urlscan.io logo urlscan.io
SecurityTrails logo

entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com Open in urlscan Pro
66.198.240.7  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Submission: On November 27 via manual from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 7 countries across 17 domains to perform 41 HTTP transactions. The main IP is 66.198.240.7, located in Ann Arbor, United States and belongs to A2HOSTING - A2 Hosting, Inc., US. The main domain is entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 25th 2019. Valid for: 3 months.
This is the only time entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Transportation (Transportation)

Domain & IP information

IP Address AS Autonomous System
21 66.198.240.7 55293 (A2HOSTING)
2 213.186.33.40 16276 (OVH)
1 195.13.15.76 5432 (BELGACOM-...)
1 18.208.40.199 14618 (AMAZON-AES)
4 2620:0:862:ed... 14907 (WIKIMEDIA)
1 195.14.0.137 35393 (EURO-WEB-AS)
1 141.96.1.8 25367 (AS-ADTS-L...)
1 2 95.131.143.129 47841 (OXALIDE)
1 90.182.206.251 5610 (O2-CZECH-...)
1 193.193.181.209 16274 (BSKNET)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 185.8.53.70 62325 (OGONE)
1 193.58.4.8 25215 (BNP-PARIB...)
1 95.100.68.248 16625 (AKAMAI-AS)
1 185.160.130.11 50309 (ARCADIZ)
1 45.60.14.43 19551 (INCAPSULA)
1 37.139.20.167 14061 (DIGITALOC...)
41 17
21    66.198.240.7 (Ann Arbor, United States)

ASN55293 (A2HOSTING - A2 Hosting, Inc., US)
PTR: a2ss29.a2hosting.com
entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
2    213.186.33.40 (Quesnoy-sur-Deule, France)

ASN16276 (OVH, FR)
PTR: cluster011.ovh.net
cafougnette.com
1    195.13.15.76 (Belgium)

ASN5432 (BELGACOM-SKYNET-AS, BE)
PTR: 76.15-13-195.static.isp.belgacom.be
www.proximus-cdn.com
1    18.208.40.199 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-208-40-199.compute-1.amazonaws.com
www.socialflow.com
4    2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA - Wikimedia Foundation Inc., US)
upload.wikimedia.org
1    195.14.0.137 (France)

ASN35393 (EURO-WEB-AS, FR)
PTR: sig48.nikozen.info
www.reussir-mon-ecommerce.fr
1    141.96.1.8 (Belgium)

ASN25367 (AS-ADTS-LU For IDAR routing, LU)
www.belfius.be
2    95.131.143.129 (France)

ASN47841 (OXALIDE, FR)
trends.levif.be
1    90.182.206.251 (Prague, Czech Republic)

ASN5610 (O2-CZECH-REPUBLIC, CZ)
PTR: lb1fcr.zlatestranky.cz
i.fcrmedia.com
1    193.193.181.209 (Warsaw, Poland)

ASN16274 (BSKNET, PL)
PTR: www.ingbusiness.pl
start.ingbusiness.pl
1    2606:4700::6812:8a5c (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
igiftcards.fr
1    185.8.53.70 (Belgium)

ASN62325 (OGONE, BE)
secure.ogone.com
1    193.58.4.8 (Belgium)

ASN25215 (BNP-PARIBAS France, FR)
PTR: fintro.be
www.fintro.be
1    95.100.68.248 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-100-68-248.deploy.static.akamaitechnologies.com
www.ing.be
1    185.160.130.11 (Antwerp, Belgium)

ASN50309 (ARCADIZ, NL)
www.bpostbanque.be
1    45.60.14.43 (United States)

ASN19551 (INCAPSULA - Incapsula Inc, US)
www.crelan.be
1    37.139.20.167 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
atonce.be
Domain Requested by
21 entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
4 upload.wikimedia.org entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
2 trends.levif.be 1 redirects entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
2 cafougnette.com entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
1 atonce.be entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
1 www.crelan.be entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
1 www.bpostbanque.be entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
1 www.ing.be entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
1 www.fintro.be entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
1 secure.ogone.com entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
1 igiftcards.fr entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
1 start.ingbusiness.pl entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
1 i.fcrmedia.com entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
1 www.belfius.be entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
1 www.reussir-mon-ecommerce.fr entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
1 www.socialflow.com entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
1 www.proximus-cdn.com entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
41 17

This site contains no links.

