www.priveberichten.be Open in urlscan Pro
18.195.114.102 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.lyrikgeschwader.de/
Effective URL:
https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a0...
Submission: On July 02 via manual (July 2nd 2021, 6:05:30 am UTC) from DE

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 13 domains to perform 24 HTTP transactions. The main IP is 18.195.114.102, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.priveberichten.be.
TLS certificate: Issued by Amazon on December 16th 2020. Valid for: a year.

This is the only time www.priveberichten.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3032::6815:3388	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3030::ac43:b525	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::ac43:c7df	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::ac43:b7c8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	194.116.150.216 194.116.150.216	44949 (GIGACODES-AS) (GIGACODES-AS)
3 3	18.195.149.11 18.195.149.11	16509 (AMAZON-02) (AMAZON-02)
2	143.204.98.48 143.204.98.48	16509 (AMAZON-02) (AMAZON-02)
2	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
1 1	34.117.199.78 34.117.199.78	15169 (GOOGLE) (GOOGLE)
12	18.195.114.102 18.195.114.102	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	8

1 2606:4700:3032::6815:3388 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.lyrikgeschwader.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:b525 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lyrikgeschwader.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:c7df (United States)

ASN13335 (CLOUDFLARENET, US)

adserverhey.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:b7c8 (United States)

ASN13335 (CLOUDFLARENET, US)

t.bl-fastcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.116.150.216 (Switzerland) 1 redirects

ASN44949 (GIGACODES-AS, DE)
PTR: wazazu.com

www.zubivu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.195.149.11 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-149-11.eu-central-1.compute.amazonaws.com

track.lobby-x.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.vfgtg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-48.fra50.r.cloudfront.net

t.adating.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.aslnk.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

ckstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.199.78 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 78.199.117.34.bc.googleusercontent.com

www.dql2clk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.195.114.102 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-114-102.eu-central-1.compute.amazonaws.com

www.priveberichten.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	priveberichten.be www.priveberichten.be	13 MB
5	googleapis.com fonts.googleapis.com ajax.googleapis.com	32 KB
2	vfgtg.com 2 redirects a.vfgtg.com	2 KB
2	ckstatic.com ckstatic.com	14 KB
2	lyrikgeschwader.de 2 redirects www.lyrikgeschwader.de lyrikgeschwader.de	1 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	dql2clk.com 1 redirects www.dql2clk.com	533 B
1	aslnk.link s.aslnk.link	2 KB
1	adating.link t.adating.link	2 KB
1	lobby-x.eu 1 redirects track.lobby-x.eu	918 B
1	zubivu.com 1 redirects www.zubivu.com	1 KB
1	bl-fastcdn.com t.bl-fastcdn.com	9 KB
1	adserverhey.xyz adserverhey.xyz	1 KB
24	13

	Domain	Requested by
12	www.priveberichten.be	s.aslnk.link www.priveberichten.be
4	fonts.googleapis.com	www.priveberichten.be
2	a.vfgtg.com	2 redirects
2	ckstatic.com	t.adating.link s.aslnk.link
1	cdn.onesignal.com	www.priveberichten.be
1	ajax.googleapis.com	www.priveberichten.be
1	www.dql2clk.com	1 redirects
1	s.aslnk.link	t.adating.link
1	t.adating.link	t.bl-fastcdn.com
1	track.lobby-x.eu	1 redirects
1	www.zubivu.com	1 redirects
1	t.bl-fastcdn.com	adserverhey.xyz
1	adserverhey.xyz
1	lyrikgeschwader.de	1 redirects
1	www.lyrikgeschwader.de	1 redirects
24	15

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-04-19` - `2022-04-18`	a year	crt.sh
*.ajrkm.link Amazon	`2021-07-01` - `2022-07-30`	a year	crt.sh
ckstatic.com R3	`2021-04-30` - `2021-07-29`	3 months	crt.sh
www.priveberichten.be Amazon	`2020-12-16` - `2022-01-14`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-31` - `2021-08-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
Frame ID: C8EC131E20C44280A40C9BDF8C2D991F
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.lyrikgeschwader.de/ HTTP 301
http://lyrikgeschwader.de/ HTTP 302
http://adserverhey.xyz/?sdomain=lyrikgeschwader.de&srootdomain=lyrikgeschwader.de&stld=de&keyword=x... Page URL
https://t.bl-fastcdn.com/directclick/?pid=a68xXYF9V9FHfob3CDTgGwSXpJc1&subid=r1k Page URL
https://www.zubivu.com/Smartlink/Dating?w=16205&ws=a362578sr1k&wt=21070208_01_362578_55838dd74ff90&... HTTP 307
https://track.lobby-x.eu/6d71c68b-cca6-422f-9284-98d509dd278e?adtv=11136.112_68b5e7_92a29&w=16205&ws=... HTTP 302
https://t.adating.link/165150/3785/0?aff_sub=waqv9j69du6es6o82qt0d91i&bo=2753,2754,2755,2756&source... Page URL
https://a.vfgtg.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=waqv9j69du6es6o82qt0d91i;6d71c68... HTTP 302
https://a.vfgtg.com/9145a0cd-681c-4a6f-a536-3c2c593fbc74?subID1=waqv9j69du6es6o82qt0d91i%3B6d71c... HTTP 302
https://s.aslnk.link/m2nogm54ld/170909/4959/?aff_sub=waqv9j69du6es6o82qt0d91i%3B6d71c68b-cca6-422... Page URL
https://www.dql2clk.com/5KCWZ2/746QKJT/?uid=278&source_id=170909&sub1=165150_6d71c68b-cca6-422f-9284... HTTP 302
https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=privebericht... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

