain Scan URL

URL: https://www.onlineshopping95.com/premium-sleep-comfort/order.php
Title: PREMIUM SLEEP COMFORT+ / 5-HTP

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://nl-be.cashbackdeals.be/user/wky-l.php?sk=9a3f931b8356f4f4bc1be2bafd719a2c444fff7d&e=c2e8cbd2c660f6cfb69aa7081154e58522f8dedb-1593&cm=406ebb060241b67087d66602ef2f739aff6e7413-17029 Page URL
https://nl-be.cashbackdeals.be/visit/beter-slapen-met-premium-sleep-comfort-be.php Page URL
http://tracking.1ards.com/aff_c?offer_id=2676&aff_id=1047&aff_sub=40-OBS- HTTP 302
https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set wky-l.php Show response
nl-be.cashbackdeals.be/user/ 570 B
1016 B 203ms
102ms Document
text/html 78.137.118.22
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://nl-be.cashbackdeals.be/user/wky-l.php?sk=9a3f931b8356f4f4bc1be2bafd719a2c444fff7d&e=c2e8cbd2c660f6cfb69aa7081154e58522f8dedb-1593&cm=406ebb060241b67087d66602ef2f739aff6e7413-17029

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

78.137.118.22 , United Kingdom, ASN34934 (UKFAST, GB),

Reverse DNS

78.137.118.22.srvlist.ukfast.net

Software

nginx /

Resource Hash

698fb4dffd76025bbbdc7055ce7c48639ea6364842e3e1713c8e7b9891926b38

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: nl-be.cashbackdeals.be
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Sun, 09 Jun 2019 19:28:21 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 387
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Xss-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Set-Cookie: PHPSESSID=8f824n9empufjbc33cpmmb08d5; path=/; secure; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK weekly_campaign_text.php Show response
nl-be.cashbackdeals.be/user/ Frame 04E5 2 KB
1 KB 130ms
129ms Document
text/html 78.137.118.22
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://nl-be.cashbackdeals.be/user/weekly_campaign_text.php

Requested by

Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/user/wky-l.php?sk=9a3f931b8356f4f4bc1be2bafd719a2c444fff7d&e=c2e8cbd2c660f6cfb69aa7081154e58522f8dedb-1593&cm=406ebb060241b67087d66602ef2f739aff6e7413-17029

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

78.137.118.22 , United Kingdom, ASN34934 (UKFAST, GB),

Reverse DNS

78.137.118.22.srvlist.ukfast.net

Software

nginx / PHP/5.6.25

Resource Hash

0995a672ee60b49c96d94524ea11a5ab25c3080ce2942f076fd4f593dabf930f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: nl-be.cashbackdeals.be
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://nl-be.cashbackdeals.be/user/wky-l.php?sk=9a3f931b8356f4f4bc1be2bafd719a2c444fff7d&e=c2e8cbd2c660f6cfb69aa7081154e58522f8dedb-1593&cm=406ebb060241b67087d66602ef2f739aff6e7413-17029
Accept-Encoding: gzip, deflate, br
Cookie: PHPSESSID=8f824n9empufjbc33cpmmb08d5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://nl-be.cashbackdeals.be/user/wky-l.php?sk=9a3f931b8356f4f4bc1be2bafd719a2c444fff7d&e=c2e8cbd2c660f6cfb69aa7081154e58522f8dedb-1593&cm=406ebb060241b67087d66602ef2f739aff6e7413-17029

Response headers

Server: nginx
Date: Sun, 09 Jun 2019 19:28:21 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 1011
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Xss-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/5.6.25
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK layout.css
static.orangebuddies.nl/templates/nl-be.cashbackdeals.be/march16/css/ Frame 04E5 241 KB
51 KB 89ms
19ms Stylesheet
text/css 205.185.216.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.orangebuddies.nl/templates/nl-be.cashbackdeals.be/march16/css/layout.css
Requested by: Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/user/weekly_campaign_text.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: e59f0c0d2b21752b5e7bf4358e0bbe5046bde84044a9a7f2a42643707059552e

Request headers

Referer: https://nl-be.cashbackdeals.be/user/weekly_campaign_text.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 09 Jun 2019 19:28:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Apr 2019 11:44:25 GMT
ETag: "1556624665"
X-HW: 1560108529.dop103.lo4.shc,1560108529.dop103.lo4.t,1560108529.cds076.lo4.c
Content-Type: text/css
Cache-Control: max-age=78620
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 51535