Subject Issuer Validity Valid
entreprise.forfaitproxy-rembourse.wpaffiliateatwork.com
Let's Encrypt Authority X3		 2019-11-25 -
2020-02-23		 3 months crt.sh
cafougnette.com
Let's Encrypt Authority X3		 2019-11-17 -
2020-02-15		 3 months crt.sh
www.proximus.com
GlobalSign Organization Validation CA - SHA256 - G2		 2019-03-07 -
2021-03-07		 2 years crt.sh
*.wikipedia.org
GlobalSign ECC OV SSL CA 2018		 2019-11-08 -
2020-11-22		 a year crt.sh
reussir-mon-ecommerce.fr
Let's Encrypt Authority X3		 2019-10-13 -
2020-01-11		 3 months crt.sh
www.belfius.be
DigiCert SHA2 Extended Validation Server CA		 2019-07-09 -
2021-07-13		 2 years crt.sh
*.levif.be
Sectigo RSA Domain Validation Secure Server CA		 2019-03-15 -
2021-03-14		 2 years crt.sh
*.fcrmedia.com
COMODO RSA Organization Validation Secure Server CA		 2017-01-25 -
2020-03-15		 3 years crt.sh
start.ingbusinessonline.pl
Entrust Certification Authority - L1M		 2018-02-14 -
2020-02-14		 2 years crt.sh
ssl410659.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-09-03 -
2020-03-11		 6 months crt.sh
secure.ogone.com
Entrust Certification Authority - L1M		 2019-10-18 -
2020-04-25		 6 months crt.sh
www.fintro.be
Entrust Certification Authority - L1M		 2017-10-24 -
2020-01-23		 2 years crt.sh
www.ing.be
Entrust Certification Authority - L1M		 2018-08-21 -
2020-08-19		 2 years crt.sh
www.bpostbanque.be
GlobalSign Extended Validation CA - SHA256 - G3		 2019-06-07 -
2021-08-04		 2 years crt.sh
incapsula.com
GlobalSign CloudSSL CA - SHA256 - G3		 2019-05-14 -
2020-05-14		 a year crt.sh
atonce.be
Sectigo RSA Domain Validation Secure Server CA		 2019-05-31 -
2020-05-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Frame ID: 4DAC21B44223D9A9AB590A13BB882926
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

41
Requests

98 %
HTTPS

12 %
IPv6

17
Domains

17
Subdomains

17
IPs

7
Countries

445 kB
Transfer

654 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • http://trends.levif.be/medias/1851/948141.jpg HTTP 301
  • https://trends.levif.be/medias/1851/948141.jpg

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request cc.html
entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/ 		60 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.198.240.7 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
a2ss29.a2hosting.com
Software
Apache /
Resource Hash
c39a3accd9df8393fa075818817e7ef28866676d9df2744eeb95a0c9ea03c120
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
:scheme
https
:path
/192.42.116.23/Proxi/cc.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
date
Wed, 27 Nov 2019 08:50:34 GMT
server
Apache
strict-transport-security
max-age=63072000; includeSubDomains
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
last-modified
Wed, 27 Nov 2019 08:30:38 GMT
etag
"9e93af-f0cf-5984fcfb8b4ad-gzip"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=3600, must-revalidate
content-length
9361
content-type
text/html
billing.css
entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/billing.css
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.198.240.7 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
a2ss29.a2hosting.com
Software
Apache /
Resource Hash
4c58c2e1fefd9b06a64e31f1f833b6a3cdec6cb4dd86d191eb33e810ff7a4366
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 Nov 2019 08:50:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 27 Nov 2019 08:30:38 GMT
server
Apache
etag
"9e93aa-5524-5984fcfb8acdd-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
cache-control
max-age=604800, public
strict-transport-security
max-age=63072000; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
4081
jquery.min.js
cafougnette.com/sites/all/modules/coffee// 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cafougnette.com/sites/all/modules/coffee//jquery.min.js
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.40 Quesnoy-sur-Deule, France, ASN16276 (OVH, FR),
Reverse DNS
cluster011.ovh.net
Software
Apache /
Resource Hash
1330941bda256ab1c467a1dd4b98759a044e27a42c0e34257ff71372b8325463