24
Requests

96 %
HTTPS

54 %
IPv6

13
Domains

15
Subdomains

8
IPs

3
Countries

13412 kB
Transfer

13543 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.lyrikgeschwader.de/ HTTP 301
http://lyrikgeschwader.de/ HTTP 302
http://adserverhey.xyz/?sdomain=lyrikgeschwader.de&srootdomain=lyrikgeschwader.de&stld=de&keyword=x&snurl=&project=r&t=r1k Page URL
https://t.bl-fastcdn.com/directclick/?pid=a68xXYF9V9FHfob3CDTgGwSXpJc1&subid=r1k Page URL
https://www.zubivu.com/Smartlink/Dating?w=16205&ws=a362578sr1k&wt=21070208_01_362578_55838dd74ff90&affe=wlatddasdf HTTP 307
https://track.lobby-x.eu/6d71c68b-cca6-422f-9284-98d509dd278e?adtv=11136.112_68b5e7_92a29&w=16205&ws=a362578sr1k&wt=21070208_01_362578_55838dd74ff90 HTTP 302
https://t.adating.link/165150/3785/0?aff_sub=waqv9j69du6es6o82qt0d91i&bo=2753,2754,2755,2756&source=6d71c68b-cca6-422f-9284-98d509dd278e&po=6456&aff_sub2=16205 Page URL
https://a.vfgtg.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=waqv9j69du6es6o82qt0d91i;6d71c68b-cca6-422f-9284-98d509dd278e&affiliateID=44542&source=102651676e76570b13313fc374f7f2&subID2=165150&s2=102651676e76570b13313fc374f7f2&s3=waqv9j69du6es6o82qt0d91i;6d71c68b-cca6-422f-9284-98d509dd278e&s4=165150&url=1&target=Default&affsub=waqv9j69du6es6o82qt0d91i&affsource=6d71c68b-cca6-422f-9284-98d509dd278e HTTP 302
https://a.vfgtg.com/9145a0cd-681c-4a6f-a536-3c2c593fbc74?subID1=waqv9j69du6es6o82qt0d91i%3B6d71c68b-cca6-422f-9284-98d509dd278e&affiliateID=170909&source=102651676e76570b13313fc374f7f2&subID2=165150&Target=Default&Site=&Bnr=&cid=wt2tsgah45ghc6o82f14leoe&affsource=6d71c68b-cca6-422f-9284-98d509dd278e HTTP 302
https://s.aslnk.link/m2nogm54ld/170909/4959/?aff_sub=waqv9j69du6es6o82qt0d91i%3B6d71c68b-cca6-422f-9284-98d509dd278e&aff_sub2=165150&aff_sub3=waqv9j69du6es6o8i2mutj00&source=102651676e76570b13313fc374f7f2&bo=2753,2754,2755,2756&aff_sub5=_6d71c68b-cca6-422f-9284-98d509dd278e Page URL
https://www.dql2clk.com/5KCWZ2/746QKJT/?uid=278&source_id=170909&sub1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&sub5=1024a49b7c7f5582ce736c6995a807 HTTP 302
https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.lyrikgeschwader.de/ HTTP 301
http://lyrikgeschwader.de/ HTTP 302
http://adserverhey.xyz/?sdomain=lyrikgeschwader.de&srootdomain=lyrikgeschwader.de&stld=de&keyword=x&snurl=&project=r&t=r1k

Request Chain 2

https://www.zubivu.com/Smartlink/Dating?w=16205&ws=a362578sr1k&wt=21070208_01_362578_55838dd74ff90&affe=wlatddasdf HTTP 307
https://track.lobby-x.eu/6d71c68b-cca6-422f-9284-98d509dd278e?adtv=11136.112_68b5e7_92a29&w=16205&ws=a362578sr1k&wt=21070208_01_362578_55838dd74ff90 HTTP 302
https://t.adating.link/165150/3785/0?aff_sub=waqv9j69du6es6o82qt0d91i&bo=2753,2754,2755,2756&source=6d71c68b-cca6-422f-9284-98d509dd278e&po=6456&aff_sub2=16205

Request Chain 4

https://a.vfgtg.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=waqv9j69du6es6o82qt0d91i;6d71c68b-cca6-422f-9284-98d509dd278e&affiliateID=44542&source=102651676e76570b13313fc374f7f2&subID2=165150&s2=102651676e76570b13313fc374f7f2&s3=waqv9j69du6es6o82qt0d91i;6d71c68b-cca6-422f-9284-98d509dd278e&s4=165150&url=1&target=Default&affsub=waqv9j69du6es6o82qt0d91i&affsource=6d71c68b-cca6-422f-9284-98d509dd278e HTTP 302
https://a.vfgtg.com/9145a0cd-681c-4a6f-a536-3c2c593fbc74?subID1=waqv9j69du6es6o82qt0d91i%3B6d71c68b-cca6-422f-9284-98d509dd278e&affiliateID=170909&source=102651676e76570b13313fc374f7f2&subID2=165150&Target=Default&Site=&Bnr=&cid=wt2tsgah45ghc6o82f14leoe&affsource=6d71c68b-cca6-422f-9284-98d509dd278e HTTP 302
https://s.aslnk.link/m2nogm54ld/170909/4959/?aff_sub=waqv9j69du6es6o82qt0d91i%3B6d71c68b-cca6-422f-9284-98d509dd278e&aff_sub2=165150&aff_sub3=waqv9j69du6es6o8i2mutj00&source=102651676e76570b13313fc374f7f2&bo=2753,2754,2755,2756&aff_sub5=_6d71c68b-cca6-422f-9284-98d509dd278e