GET
H/1.1 200
OK jquery.min.js Show response
nl-be.cashbackdeals.be/general.assets/js/ Frame 04E5 91 KB
33 KB 109ms
106ms Script
text/javascript 78.137.118.22
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://nl-be.cashbackdeals.be/general.assets/js/jquery.min.js

Requested by

Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/user/weekly_campaign_text.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

78.137.118.22 , United Kingdom, ASN34934 (UKFAST, GB),

Reverse DNS

78.137.118.22.srvlist.ukfast.net

Software

nginx /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nl-be.cashbackdeals.be/user/weekly_campaign_text.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 09 Jun 2019 19:28:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Feb 2018 05:34:37 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
Accept-Ranges: bytes
Content-Length: 33430
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK logo.png
static.orangebuddies.nl/templates/nl-be.cashbackdeals.be/march16/assets/ Frame 04E5 25 KB
25 KB 94ms
23ms Image
image/png 205.185.216.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.orangebuddies.nl/templates/nl-be.cashbackdeals.be/march16/assets/logo.png
Requested by: Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/user/weekly_campaign_text.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 1821515652f419cb9b6065faa25715d249f3826189145ff854f31324f4877303

Request headers

Referer: https://nl-be.cashbackdeals.be/user/weekly_campaign_text.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 09 Jun 2019 19:28:49 GMT
Last-Modified: Wed, 02 Nov 2016 07:31:44 GMT
ETag: "1478071904"
X-HW: 1560108529.dop103.lo4.shc,1560108529.dop103.lo4.t,1560108529.cds100.lo4.c
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=74662
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25603

GET
H/1.1 200
OK cashmail_text.jpg
static.orangebuddies.nl/templates/nl-be.cashbackdeals.be/march16/assets/ Frame 04E5 5 KB
6 KB 96ms
24ms Image
image/jpeg 205.185.216.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.orangebuddies.nl/templates/nl-be.cashbackdeals.be/march16/assets/cashmail_text.jpg
Requested by: Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/user/weekly_campaign_text.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: fc01325ae65aa4bd02183ee4fdf3f8a7c5ce29a0ed8102ebfdee29c5113c9858

Request headers

Referer: https://nl-be.cashbackdeals.be/user/weekly_campaign_text.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 09 Jun 2019 19:28:49 GMT
Last-Modified: Mon, 27 Jun 2016 07:29:34 GMT
ETag: "1467012574"
X-HW: 1560108529.dop090.lo4.shc,1560108529.dop090.lo4.t,1560108529.cds044.lo4.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=861181
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 5299

GET
H2 200 css
fonts.googleapis.com/ Frame 04E5 2 KB
549 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:81e::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans+Narrow

Requested by

Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/user/weekly_campaign_text.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

71ce8fc7d2207e9fc8c455121b8c45e6cc0a68313c88bc2beee5b3818c44dbb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nl-be.cashbackdeals.be/user/weekly_campaign_text.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sun, 09 Jun 2019 19:28:49 GMT
server: ESF
access-control-allow-origin: *
date: Sun, 09 Jun 2019 19:28:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sun, 09 Jun 2019 19:28:49 GMT

GET
H/1.1 200
OK bg.jpg
static.orangebuddies.nl/templates/nl-be.cashbackdeals.be/march16/assets/ Frame 04E5 14 KB
15 KB 22ms
22ms Image
image/jpeg 205.185.216.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.orangebuddies.nl/templates/nl-be.cashbackdeals.be/march16/assets/bg.jpg
Requested by: Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/general.assets/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 276ed23fdaae28019edf73bb462d0738ec8312b97f26698518bb303fc5a9bd9f

Request headers

Referer: https://static.orangebuddies.nl/templates/nl-be.cashbackdeals.be/march16/css/layout.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 09 Jun 2019 19:28:49 GMT
Last-Modified: Wed, 02 Nov 2016 07:31:44 GMT
ETag: "1478071904"
X-HW: 1560108529.dop103.lo4.shc,1560108529.dop103.lo4.t,1560108529.cds091.lo4.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=254636
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 14785

GET
H/1.1 200
OK Cookie set beter-slapen-met-premium-sleep-comfort-be.php Show response
nl-be.cashbackdeals.be/visit/ 810 B
1 KB 78ms
77ms Document
text/html 78.137.118.22
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://nl-be.cashbackdeals.be/visit/beter-slapen-met-premium-sleep-comfort-be.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