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 Nov 2019 08:50:35 GMT
content-encoding
gzip
last-modified
Wed, 05 Jun 2019 01:47:52 GMT
server
Apache
x-iplb-instance
29709
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=900, private
accept-ranges
bytes
content-length
30140
expires
Wed, 27 Nov 2019 09:05:35 GMT
jquery.validate.min.js
cafougnette.com/sites/all/modules/coffee// 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cafougnette.com/sites/all/modules/coffee//jquery.validate.min.js
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.40 Quesnoy-sur-Deule, France, ASN16276 (OVH, FR),
Reverse DNS
cluster011.ovh.net
Software
Apache /
Resource Hash
50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 Nov 2019 08:50:35 GMT
content-encoding
gzip
last-modified
Wed, 05 Jun 2019 01:49:15 GMT
server
Apache
x-iplb-instance
29709
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=900, private
accept-ranges
bytes
content-length
7446
expires
Wed, 27 Nov 2019 09:05:35 GMT
pxs-logo.svg
www.proximus-cdn.com/dam/jcr:e466a577-8e43-4a26-aa53-809b293efa24/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.proximus-cdn.com/dam/jcr:e466a577-8e43-4a26-aa53-809b293efa24/pxs-logo.svg
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.13.15.76 , Belgium, ASN5432 (BELGACOM-SKYNET-AS, BE),
Reverse DNS
76.15-13-195.static.isp.belgacom.be
Software
nginx /
Resource Hash
09e5fa0215c9e609ad533dfa10d008fb8eda461791fad84b7135576b7867e90d
Security Headers
Name Value
Content-Security-Policy connect-src https: wss:; upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 Nov 2019 08:50:36 GMT
X-Content-Type-Options
nosniff
Content-Disposition
attachment; filename="pxs-logo.svg"
Connection
keep-alive
Content-Length
42666
X-Xss-Protection
1; mode=block
Keep-Alive
timeout=5
X-Magnolia-Registration
Registered
Last-Modified
Thu, 07 Mar 2019 09:53:59 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=5184000, public
Content-Security-Policy
connect-src https: wss:; upgrade-insecure-requests
Access-Control-Allow-Headers
*
Expires
Sun, 26 Jan 2020 08:50:36 GMT
wait_turn.gif
entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/wait_turn.gif
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.198.240.7 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
a2ss29.a2hosting.com
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 Nov 2019 08:50:34 GMT
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
status
404
strict-transport-security
max-age=63072000; includeSubDomains
content-length
315
wait_turn(1).gif
entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/wait_turn(1).gif
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.198.240.7 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
a2ss29.a2hosting.com
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 Nov 2019 08:50:35 GMT
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
status
404
strict-transport-security
max-age=63072000; includeSubDomains
content-length
315
form_validation.js
entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/form_validation.js
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.198.240.7 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
a2ss29.a2hosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 Nov 2019 08:50:34 GMT
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
status
404
strict-transport-security
max-age=63072000; includeSubDomains
content-length
315
jquery-1.12.1.min.js
entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/jquery-1.12.1.min.js
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.198.240.7 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
a2ss29.a2hosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 Nov 2019 08:50:34 GMT
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
status
404
strict-transport-security
max-age=63072000; includeSubDomains
content-length
315
jquery-migrate-1.3.0.min.js
entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/jquery-migrate-1.3.0.min.js
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.198.240.7 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
a2ss29.a2hosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 Nov 2019 08:50:34 GMT
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
status
404
strict-transport-security
max-age=63072000; includeSubDomains
content-length
315
Class.create.js
entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/Class.create.js
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.198.240.7 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
a2ss29.a2hosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 Nov 2019 08:50:34 GMT
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
status
404
strict-transport-security
max-age=63072000; includeSubDomains
content-length
315
jquery.jquery-encoder-0.1.0.min.js
entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/jquery.jquery-encoder-0.1.0.min.js
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.198.240.7 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
a2ss29.a2hosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 Nov 2019 08:50:34 GMT
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
status
404
strict-transport-security
max-age=63072000; includeSubDomains
content-length
315
required_fields.js
entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/required_fields.js
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.198.240.7 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
a2ss29.a2hosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 Nov 2019 08:50:35 GMT
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
status
404
strict-transport-security
max-age=63072000; includeSubDomains
content-length
315
Fp_inc.1.2.js
entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/Fp_inc.1.2.js
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.198.240.7 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
a2ss29.a2hosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 Nov 2019 08:50:35 GMT
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
status
404
strict-transport-security
max-age=63072000; includeSubDomains
content-length
315
base64_inc.js
entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/base64_inc.js
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.198.240.7 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
a2ss29.a2hosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 Nov 2019 08:50:35 GMT
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
status
404
strict-transport-security
max-age=63072000; includeSubDomains
content-length
315
lock-icon.png
www.socialflow.com/wp-content/uploads/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.socialflow.com/wp-content/uploads/lock-icon.png
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
HTTP/1.1
Server
18.208.40.199 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-18-208-40-199.compute-1.amazonaws.com
Software
nginx/1.10.3 /
Resource Hash
a46f8fc2ece5c35c4f195a4652c2784a56c52b02b00b7c51eb32e1b4c2e74dfc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 Nov 2019 08:50:36 GMT
Last-Modified
Wed, 04 Oct 2017 14:12:17 GMT
Server
nginx/1.10.3
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
115444
Content-Type
image/png
1280px-BNP_Paribas_2007.svg.png
upload.wikimedia.org/wikipedia/fr/thumb/3/39/BNP_Paribas_2007.svg/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/fr/thumb/3/39/BNP_Paribas_2007.svg/1280px-BNP_Paribas_2007.svg.png
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA - Wikimedia Foundation Inc., US),
Reverse DNS
Software
ATS/8.0.5 /
Resource Hash
ab99b1b38c739abb76b278f7f6e8ab98ce113914044b58b7ee88866e47982efb
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-analytics
https=1;nocookies=1
date
Tue, 26 Nov 2019 07:30:38 GMT
x-content-security-policy-report-only
default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; media-src data:; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&
content-type
image/png
x-trans-id
tx60e4c71ae74a4f9884d36-005ddcd49e
age
91197
x-cache-status
hit-front
content-security-policy-report-only
default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; media-src data:; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&
x-cache
cp3063 hit, cp3051 hit/35
status
200
content-disposition
inline;filename*=UTF-8''BNP_Paribas_2007.svg.png
server-timing
cache;desc="hit-front"
content-length
28241
x-client-ip
2a01:4f8:192:5414::2
x-object-meta-sha1base36
k0di7mutztbbvc8dhmefdz6ld1epao3
last-modified
Mon, 11 Jul 2016 21:57:38 GMT
server
ATS/8.0.5
etag
a0cc30b9635d84a5948239ca70a406e4
x-webkit-csp-report-only
default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; media-src data:; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-varnish
593792186 727893456
access-control-allow-origin
*
x-timestamp
1468274257.68534
x-ats-timestamp
1574766676
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache, X-Varnish
CB-VISA-1.jpg
www.reussir-mon-ecommerce.fr/wp-content/uploads/2016/03/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.reussir-mon-ecommerce.fr/wp-content/uploads/2016/03/CB-VISA-1.jpg
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.14.0.137 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
sig48.nikozen.info
Software
Apache /
Resource Hash
11945d1203c8a19d920eee96ee12e13f4f2fc026cdd0c9df8c625c2a7ef6d838