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
adserverhey.xyz/
Redirect Chain

http://www.lyrikgeschwader.de/
http://lyrikgeschwader.de/
http://adserverhey.xyz/?sdomain=lyrikgeschwader.de&srootdomain=lyrikgeschwader.de&stld=de&keyword=x&snurl=&project=r&t=r1k

1 KB
1 KB

249ms
235ms

Document
text/html

2606:4700:3030::ac43:c7df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://adserverhey.xyz/?sdomain=lyrikgeschwader.de&srootdomain=lyrikgeschwader.de&stld=de&keyword=x&snurl=&project=r&t=r1k
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:c7df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9aa6b9faa3b80d22eefd276818d6df7c48c8eaf7fcfe1d28435a43bb2aa0fc6

Request headers

Host: adserverhey.xyz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 06:05:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kw5jFj%2Fv4yXauvK7cdKSvCT%2B98kct1i9FW3V1bEf05vAsE7B0UE2buHH0Gzof8CI7pPjnKJDGLa6icKMC5a9Qff3Sj1clXL%2BREyfQ%2F5ENtoFdAN1rCo09KDE0Fy2e9fEI0Lim6xVxZLD"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6685ae5f98482b22-FRA
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date: Fri, 02 Jul 2021 06:05:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://adserverhey.xyz/?sdomain=lyrikgeschwader.de&srootdomain=lyrikgeschwader.de&stld=de&keyword=x&snurl=&project=r&t=r1k
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=G%2BYGl2qLEz%2BVhv7%2BiYEitbJmX2m4t2ECVcJMXs0ZA7n34qI5GZ1%2Byn6VBB9tzidCBhTsENe%2BsPTRESbnMSz4oYDCymNW5C%2BIhBvHle9OiDY326zmafX2ed20c3MXdxomPKxzXEICy2J0MGr%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6685ae5bfc4d4e50-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 / Show response
t.bl-fastcdn.com/directclick/ 25 KB
9 KB 676ms
652ms Document
text/html 2606:4700:3035::ac43:b7c8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.bl-fastcdn.com/directclick/?pid=a68xXYF9V9FHfob3CDTgGwSXpJc1&subid=r1k
Requested by: Host: adserverhey.xyz
URL: http://adserverhey.xyz/?sdomain=lyrikgeschwader.de&srootdomain=lyrikgeschwader.de&stld=de&keyword=x&snurl=&project=r&t=r1k
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:b7c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bfe0212b352cca2eaa4b2200d8accfcd0d9928fb3f27e45a81f6215e1a3a1f2

Request headers

:method: GET
:authority: t.bl-fastcdn.com
:scheme: https
:path: /directclick/?pid=a68xXYF9V9FHfob3CDTgGwSXpJc1&subid=r1k
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 06:05:14 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
set-cookie: checkkeks=1; expires=Sat, 02-Jul-2022 06:05:13 GMT; Max-Age=31536000; path=/; domain=.bl-fastcdn.com eTag=0d17068532b4c488f7b57daa4d017c8a; expires=Sat, 03-Jul-2021 06:05:13 GMT; Max-Age=86400; path=/; domain=.bl-fastcdn.com eTag=0d17068532b4c488f7b57daa4d017c8a; expires=Sat, 03-Jul-2021 06:05:13 GMT; Max-Age=86400; path=/; domain=.slimspots.com ck_uniques=1625292312%3A22116-111252; expires=Sat, 02-Jul-2022 06:05:14 GMT; Max-Age=31536000; path=/; domain=.bl-fastcdn.com ck_uniques=1625292312%3A22116-111252; expires=Sat, 02-Jul-2022 06:05:14 GMT; Max-Age=31536000; path=/; domain=.slimspots.com ck_uniquesPa=1625292312%3A95542; expires=Sat, 02-Jul-2022 06:05:14 GMT; Max-Age=31536000; path=/; domain=.bl-fastcdn.com ck_uniquesPa=1625292312%3A95542; expires=Sat, 02-Jul-2022 06:05:14 GMT; Max-Age=31536000; path=/; domain=.slimspots.com ck_sys_uniques_3=1; expires=Sat, 03-Jul-2021 06:05:14 GMT; Max-Age=86400; path=/; domain=.bl-fastcdn.com ck_sys_uniques_3=1; expires=Sat, 03-Jul-2021 06:05:14 GMT; Max-Age=86400; path=/; domain=.slimspots.com u_current_ads_view=95542----; expires=Sat, 03-Jul-2021 06:05:14 GMT; Max-Age=86400; path=/; domain=.bl-fastcdn.com u_current_ads_view=95542----; expires=Sat, 03-Jul-2021 06:05:14 GMT; Max-Age=86400; path=/; domain=.slimspots.com
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=abaHL77lGgHpzw5fTmKjDddUgxpaoMN%2FZ9Rfw2zj82%2Bm%2BMgWJogzde719zvGuu%2BSwvE%2FJ89oZsgwbZiNSLG5vKbmFLXK9xG1n%2F26HHv8N8DGQ6QWn2eWWzChZGluPbWODbPa5XpfmuwVuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6685ae613ff44a61-FRA
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

0 Show response
t.adating.link/165150/3785/
Redirect Chain

https://www.zubivu.com/Smartlink/Dating?w=16205&ws=a362578sr1k&wt=21070208_01_362578_55838dd74ff90&affe=wlatddasdf
https://track.lobby-x.eu/6d71c68b-cca6-422f-9284-98d509dd278e?adtv=11136.112_68b5e7_92a29&w=16205&ws=a362578sr1k&wt=21070208_01_362578_55838dd74ff90
https://t.adating.link/165150/3785/0?aff_sub=waqv9j69du6es6o82qt0d91i&bo=2753,2754,2755,2756&source=6d71c68b-cca6-422f-9284-98d509dd278e&po=6456&aff_sub2=16205