78.137.118.22 , United Kingdom, ASN34934 (UKFAST, GB),

Reverse DNS

78.137.118.22.srvlist.ukfast.net

Software

nginx /

Resource Hash

60c8e887ce8911a04feb91794c67624f5d9e354ba1c419aa130930ab9a14f7cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: nl-be.cashbackdeals.be
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://nl-be.cashbackdeals.be/user/wky-l.php?sk=9a3f931b8356f4f4bc1be2bafd719a2c444fff7d&e=c2e8cbd2c660f6cfb69aa7081154e58522f8dedb-1593&cm=406ebb060241b67087d66602ef2f739aff6e7413-17029
Accept-Encoding: gzip, deflate, br
Cookie: PHPSESSID=8f824n9empufjbc33cpmmb08d5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://nl-be.cashbackdeals.be/user/wky-l.php?sk=9a3f931b8356f4f4bc1be2bafd719a2c444fff7d&e=c2e8cbd2c660f6cfb69aa7081154e58522f8dedb-1593&cm=406ebb060241b67087d66602ef2f739aff6e7413-17029

Response headers

Server: nginx
Date: Sun, 09 Jun 2019 19:28:24 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 487
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Xss-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: visitedStoresKey=a%3A1%3A%7Bi%3A0%3Bs%3A41%3A%22beter-slapen-met-premium-sleep-comfort-be%22%3B%7D; expires=Mon, 24-Jun-2019 19:27:32 GMT; Max-Age=1296000; path=/
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/visit/beter-slapen-met-premium-sleep-comfort-be.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nl-be.cashbackdeals.be/visit/beter-slapen-met-premium-sleep-comfort-be.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 May 2019 23:53:44 GMT
server: Golfe2
age: 6978
date: Sun, 09 Jun 2019 17:32:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17595
expires: Sun, 09 Jun 2019 19:32:35 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
102 B 17ms
16ms Image
image/gif 2a00:1450:4001:806::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1106377845&t=pageview&_s=1&dl=https%3A%2F%2Fnl-be.cashbackdeals.be%2Fvisit%2Fbeter-slapen-met-premium-sleep-comfort-be.php&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=463885059&gjid=1108700464&cid=772391250.1560108533&tid=UA-45189585-1&_gid=1428557638.1560108533&_r=1&z=1542890935

Requested by

Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/visit/beter-slapen-met-premium-sleep-comfort-be.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nl-be.cashbackdeals.be/visit/beter-slapen-met-premium-sleep-comfort-be.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jun 2019 19:28:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Primary Request / Show response
healthblogsource.com/beterslapen/
Redirect Chain

http://tracking.1ards.com/aff_c?offer_id=2676&aff_id=1047&aff_sub=40-OBS-
https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1

623 KB
87 KB

313ms
97ms

Document
text/html

185.61.154.60
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: premium60-3.web-hosting.com
Software: Apache / PHP/5.6.40
Resource Hash: 0ce8298816a9931a86537eb407be361a07adc15519b8e68e0453a9b9bb3a31da

Request headers

:method: GET
:authority: healthblogsource.com
:scheme: https
:path: /beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sun, 09 Jun 2019 19:28:53 GMT
server: Apache
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 09 Jun 2019 19:28:53 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
P3P: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Server: nginx/1.13.12
Set-Cookie: enc_aff_session_2676=ENC0366eb344309dac43c11461557f28329dab0bbc54a42432ce698831f42b6cae7b6b8e8cf43d70b46982d1e1aafa973867c9e716bcef77a9df51ad7e3fb096bd9cfe9b6b325fb1084bc7331ada48afe932be1ee180722e16883732d6ef3029bdd946a50f550a22b490bd701936b300ff4e2b35fcec68a3d1afb405718dd4b79805328446ecf; expires=Tue, 09 Jul 2019 19:28:53 GMT; path=/; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI3NC4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=; expires=Wed, 04 May 2022 06:08:53 GMT; path=/;
tracking_id: 1023c6475548753d1f60e483183085
X-Robots-Tag: noindex, nofollow
Content-Length: 301
Connection: keep-alive