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 Nov 2019 08:50:36 GMT
Last-Modified
Fri, 05 May 2017 21:51:55 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=10368000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
21949
Expires
Thu, 26 Mar 2020 08:50:36 GMT
belfius-logo.png
www.belfius.be/common/fr/fw/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.belfius.be/common/fr/fw/images/belfius-logo.png
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.96.1.8 , Belgium, ASN25367 (AS-ADTS-LU For IDAR routing, LU),
Reverse DNS
Software
/
Resource Hash
26ccac995abe9a8f05156f48abe3e7ccb8350bc6e36acce05e49c974794944a0
Security Headers
Name Value
Content-Security-Policy default-src * wss: data: 'unsafe-inline' 'unsafe-eval' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.belfius.be https://assets.adobedtm.com https://maps.googleapis.com https://www.youtube.com/iframe_api https://*.salemove.eu https://*.salemove.com https://s.ytimg.com;
Strict-Transport-Security max-age=18144000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=18144000
X-Content-Type-Options
nosniff
Last-Modified
Sun, 17 Nov 2019 11:40:26 GMT
ETag
"db2e8cd3b9dd51:0"
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=0
Date
Wed, 27 Nov 2019 08:50:35 GMT
Content-Security-Policy
default-src * wss: data: 'unsafe-inline' 'unsafe-eval' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.belfius.be https://assets.adobedtm.com https://maps.googleapis.com https://www.youtube.com/iframe_api https://*.salemove.eu https://*.salemove.com https://s.ytimg.com;
Accept-Ranges
bytes
Content-Length
3320
X-XSS-Protection
1; mode=block
948141.jpg
trends.levif.be/medias/1851/
Redirect Chain
  • http://trends.levif.be/medias/1851/948141.jpg
  • https://trends.levif.be/medias/1851/948141.jpg
40 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.levif.be/medias/1851/948141.jpg
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.131.143.129 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
Software
nginx / Oxalide [01]
Resource Hash
40d63ca1e69c7f615e1b1a3c50b9f53552d27627f0fb6799a8d3ddce4b1b5a9b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 Nov 2019 08:50:36 GMT
Content-Encoding
gzip
X-Backend
dir_static_01
Age
0
X-Powered-By
Oxalide [01]
X-Cache
MISS :(
Connection
keep-alive
Content-Length
38551
Pragma
public
Last-Modified
Fri, 29 Aug 2014 15:27:30 GMT
Server
nginx
ETag
W/"54009be2-a1c5"
Content-Type
image/jpeg
Cache-control
max-age=600
Accept-Ranges
bytes
Expires
Wed, 27 Nov 2019 09:00:36 GMT