2 KB
2 KB

400ms
316ms

Document
text/html

143.204.98.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://t.adating.link/165150/3785/0?aff_sub=waqv9j69du6es6o82qt0d91i&bo=2753,2754,2755,2756&source=6d71c68b-cca6-422f-9284-98d509dd278e&po=6456&aff_sub2=16205

Requested by

Host: t.bl-fastcdn.com
URL: https://t.bl-fastcdn.com/directclick/?pid=a68xXYF9V9FHfob3CDTgGwSXpJc1&subid=r1k

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-48.fra50.r.cloudfront.net

Software

nginx/1.19.0 /

Resource Hash

cb8a5b2e1b2f4d419b69ba144d2180cc7976eecffb9aca574c52c914d28144a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: t.adating.link
:scheme: https
:path: /165150/3785/0?aff_sub=waqv9j69du6es6o82qt0d91i&bo=2753,2754,2755,2756&source=6d71c68b-cca6-422f-9284-98d509dd278e&po=6456&aff_sub2=16205
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://t.bl-fastcdn.com/directclick/?pid=a68xXYF9V9FHfob3CDTgGwSXpJc1&subid=r1k&j=1

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.19.0
date: Fri, 02 Jul 2021 06:05:15 GMT
vary: Accept-Encoding
set-cookie: enc_aff_session_3785=ENC0368dd51d87674b03e238abebfe48c7765cc3cfbe49a55d2819a1f4c293b4d2af1e88cd175441a92606fbbca2e91b1676e8ef88689794fc08c72aa411da30c08c814890bd1c521231dec03fe62983b5f498512e9466d5452792fb9a719ed04644fc3e1b936e67bee14db140edb83803dd86b61edc7887cb432f1dfdbe8afea72c3b58f226fc9df234980f71c5c3a62c4ac0762f5e9618181e2b1a1b8d44c5056567ce3620ca6eaa5786a00d31552c13994d3e0d734634afadf99b8b02c24c747401d9f4838; Path=/; Expires=Sun, 02 Jul 2023 06:05:15 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI4OS4wIiwibW9iaWxlX2NhcnJpZXIiOiI%2FIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNiIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Sun, 26 May 2024 16:45:15 GMT; Secure
tracking_id: 102651676e76570b13313fc374f7f2
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: DB9FwYb6OSyX_5c0gOhY7-y8vK69Onu-d_g9OGAtT6fteq-Jo5lKTw==

Redirect headers

Server: nginx
Date: Fri, 02 Jul 2021 06:05:14 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://t.adating.link/165150/3785/0?aff_sub=waqv9j69du6es6o82qt0d91i&bo=2753,2754,2755,2756&source=6d71c68b-cca6-422f-9284-98d509dd278e&po=6456&aff_sub2=16205
Pragma: no-cache
Set-Cookie: 6d71c68b-cca6-422f-9284-98d509dd278e-v4=6d71c68b-cca6-422f-9284-98d509dd278e; Max-Age=86400; Expires=Sat, 03-Jul-2021 06:05:14 GMT; Domain=track.lobby-x.eu; Path=/; Secure; HttpOnly;SameSite=None cc-v4=LA4pyHbwunC%2FC8IaFoxjMME%2BREKqP%2FRmjDFDD0QNBtGIhQfpCK1HoE2izMSA2bg2Wuu6T9eSy2ITXnD01Cz%2Bug7p6LadSri8uNqQZOeXqVHzXBloEMND9Dh2SYvHQVtCvnFi7OYarUAwNRGm3NEgcg%3D%3D; Max-Age=31536000; Expires=Sat, 02-Jul-2022 06:05:14 GMT; Domain=track.lobby-x.eu; Path=/; Secure; HttpOnly;SameSite=None

GET
H/1.1 200
OK history.js Show response
ckstatic.com/js/historyjs/ 23 KB
7 KB 94ms
21ms Script
text/javascript 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ckstatic.com/js/historyjs/history.js
Requested by: Host: t.adating.link
URL: https://t.adating.link/165150/3785/0?aff_sub=waqv9j69du6es6o82qt0d91i&bo=2753,2754,2755,2756&source=6d71c68b-cca6-422f-9284-98d509dd278e&po=6456&aff_sub2=16205
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045

Request headers

Referer: https://t.adating.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 06:05:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Dec 2020 12:45:10 GMT
ETag: "1607431510"
X-HW: 1625205915.dop145.fr8.t,1625205915.cds055.fr8.shn,1625205915.cds055.fr8.c
Content-Type: text/javascript
Cache-Control: public, max-age=75
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 6880

GET
H2

200

/ Show response
s.aslnk.link/m2nogm54ld/170909/4959/
Redirect Chain

https://a.vfgtg.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=waqv9j69du6es6o82qt0d91i;6d71c68b-cca6-422f-9284-98d509dd278e&affiliateID=44542&source=102651676e76570b13313fc374f7f2&subID2=165150&s...
https://a.vfgtg.com/9145a0cd-681c-4a6f-a536-3c2c593fbc74?subID1=waqv9j69du6es6o82qt0d91i%3B6d71c68b-cca6-422f-9284-98d509dd278e&affiliateID=170909&source=102651676e76570b13313fc374f7f2&subID2=16515...
https://s.aslnk.link/m2nogm54ld/170909/4959/?aff_sub=waqv9j69du6es6o82qt0d91i%3B6d71c68b-cca6-422f-9284-98d509dd278e&aff_sub2=165150&aff_sub3=waqv9j69du6es6o8i2mutj00&source=102651676e76570b13313fc...

2 KB
2 KB

412ms
403ms

Document
text/html

143.204.98.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.aslnk.link/m2nogm54ld/170909/4959/?aff_sub=waqv9j69du6es6o82qt0d91i%3B6d71c68b-cca6-422f-9284-98d509dd278e&aff_sub2=165150&aff_sub3=waqv9j69du6es6o8i2mutj00&source=102651676e76570b13313fc374f7f2&bo=2753,2754,2755,2756&aff_sub5=_6d71c68b-cca6-422f-9284-98d509dd278e

Requested by

Host: t.adating.link
URL: https://t.adating.link/165150/3785/0?aff_sub=waqv9j69du6es6o82qt0d91i&bo=2753,2754,2755,2756&source=6d71c68b-cca6-422f-9284-98d509dd278e&po=6456&aff_sub2=16205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-48.fra50.r.cloudfront.net

Software

nginx/1.19.0 /

Resource Hash

bf3f5ba8dc34fdaac22207978563ad375bdc0f8a3e72f60ab085a5fb4f69839a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s.aslnk.link
:scheme: https
:path: /m2nogm54ld/170909/4959/?aff_sub=waqv9j69du6es6o82qt0d91i%3B6d71c68b-cca6-422f-9284-98d509dd278e&aff_sub2=165150&aff_sub3=waqv9j69du6es6o8i2mutj00&source=102651676e76570b13313fc374f7f2&bo=2753,2754,2755,2756&aff_sub5=_6d71c68b-cca6-422f-9284-98d509dd278e
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://t.adating.link/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://t.adating.link/165150/2753?po=6456&nopop=1&boSequence=3&bo=2754%2C2755%2C2756&aff_sub=waqv9j69du6es6o82qt0d91i&aff_sub2=16205&source=6d71c68b-cca6-422f-9284-98d509dd278e

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.19.0
date: Fri, 02 Jul 2021 06:05:15 GMT
vary: Accept-Encoding
set-cookie: aff_ran_url_7609=24963; Path=/; Expires=Sat, 03 Jul 2021 06:05:15 GMT; Secure enc_aff_session_7609=ENC03296887f773ac1330cffb4ce426e4e2e7ba5b0383e9bf9118bcd96c34d5a7e49571de31acdc747a741e14dc29b70b6d7ba0fa5efb3e759cfa88d9f487d25ebc488a3f1e3220f21595f98dd13568963269bc395e7a4d5f3e275b53225cc16d282277f0d749bdc2e9f358c12fd78efd65a45a9e6ce917fdcd4e1b9b9566d7dbd94c74fe531e7eee4d4bb326da3faa4276722f3acb1c9f30bfa00991ae57180e0b72160dd95ba675e60f9fe4da00715a8a21ecc61c6310485ce90636d965a8e3c71d038ae6c97ab0ad55874391da31d33ccbd1e4eae556469be1cb331d147aa5a95ff18188e30f0d81a5f1ae6e70ecda5be1d4e38e5c9322cfa56fc1107b770d7ba42d829fb7; Path=/; Expires=Sun, 02 Jul 2023 06:05:15 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI4OS4wIiwibW9iaWxlX2NhcnJpZXIiOiI%2FIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNiIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Sun, 26 May 2024 16:45:15 GMT; Secure
tracking_id: 1024a49b7c7f5582ce736c6995a807
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Hx_ix9jpKI4wIif1CI_W-w_oCEVYizcQ62cdvHzNKVjUK9BGFtOvZA==

Redirect headers

Server: nginx
Date: Fri, 02 Jul 2021 06:05:15 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.aslnk.link/m2nogm54ld/170909/4959/?aff_sub=waqv9j69du6es6o82qt0d91i%3B6d71c68b-cca6-422f-9284-98d509dd278e&aff_sub2=165150&aff_sub3=waqv9j69du6es6o8i2mutj00&source=102651676e76570b13313fc374f7f2&bo=2753,2754,2755,2756&aff_sub5=_6d71c68b-cca6-422f-9284-98d509dd278e
Pragma: no-cache
Set-Cookie: 9145a0cd-681c-4a6f-a536-3c2c593fbc74-v4=9145a0cd-681c-4a6f-a536-3c2c593fbc74; Max-Age=86400; Expires=Sat, 03-Jul-2021 06:05:15 GMT; Domain=a.vfgtg.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=2qr0G%2BS%2BuwGOY3KUTyhgvlywp%2BMEGMsb2AR%2B319%2F0WAUm%2FsxRHBB0wZz7LN7boN%2B9gvyA1%2FGCR%2BtAEnPCqarU%2BxHMvxONBuNq8RJJUPX7AzGvrNqync7JnDjT7Jzyd3kCP6Isp%2F%2BDEl8O683FVDZrQ%3D%3D; Max-Age=31536000; Expires=Sat, 02-Jul-2022 06:05:15 GMT; Domain=a.vfgtg.com; Path=/; Secure; HttpOnly;SameSite=None

GET
H/1.1 200
OK history.js Show response
ckstatic.com/js/historyjs/ 23 KB
7 KB 21ms
21ms Script
text/javascript 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ckstatic.com/js/historyjs/history.js
Requested by: Host: s.aslnk.link
URL: https://s.aslnk.link/m2nogm54ld/170909/4959/?aff_sub=waqv9j69du6es6o82qt0d91i%3B6d71c68b-cca6-422f-9284-98d509dd278e&aff_sub2=165150&aff_sub3=waqv9j69du6es6o8i2mutj00&source=102651676e76570b13313fc374f7f2&bo=2753,2754,2755,2756&aff_sub5=_6d71c68b-cca6-422f-9284-98d509dd278e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045

Request headers

Referer: https://s.aslnk.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 06:05:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Dec 2020 12:45:10 GMT
ETag: "1607431510"
X-HW: 1625205915.dop145.fr8.t,1625205916.cds055.fr8.shn,1625205916.cds055.fr8.c
Content-Type: text/javascript
Cache-Control: public, max-age=74
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 6880

GET
H2

200

Primary Request / Show response
www.priveberichten.be/5233/
Redirect Chain

https://www.dql2clk.com/5KCWZ2/746QKJT/?uid=278&source_id=170909&sub1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&sub5=1024a49b7c7f5582ce736c6995a807
https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68...

29 KB
5 KB

149ms
65ms

Document
text/html

18.195.114.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
Requested by: Host: s.aslnk.link
URL: https://s.aslnk.link/m2nogm54ld/170909/4959/?aff_sub=waqv9j69du6es6o82qt0d91i%3B6d71c68b-cca6-422f-9284-98d509dd278e&aff_sub2=165150&aff_sub3=waqv9j69du6es6o8i2mutj00&source=102651676e76570b13313fc374f7f2&bo=2753,2754,2755,2756&aff_sub5=_6d71c68b-cca6-422f-9284-98d509dd278e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.114.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-114-102.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 822f515f86d091880ea61b7dc582fe2ffa7cded1ed7bcc0365666e08572455d4

Request headers

:method: GET
:authority: www.priveberichten.be
:scheme: https
:path: /5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://s.aslnk.link/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.aslnk.link/170909/2753?aff_sub3=waqv9j69du6es6o8i2mutj00&aff_sub5=_6d71c68b-cca6-422f-9284-98d509dd278e&nopop=1&boSequence=3&bo=2754%2C2755%2C2756&aff_sub=waqv9j69du6es6o82qt0d91i%3B6d71c68b-cca6-422f-9284-98d509dd278e&aff_sub2=165150&source=102651676e76570b13313fc374f7f2

Response headers

date: Fri, 02 Jul 2021 06:05:16 GMT
content-type: text/html; charset=UTF-8
content-length: 5268
server: Apache/2.4.29 (Ubuntu)
vary: Accept-Encoding
content-encoding: gzip

Redirect headers

server: nginx
date: Fri, 02 Jul 2021 06:05:16 GMT
content-type: text/html; charset=utf-8
content-length: 327
location: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
set-cookie: uniqueClick_746QKJT=e717db6b-ec60-4c9d-b98f-6a436902bc16:1625205916; Path=/; Expires=Sat, 03 Jul 2021 06:05:16 GMT; Secure; SameSite=None transaction_id=0593a07d2e3344adbbe366e27635162d; Path=/; Expires=Thu, 30 Sep 2021 06:05:16 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: ef31e108-c0b9-4a36-a6f8-b85ac526e06c
via: 1.1 google
alt-svc: clear

GET
H2 200 style.css
www.priveberichten.be/5233/css/ 5 KB
2 KB 25ms
24ms Stylesheet
text/css 18.195.114.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.priveberichten.be/5233/css/style.css
Requested by: Host: www.priveberichten.be
URL: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.114.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-114-102.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 8489ce38e70f7896fdef3db32970a727de73603335c578d48446c3521bd9688f

Request headers

:path: /5233/css/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.priveberichten.be
referer: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 06:05:16 GMT
content-encoding: gzip
last-modified: Tue, 09 Feb 2021 09:34:00 GMT
server: Apache/2.4.29 (Ubuntu)
etag: "12e0-5bae3fc7f32e8-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1564

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
517 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Anton&display=swap

Requested by

Host: www.priveberichten.be
URL: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

91bb9babf9b922d9670efbad516ad7b026cc8bf763e1b5aaccb2e58c451e060a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.priveberichten.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Jul 2021 05:21:49 GMT
server: ESF
date: Fri, 02 Jul 2021 06:05:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Jul 2021 06:05:16 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
492 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Dosis:wght@300&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

17ea03f60592afd9973dfbed0566b723d4cac53205b43502dcfa0a9ea8a46635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.priveberichten.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Jul 2021 06:05:16 GMT
server: ESF
date: Fri, 02 Jul 2021 06:05:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Jul 2021 06:05:16 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
761 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@200;400;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ebb98aa2c2e8cd410f3d7540baf6a4443f2b8bd0098bb1aa4e18e66d3629237

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.priveberichten.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Jul 2021 06:05:16 GMT
server: ESF
date: Fri, 02 Jul 2021 06:05:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Jul 2021 06:05:16 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
608 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow+Semi+Condensed:wght@400;600;900&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc5d6675b667dd0cc9e1c9cbd0d68128f267c2d38a9a49fcb527df9416bf9253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.priveberichten.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Jul 2021 06:05:16 GMT
server: ESF
date: Fri, 02 Jul 2021 06:05:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Jul 2021 06:05:16 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
30 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.priveberichten.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 04:14:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Jul 2022 04:14:16 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 34ms
18ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.priveberichten.be
URL: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f182ed807d450695ca1b7a46485055753f62953e537375f87ed760db40b5e944

Request headers

Referer: https://www.priveberichten.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 06:05:16 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2506
etag: W/"9cc5b20efbbb51fc44f99beb97c68732"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6685ae726dc51f55-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 05 Jul 2021 06:05:16 GMT

GET
H2 200 arrow_OLD.png
www.priveberichten.be/5233/media/svg/ 33 KB
33 KB 26ms
26ms Image
image/png 18.195.114.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.priveberichten.be/5233/media/svg/arrow_OLD.png
Requested by: Host: www.priveberichten.be
URL: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.114.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-114-102.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: f4387c2a627a1cd7509110ecf6d41088c587017300811fa6c7e6c064cc93fb34