GET
H2 200 lander.css
healthblogsource.com/beterslapen/ 167 KB
31 KB 46ms
44ms Stylesheet
text/css 185.61.154.60
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: https://healthblogsource.com/beterslapen/lander.css
Requested by: Host: healthblogsource.com
URL: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: premium60-3.web-hosting.com
Software: Apache /
Resource Hash: 1fa2acd0a07e6c3cb5c6c9f4dc031b20d7d8bd94c321b8a66621df46f45fdb8f

Request headers

Referer: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 09 Jun 2019 19:28:53 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2019 07:40:06 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 31372

GET
H2 200 font-awesome.min.css
healthblogsource.com/beterslapen/ 30 KB
7 KB 46ms
45ms Stylesheet
text/css 185.61.154.60
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: https://healthblogsource.com/beterslapen/font-awesome.min.css
Requested by: Host: healthblogsource.com
URL: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: premium60-3.web-hosting.com
Software: Apache /
Resource Hash: a819de1cc70e12a320ad71643989f2c4bfcb704fc37f6b515b1f4e7dcbc7deab

Request headers

Referer: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 09 Jun 2019 19:28:53 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2019 07:40:06 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 6968

GET
H2 200 css.css
healthblogsource.com/beterslapen/ 6 KB
1 KB 45ms
44ms Stylesheet
text/css 185.61.154.60
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: https://healthblogsource.com/beterslapen/css.css
Requested by: Host: healthblogsource.com
URL: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: premium60-3.web-hosting.com
Software: Apache /
Resource Hash: dd318cf00ce1835537b55e5eadb81f1eeaafdcd008b753842cdb7ac8aaad8055

Request headers

Referer: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 09 Jun 2019 19:28:53 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2019 07:40:06 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 1080

GET
H2 200 closemodal.png
healthblogsource.com/beterslapen/ 788 B
900 B 152ms
152ms Image
image/png 185.61.154.60
Namecheap

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthblogsource.com/beterslapen/closemodal.png
Requested by: Host: healthblogsource.com
URL: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: premium60-3.web-hosting.com
Software: Apache /
Resource Hash: e2bcaa68f0a7810ee95b5a352a707a941602cec2a5f1fde91e6cd1e8ee5326f8

Request headers

Referer: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sun, 09 Jun 2019 19:28:53 GMT
last-modified: Thu, 06 Jun 2019 07:40:04 GMT
server: Apache
accept-ranges: bytes
content-length: 788
content-type: image/png

GET
H2 200 sleep-comfort.png
healthblogsource.com/beterslapen/ 410 KB
411 KB 135ms
133ms Image
image/png 185.61.154.60
Namecheap

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthblogsource.com/beterslapen/sleep-comfort.png
Requested by: Host: healthblogsource.com
URL: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: premium60-3.web-hosting.com
Software: Apache /
Resource Hash: 8ec40280ad54536647aa5380adf302110b7d93a293111c136b2b5938f767f417

Request headers

Referer: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sun, 09 Jun 2019 19:28:53 GMT
last-modified: Thu, 06 Jun 2019 07:40:04 GMT
server: Apache
accept-ranges: bytes
content-length: 420122
content-type: image/png

GET
H2 200 2.jpg
healthblogsource.com/beterslapen/ 140 KB
140 KB 65ms
63ms Image
image/jpeg 185.61.154.60
Namecheap

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthblogsource.com/beterslapen/2.jpg
Requested by: Host: healthblogsource.com
URL: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: premium60-3.web-hosting.com
Software: Apache /
Resource Hash: 986eab7f63faea79e5397797dbd1a741e8a4e58db32a772909fc122f55d307f1

Request headers

Referer: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sun, 09 Jun 2019 19:28:53 GMT
last-modified: Thu, 06 Jun 2019 07:40:04 GMT
server: Apache
accept-ranges: bytes
content-length: 143253
content-type: image/jpeg

GET
H2 200 couple.png
healthblogsource.com/beterslapen/ 443 KB
444 KB 87ms
86ms Image
image/png 185.61.154.60
Namecheap

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthblogsource.com/beterslapen/couple.png
Requested by: Host: healthblogsource.com
URL: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: premium60-3.web-hosting.com
Software: Apache /
Resource Hash: 25b64a7c451ce019bfe75f7fb17825c640e6f62170b5e1e21ee914ede0b40c1e