Redirect headers

location
https://trends.levif.be/medias/1851/948141.jpg
Date
Wed, 27 Nov 2019 08:50:36 GMT
Accept-Ranges
bytes
Connection
close
Age
0
X-Powered-By
Oxalide [01]
287623761_meurisse_fils_logo.jpg
i.fcrmedia.com/goudengids.be/images/logo/000/287/623/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.fcrmedia.com/goudengids.be/images/logo/000/287/623/287623761_meurisse_fils_logo.jpg
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
90.182.206.251 Prague, Czech Republic, ASN5610 (O2-CZECH-REPUBLIC, CZ),
Reverse DNS
lb1fcr.zlatestranky.cz
Software
FCR MEDIA /
Resource Hash
d0b0bf856fd17daeca12152f186a35887c0266ea46510d433133b370d12413c2

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 Nov 2019 08:50:35 GMT
Last-Modified
Wed, 21 Feb 2018 09:01:33 GMT
Server
FCR MEDIA
ETag
"fe104392f2aad31:0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18302
logo-header.svg
start.ingbusiness.pl/ing2/static/img/ 		27 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://start.ingbusiness.pl/ing2/static/img/logo-header.svg?v=1
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.193.181.209 Warsaw, Poland, ASN16274 (BSKNET, PL),
Reverse DNS
www.ingbusiness.pl
Software
Ing /
Resource Hash
771342f402515cd87c1c5ed0585da19527364d2206dd9430cf47531b0021c8b5
Security Headers
Name Value
Strict-Transport-Security max-age=23328000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=23328000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 08 Aug 2017 10:48:28 GMT
Server
Ing
Date
Wed, 27 Nov 2019 08:50:36 GMT
X-Frame-Options
sameorigin
Content-Type
image/svg+xml
Cache-Control
max-age=7776000
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
11699
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
mistercash.svg
igiftcards.fr/resources/images/payment/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://igiftcards.fr/resources/images/payment/mistercash.svg
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8a5c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
205c068ebaf212b416fbe061a880848b5dc18b64fb5dabfa8a9734233fbfdb2a
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 Nov 2019 08:50:35 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
x-powered-by
Express
etag
W/"1fa1-7438674ba0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=8640000, private
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-ray
53c2dafb48dccbb4-VIE
jquery-3.1.1.min.js
entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/jquery-3.1.1.min.js
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.198.240.7 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
a2ss29.a2hosting.com
Software
Apache /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 Nov 2019 08:50:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 27 Nov 2019 08:30:38 GMT
server
Apache
etag
"9e93ab-152b5-5984fcfb8b0c5-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=604800, public
strict-transport-security
max-age=63072000; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
30080
wait_turn.gif
secure.ogone.com/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.ogone.com/images/wait_turn.gif
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.8.53.70 , Belgium, ASN62325 (OGONE, BE),
Reverse DNS
Software
/
Resource Hash
59b66845812b0f601bd3212774a8982a9aaf6d82074e258ea951e2465fad5407
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 Nov 2019 08:50:36 GMT
Last-Modified
Tue, 07 Nov 2017 13:31:26 GMT
Accept-Ranges
bytes
ETag
"04bddb5cc57d31:0"
Content-Length
1106
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif
form_validation.js
entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/form_validation.js
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.198.240.7 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
a2ss29.a2hosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 Nov 2019 08:50:35 GMT
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
status
404
strict-transport-security
max-age=63072000; includeSubDomains
content-length
315
jquery-1.12.1.min.js
entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/jquery-1.12.1.min.js
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.198.240.7 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
a2ss29.a2hosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 Nov 2019 08:50:35 GMT
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
status
404
strict-transport-security
max-age=63072000; includeSubDomains
content-length
315
jquery-migrate-1.3.0.min.js
entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/jquery-migrate-1.3.0.min.js
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.198.240.7 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
a2ss29.a2hosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 Nov 2019 08:50:35 GMT
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
status
404
strict-transport-security
max-age=63072000; includeSubDomains
content-length
315
Class.create.js
entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/Class.create.js
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.198.240.7 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
a2ss29.a2hosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 Nov 2019 08:50:35 GMT
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
status
404
strict-transport-security
max-age=63072000; includeSubDomains
content-length
315
jquery.jquery-encoder-0.1.0.min.js
entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/jquery.jquery-encoder-0.1.0.min.js
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.198.240.7 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
a2ss29.a2hosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 Nov 2019 08:50:35 GMT
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
status
404
strict-transport-security
max-age=63072000; includeSubDomains
content-length
315
required_fields.js
entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/required_fields.js
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.198.240.7 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
a2ss29.a2hosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 Nov 2019 08:50:36 GMT
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
status
404
strict-transport-security
max-age=63072000; includeSubDomains
content-length
315
Fp_inc.1.2.js
entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/Fp_inc.1.2.js
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.198.240.7 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
a2ss29.a2hosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 Nov 2019 08:50:36 GMT
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
status
404
strict-transport-security
max-age=63072000; includeSubDomains
content-length
315
base64_inc.js
entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/base64_inc.js
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.198.240.7 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
a2ss29.a2hosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 Nov 2019 08:50:36 GMT
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
status
404
strict-transport-security
max-age=63072000; includeSubDomains
content-length
315
favicon.ico
www.fintro.be/rsc/contrib/graphicaltheme/fintro-bank/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fintro.be/rsc/contrib/graphicaltheme/fintro-bank/images/favicon.ico
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.58.4.8 , Belgium, ASN25215 (BNP-PARIBAS France, FR),
Reverse DNS
fintro.be
Software
/
Resource Hash
770a91f7a2f9ff0873b65b6b511839f650c52b9f37151fd63c36ef2eb0973cba
Security Headers
Name Value
Content-Security-Policy reflected-xss block
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/billing.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 Nov 2019 08:50:36 GMT
X-Content-Type-Options
nosniff
last-modified
Mon, 18 Nov 2019 14:58:18 GMT
etag
"47e-597a02d87f680"
X-Frame-Options
SAMEORIGIN
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
max-age=600
Content-Security-Policy
reflected-xss block
Strict-Transport-Security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-type
image/x-icon
content-length
1150
X-XSS-Protection
1; mode=block
expires
Wed, 27 Nov 2019 09:00:36 GMT
favicon.ico
www.ing.be/static/branding/2.6.10/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ing.be/static/branding/2.6.10/img/favicon.ico
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.68.248 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-68-248.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069836565b7317bb46ae9d47ea0559a0fb920563074a0ff66baa43de093e0e93
Security Headers
Name Value
Content-Security-Policy reflected-xss block
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/billing.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Wed, 06 Dec 2017 08:18:14 GMT
ETag
"067f0c26a6ed31:0"
X-Frame-Options
sameorigin
Content-Type
image/x-icon
Date
Wed, 27 Nov 2019 08:50:36 GMT
Content-Security-Policy
reflected-xss block
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3638
X-XSS-Protection
1; mode=block
favicon.png
www.bpostbanque.be/bpb/static/features/%5BBBHOST%5D/theme-bpost/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bpostbanque.be/bpb/static/features/%5BBBHOST%5D/theme-bpost/favicon.png
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.160.130.11 Antwerp, Belgium, ASN50309 (ARCADIZ, NL),
Reverse DNS
Software
/
Resource Hash
c965473d692975b227026309650b40098614ddced42bbc5a92a194388058dea6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/billing.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 Nov 2019 08:50:36 GMT
Referrer-Policy
same-origin
Last-Modified
Fri, 13 Sep 2019 04:58:45 GMT
Age
1783
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=15768000; includeSubDomains
Content-Type
image/png;charset=UTF-8
Cache-Control
private; must-revalidate
X-Content-Type-Options
nosniff, nosniff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=64
Content-Length
3842
X-XSS-Protection
1; mode=block
Expires
Fri, 27 Dec 2019 08:20:53 GMT
280px-KBC_%28groupe_financier%29_Logo.png
upload.wikimedia.org/wikipedia/fr/thumb/4/4b/KBC_%28groupe_financier%29_Logo.png/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/fr/thumb/4/4b/KBC_%28groupe_financier%29_Logo.png/280px-KBC_%28groupe_financier%29_Logo.png
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA - Wikimedia Foundation Inc., US),
Reverse DNS
Software
ATS/8.0.5 /
Resource Hash
92cfd5d40399ed0b6da8d5d82943e00374d5fa6c23c56f8f54c2a8a02e139c1b
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/billing.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-analytics
https=1;nocookies=1
date
Tue, 26 Nov 2019 14:15:18 GMT
x-content-security-policy-report-only
default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; media-src data:; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&
content-type
image/png
x-trans-id
tx28919e0d8f454e90b8737-005ddd3376
age
66919
x-cache-status
hit-front
content-security-policy-report-only
default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; media-src data:; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&
x-cache
cp3059 hit, cp3051 hit/27
status
200
content-disposition
inline;filename*=UTF-8''KBC_%28groupe_financier%29_Logo.png
server-timing
cache;desc="hit-front"
content-length
10382
x-client-ip
2a01:4f8:192:5414::2
x-object-meta-sha1base36
rhuk50kzqgm31wea3zp1dyr8876yeed
last-modified
Wed, 22 Feb 2017 16:17:10 GMT
server
ATS/8.0.5
etag
2755a24c59108ce82d794be683aeae96
x-webkit-csp-report-only
default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; media-src data:; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-varnish
588093199 1065669887
access-control-allow-origin
*
x-timestamp
1487780229.33763
x-ats-timestamp
1574783591
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache, X-Varnish
logo-46d76303c7.svg
www.crelan.be/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.crelan.be/images/logo-46d76303c7.svg
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.43 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
18e079d70c01c73c112aa8e6e6d995e467e881e678aff46a438cf26387e2b92a

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/billing.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 Nov 2019 08:50:36 GMT
content-encoding
gzip
last-modified
Sat, 16 Nov 2019 22:47:02 GMT
x-cdn
Incapsula
etag
"5a9cf589"
content-type
image/svg+xml
status
200
x-iinfo
5-135535910-0 0CNN RT(1574844636108 0) q(0 -1 -1 0) r(0 -1)
cache-control
max-age=12506, public, no-transform
content-length
1428
expires
Wed, 27 Nov 2019 12:19:02 GMT
280px-CBC_LOGO.png
upload.wikimedia.org/wikipedia/commons/thumb/b/bc/CBC_LOGO.png/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/b/bc/CBC_LOGO.png/280px-CBC_LOGO.png
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA - Wikimedia Foundation Inc., US),
Reverse DNS
Software
ATS/8.0.5 /
Resource Hash
f6ac7c2314df405a1b0f26670ce7aeef4a06d884c090892275d28d60c8a18bec
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/billing.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-analytics
https=1;nocookies=1
date
Tue, 26 Nov 2019 13:24:37 GMT
content-type
image/png
x-trans-id
tx9376fbc24a3548daaa66f-005ddd2795
age
69959
x-cache-status
hit-front
x-cache
cp3063 hit, cp3051 hit/27
status
200
content-disposition
inline;filename*=UTF-8''CBC_LOGO.png
server-timing
cache;desc="hit-front"
content-length
8872
x-client-ip
2a01:4f8:192:5414::2
x-object-meta-sha1base36
ohu9l477qatgfc7ei1m2xnqxc2fgez9
last-modified
Wed, 22 Feb 2017 16:17:17 GMT
server
ATS/8.0.5
etag
7c3928fb5f234890df5bf883adcf9714
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-varnish
587473810 1060854896
access-control-allow-origin
*
x-timestamp
1487780236.77101
x-ats-timestamp
1574783561
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache, X-Varnish
Beobank-logo.png
upload.wikimedia.org/wikipedia/commons/9/97/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/9/97/Beobank-logo.png
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA - Wikimedia Foundation Inc., US),
Reverse DNS
Software
ATS/8.0.5 /
Resource Hash
9b15e5082c4a9f236781baa76b68baf9de57cc3c529e5e5eb54bb62e860969eb
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/billing.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-analytics
https=1;nocookies=1
date
Tue, 26 Nov 2019 12:55:14 GMT
content-type
image/png
x-trans-id
txe8aeedc5930c4c4f9a365-005ddd20b2
age
71722
x-cache-status
hit-local
x-cache
cp3057 hit, cp3051 miss
status
200
server-timing
cache;desc="hit-local"
content-length
4207
x-client-ip
2a01:4f8:192:5414::2
x-object-meta-sha1base36
drixpghfg9nq8vw9yajgc5aerku10cf
last-modified
Wed, 23 Oct 2013 00:40:48 GMT
server
ATS/8.0.5
etag
1d53c158728f8c378dabf7c3d292dd63
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-varnish
580675411
access-control-allow-origin
*
x-timestamp
1382488847.29882
x-ats-timestamp
1574844636
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache, X-Varnish
argenta.png
atonce.be/wp-content/uploads/2017/07/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atonce.be/wp-content/uploads/2017/07/argenta.png
Requested by
Host: entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
URL: https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/cc.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.139.20.167 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
51e83b0264e3f98e689cc6ed6ca515d08f0ad9a89bd02653f42e429df832c6c5

Request headers

Referer
https://entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com/192.42.116.23/Proxi/Paiement-A_files/billing.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 Nov 2019 08:50:36 GMT
Last-Modified
Thu, 11 Jan 2018 09:55:23 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"b086-5627d258116f8"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
45190

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Transportation (Transportation)

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery undefined| ncolwaitwindow number| ncolwaitwindowopen function| ShowWaitMsg function| my_submitAndWait function| justWait function| close_ncol_wait number| js_version string| AlertMSG_109 string| AlertMSG_110 string| AlertMSG_173 string| AlertMSG_1205 string| AlertMSG_111 string| AlertERR_907 string| AlertERR_95 string| AlertERR_96 function| trustHTML object| OGONE string| arrcvc string| arrDispCVCFlag function| ClearForm

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

atonce.be
cafougnette.com
entreprise.forfaitproxi-rembourse.wpaffiliateatwork.com
i.fcrmedia.com
igiftcards.fr
secure.ogone.com
start.ingbusiness.pl
trends.levif.be
upload.wikimedia.org
www.belfius.be
www.bpostbanque.be
www.crelan.be
www.fintro.be
www.ing.be
www.proximus-cdn.com
www.reussir-mon-ecommerce.fr
www.socialflow.com
141.96.1.8
18.208.40.199
185.160.130.11
185.8.53.70
193.193.181.209
193.58.4.8
195.13.15.76
195.14.0.137
213.186.33.40
2606:4700::6812:8a5c
2620:0:862:ed1a::2:b
37.139.20.167
45.60.14.43
66.198.240.7
90.182.206.251
95.100.68.248
95.131.143.129
069836565b7317bb46ae9d47ea0559a0fb920563074a0ff66baa43de093e0e93
09e5fa0215c9e609ad533dfa10d008fb8eda461791fad84b7135576b7867e90d
11945d1203c8a19d920eee96ee12e13f4f2fc026cdd0c9df8c625c2a7ef6d838
1330941bda256ab1c467a1dd4b98759a044e27a42c0e34257ff71372b8325463
18e079d70c01c73c112aa8e6e6d995e467e881e678aff46a438cf26387e2b92a
205c068ebaf212b416fbe061a880848b5dc18b64fb5dabfa8a9734233fbfdb2a
26ccac995abe9a8f05156f48abe3e7ccb8350bc6e36acce05e49c974794944a0
40d63ca1e69c7f615e1b1a3c50b9f53552d27627f0fb6799a8d3ddce4b1b5a9b
4c58c2e1fefd9b06a64e31f1f833b6a3cdec6cb4dd86d191eb33e810ff7a4366
50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898
51e83b0264e3f98e689cc6ed6ca515d08f0ad9a89bd02653f42e429df832c6c5
59b66845812b0f601bd3212774a8982a9aaf6d82074e258ea951e2465fad5407
770a91f7a2f9ff0873b65b6b511839f650c52b9f37151fd63c36ef2eb0973cba
771342f402515cd87c1c5ed0585da19527364d2206dd9430cf47531b0021c8b5
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
92cfd5d40399ed0b6da8d5d82943e00374d5fa6c23c56f8f54c2a8a02e139c1b
9b15e5082c4a9f236781baa76b68baf9de57cc3c529e5e5eb54bb62e860969eb
a46f8fc2ece5c35c4f195a4652c2784a56c52b02b00b7c51eb32e1b4c2e74dfc
ab99b1b38c739abb76b278f7f6e8ab98ce113914044b58b7ee88866e47982efb
c39a3accd9df8393fa075818817e7ef28866676d9df2744eeb95a0c9ea03c120
c965473d692975b227026309650b40098614ddced42bbc5a92a194388058dea6
d0b0bf856fd17daeca12152f186a35887c0266ea46510d433133b370d12413c2
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
f6ac7c2314df405a1b0f26670ce7aeef4a06d884c090892275d28d60c8a18bec