Request headers

:path: /5233/media/svg/arrow_OLD.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.priveberichten.be
referer: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 06:05:16 GMT
last-modified: Tue, 09 Feb 2021 09:34:35 GMT
server: Apache/2.4.29 (Ubuntu)
accept-ranges: bytes
etag: "84ea-5bae3fe9f971c"
content-length: 34026
content-type: image/png

GET
H2 200 video_01.gif
www.priveberichten.be/5233/media/gif/ 1 MB
1 MB 48ms
46ms Image
image/gif 18.195.114.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.priveberichten.be/5233/media/gif/video_01.gif
Requested by: Host: www.priveberichten.be
URL: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.114.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-114-102.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 59f833942879aae8dba68d61378c65ec34432daef3f236432d4fd55509d081fd

Request headers

:path: /5233/media/gif/video_01.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.priveberichten.be
referer: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 06:05:16 GMT
last-modified: Tue, 09 Feb 2021 09:34:13 GMT
server: Apache/2.4.29 (Ubuntu)
accept-ranges: bytes
etag: "17f813-5bae3fd452042"
content-length: 1570835
content-type: image/gif

GET
H2 200 video_02.gif
www.priveberichten.be/5233/media/gif/ 1 MB
2 MB 39ms
37ms Image
image/gif 18.195.114.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.priveberichten.be/5233/media/gif/video_02.gif
Requested by: Host: www.priveberichten.be
URL: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.114.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-114-102.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: bf99834835a3988640886c43829534777bd07e63444074397edf3e4320332008

Request headers

:path: /5233/media/gif/video_02.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.priveberichten.be
referer: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 06:05:16 GMT
last-modified: Tue, 09 Feb 2021 09:34:54 GMT
server: Apache/2.4.29 (Ubuntu)
accept-ranges: bytes
etag: "17fa46-5bae3ffba6961"
content-length: 1571398
content-type: image/gif

GET
H2 200 video_03.gif
www.priveberichten.be/5233/media/gif/ 2 MB
2 MB 48ms
46ms Image
image/gif 18.195.114.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.priveberichten.be/5233/media/gif/video_03.gif
Requested by: Host: www.priveberichten.be
URL: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.114.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-114-102.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: ba553ed1de12db541f47e04f91c53c7902c69f1cddc99b694e5f4e1e3daaed2c

Request headers

:path: /5233/media/gif/video_03.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.priveberichten.be
referer: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 06:05:16 GMT
last-modified: Tue, 09 Feb 2021 09:34:00 GMT
server: Apache/2.4.29 (Ubuntu)
accept-ranges: bytes
etag: "1f7979-5bae3fc7fafe8"
content-length: 2062713
content-type: image/gif

GET
H2 200 video_04.gif
www.priveberichten.be/5233/media/gif/ 1007 KB
1008 KB 47ms
46ms Image
image/gif 18.195.114.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.priveberichten.be/5233/media/gif/video_04.gif
Requested by: Host: www.priveberichten.be
URL: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.114.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-114-102.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: be6152a7624554651ddbdd6192d7aecfee3a10497a5ef94cc7eb5a1ef1a222f3

Request headers

:path: /5233/media/gif/video_04.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.priveberichten.be
referer: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 06:05:16 GMT
last-modified: Tue, 09 Feb 2021 09:34:35 GMT
server: Apache/2.4.29 (Ubuntu)
accept-ranges: bytes
etag: "fbb70-5bae3fe9e201b"
content-length: 1031024
content-type: image/gif

GET
H2 200 video_05.gif
www.priveberichten.be/5233/media/gif/ 2 MB
2 MB 60ms
58ms Image
image/gif 18.195.114.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.priveberichten.be/5233/media/gif/video_05.gif
Requested by: Host: www.priveberichten.be
URL: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.114.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-114-102.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 90e2a4f8b6c40207cd9f23a1106ab72431175c3d779995f0f8f3a3c9a7c35fd8

Request headers

:path: /5233/media/gif/video_05.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.priveberichten.be
referer: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 06:05:16 GMT
last-modified: Tue, 09 Feb 2021 09:34:13 GMT
server: Apache/2.4.29 (Ubuntu)
accept-ranges: bytes
etag: "19cd4a-5bae3fd45bc81"
content-length: 1690954
content-type: image/gif

GET
H2 200 video_06.gif
www.priveberichten.be/5233/media/gif/ 3 MB
3 MB 48ms
46ms Image
image/gif 18.195.114.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.priveberichten.be/5233/media/gif/video_06.gif
Requested by: Host: www.priveberichten.be
URL: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.114.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-114-102.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 224aa89aa7e6f1def2a1207f34f0938fad919d69a8abfcd472bffeee67757444

Request headers

:path: /5233/media/gif/video_06.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.priveberichten.be
referer: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 06:05:16 GMT
last-modified: Tue, 09 Feb 2021 09:34:54 GMT
server: Apache/2.4.29 (Ubuntu)
accept-ranges: bytes
etag: "2973cf-5bae3ffbb4421"
content-length: 2716623
content-type: image/gif

GET
H2 200 video_07.gif
www.priveberichten.be/5233/media/gif/ 1 MB
1 MB 59ms
58ms Image
image/gif 18.195.114.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.priveberichten.be/5233/media/gif/video_07.gif
Requested by: Host: www.priveberichten.be
URL: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.114.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-114-102.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b71c6bcbcde3a41b85f34133851dce4b4eeb154e052cd16279a554066975607c

Request headers

:path: /5233/media/gif/video_07.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.priveberichten.be
referer: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 06:05:16 GMT
last-modified: Tue, 09 Feb 2021 09:34:00 GMT
server: Apache/2.4.29 (Ubuntu)
accept-ranges: bytes
etag: "14af26-5bae3fc805bc8"
content-length: 1355558
content-type: image/gif

GET
H2 200 video_08.gif
www.priveberichten.be/5233/media/gif/ 2 MB
2 MB 59ms
58ms Image
image/gif 18.195.114.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.priveberichten.be/5233/media/gif/video_08.gif
Requested by: Host: www.priveberichten.be
URL: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.114.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-114-102.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: da07adab9071ccae73c0d8002d80d7f3a16d7db4e9264bc436ead8e4cf759e40

Request headers

:path: /5233/media/gif/video_08.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.priveberichten.be
referer: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 06:05:16 GMT
last-modified: Tue, 09 Feb 2021 09:34:35 GMT
server: Apache/2.4.29 (Ubuntu)
accept-ranges: bytes
etag: "1892ad-5bae3fe9f971c"
content-length: 1610413
content-type: image/gif

GET
H2 200 arrow.svg
www.priveberichten.be/5233/media/svg/ 1 KB
1 KB 59ms
58ms Image
image/svg+xml 18.195.114.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.priveberichten.be/5233/media/svg/arrow.svg
Requested by: Host: www.priveberichten.be
URL: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.114.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-114-102.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 03e942ccd321b1387802997f98707db759ba2cbb76234c5dd48159c72e65104a

Request headers

:path: /5233/media/svg/arrow.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.priveberichten.be
referer: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.priveberichten.be/5233/?country=BE&region=Bruxelles-capitale&city=Brussels&brands=priveberichten.be&clickid=0593a07d2e3344adbbe366e27635162d&pi=101&campaignId=170909&var1=165150_6d71c68b-cca6-422f-9284-98d509dd278e&var2=&var3=1024a49b7c7f5582ce736c6995a807
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 06:05:16 GMT
last-modified: Tue, 09 Feb 2021 09:34:13 GMT
server: Apache/2.4.29 (Ubuntu)
accept-ranges: bytes
etag: "402-5bae3fd464920"
content-length: 1026
content-type: image/svg+xml

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.vfgtg.com
adserverhey.xyz
ajax.googleapis.com
cdn.onesignal.com
ckstatic.com
fonts.googleapis.com
lyrikgeschwader.de
s.aslnk.link
t.adating.link
t.bl-fastcdn.com
track.lobby-x.eu
www.dql2clk.com
www.lyrikgeschwader.de
www.priveberichten.be
www.zubivu.com
143.204.98.48
18.195.114.102
18.195.149.11
194.116.150.216
205.185.216.10
2606:4700:3030::ac43:b525
2606:4700:3030::ac43:c7df
2606:4700:3032::6815:3388
2606:4700:3035::ac43:b7c8
2606:4700::6812:e134
2a00:1450:4001:802::200a
2a00:1450:4001:82f::200a
34.117.199.78
03e942ccd321b1387802997f98707db759ba2cbb76234c5dd48159c72e65104a
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
17ea03f60592afd9973dfbed0566b723d4cac53205b43502dcfa0a9ea8a46635
1bfe0212b352cca2eaa4b2200d8accfcd0d9928fb3f27e45a81f6215e1a3a1f2
224aa89aa7e6f1def2a1207f34f0938fad919d69a8abfcd472bffeee67757444
2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045
59f833942879aae8dba68d61378c65ec34432daef3f236432d4fd55509d081fd
7ebb98aa2c2e8cd410f3d7540baf6a4443f2b8bd0098bb1aa4e18e66d3629237
822f515f86d091880ea61b7dc582fe2ffa7cded1ed7bcc0365666e08572455d4
8489ce38e70f7896fdef3db32970a727de73603335c578d48446c3521bd9688f
90e2a4f8b6c40207cd9f23a1106ab72431175c3d779995f0f8f3a3c9a7c35fd8
91bb9babf9b922d9670efbad516ad7b026cc8bf763e1b5aaccb2e58c451e060a
b71c6bcbcde3a41b85f34133851dce4b4eeb154e052cd16279a554066975607c
ba553ed1de12db541f47e04f91c53c7902c69f1cddc99b694e5f4e1e3daaed2c
be6152a7624554651ddbdd6192d7aecfee3a10497a5ef94cc7eb5a1ef1a222f3
bf3f5ba8dc34fdaac22207978563ad375bdc0f8a3e72f60ab085a5fb4f69839a
bf99834835a3988640886c43829534777bd07e63444074397edf3e4320332008
c9aa6b9faa3b80d22eefd276818d6df7c48c8eaf7fcfe1d28435a43bb2aa0fc6
cb8a5b2e1b2f4d419b69ba144d2180cc7976eecffb9aca574c52c914d28144a7
cc5d6675b667dd0cc9e1c9cbd0d68128f267c2d38a9a49fcb527df9416bf9253
da07adab9071ccae73c0d8002d80d7f3a16d7db4e9264bc436ead8e4cf759e40
f182ed807d450695ca1b7a46485055753f62953e537375f87ed760db40b5e944
f4387c2a627a1cd7509110ecf6d41088c587017300811fa6c7e6c064cc93fb34

www.priveberichten.be Open in urlscan Pro 18.195.114.102 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

96 %HTTPS

54 %IPv6

13 Domains

15 Subdomains

8 IPs

3 Countries

13412 kBTransfer

13543 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

www.priveberichten.be Open in urlscan Pro
18.195.114.102 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

96 %
HTTPS

54 %
IPv6

13
Domains

15
Subdomains

8
IPs

3
Countries

13412 kB
Transfer

13543 kB
Size

0
Cookies

24 HTTP transactions
0 data transactions