Request headers

Referer: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sun, 09 Jun 2019 19:28:53 GMT
last-modified: Thu, 06 Jun 2019 07:40:04 GMT
server: Apache
accept-ranges: bytes
content-length: 453777
content-type: image/png

GET
H2 200 relax.png
healthblogsource.com/beterslapen/ 481 KB
481 KB 109ms
108ms Image
image/png 185.61.154.60
Namecheap

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthblogsource.com/beterslapen/relax.png
Requested by: Host: healthblogsource.com
URL: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: premium60-3.web-hosting.com
Software: Apache /
Resource Hash: d0516f12b8140b076e3a51f91513e57c40a57f2df8a9f1055c06326b848e5ce4

Request headers

Referer: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sun, 09 Jun 2019 19:28:53 GMT
last-modified: Thu, 06 Jun 2019 07:40:04 GMT
server: Apache
accept-ranges: bytes
content-length: 492469
content-type: image/png

GET
H2 200 office.png
healthblogsource.com/beterslapen/ 439 KB
439 KB 41ms
40ms Image
image/png 185.61.154.60
Namecheap

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthblogsource.com/beterslapen/office.png
Requested by: Host: healthblogsource.com
URL: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: premium60-3.web-hosting.com
Software: Apache /
Resource Hash: 4547ed4ff510c5d75aee4e94518cf9fe6b6e1d1eab2aaf71010228bb6eccc40e

Request headers

Referer: https://healthblogsource.com/beterslapen/?aff_click_id=1023c6475548753d1f60e483183085&affiliate_id=1047&nt=S1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sun, 09 Jun 2019 19:28:53 GMT
last-modified: Thu, 06 Jun 2019 07:40:04 GMT
server: Apache
accept-ranges: bytes
content-length: 449538
content-type: image/png

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
healthblogsource.com
nl-be.cashbackdeals.be
static.orangebuddies.nl
tracking.1ards.com
www.google-analytics.com
185.61.154.60
205.185.216.10
2a00:1450:4001:806::200e
2a00:1450:4001:81e::200a
52.30.52.254
78.137.118.22
0995a672ee60b49c96d94524ea11a5ab25c3080ce2942f076fd4f593dabf930f
0ce8298816a9931a86537eb407be361a07adc15519b8e68e0453a9b9bb3a31da
1821515652f419cb9b6065faa25715d249f3826189145ff854f31324f4877303
1fa2acd0a07e6c3cb5c6c9f4dc031b20d7d8bd94c321b8a66621df46f45fdb8f
25b64a7c451ce019bfe75f7fb17825c640e6f62170b5e1e21ee914ede0b40c1e
276ed23fdaae28019edf73bb462d0738ec8312b97f26698518bb303fc5a9bd9f
4547ed4ff510c5d75aee4e94518cf9fe6b6e1d1eab2aaf71010228bb6eccc40e
60c8e887ce8911a04feb91794c67624f5d9e354ba1c419aa130930ab9a14f7cd
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
698fb4dffd76025bbbdc7055ce7c48639ea6364842e3e1713c8e7b9891926b38
71ce8fc7d2207e9fc8c455121b8c45e6cc0a68313c88bc2beee5b3818c44dbb2
8ec40280ad54536647aa5380adf302110b7d93a293111c136b2b5938f767f417
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
986eab7f63faea79e5397797dbd1a741e8a4e58db32a772909fc122f55d307f1
a819de1cc70e12a320ad71643989f2c4bfcb704fc37f6b515b1f4e7dcbc7deab
d0516f12b8140b076e3a51f91513e57c40a57f2df8a9f1055c06326b848e5ce4
dd318cf00ce1835537b55e5eadb81f1eeaafdcd008b753842cdb7ac8aaad8055
e2bcaa68f0a7810ee95b5a352a707a941602cec2a5f1fde91e6cd1e8ee5326f8
e59f0c0d2b21752b5e7bf4358e0bbe5046bde84044a9a7f2a42643707059552e
fc01325ae65aa4bd02183ee4fdf3f8a7c5ce29a0ed8102ebfdee29c5113c9858

healthblogsource.com Open in urlscan Pro 185.61.154.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

33 %IPv6

6 Domains

6 Subdomains

5 IPs

4 Countries

2193 kBTransfer

3165 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

healthblogsource.com Open in urlscan Pro
185.61.154.60 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

5
IPs

4
Countries

2193 kB
Transfer

3165 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions