Submitted URL: https://www.nucash.be/user/cm-l.php?sk=7596024bab6cc213b6bac49dcd105ab923e592f8&e=d70322eaf0bfc98c8c98b592ae4b9ed380e4...
Effective URL: https://www.expedia.be/?AFFCID=BE.network.affiliatewindow.334005.2058741.68-OBS-5d65b12db9d9e68.8318_1566945585_eb08ac4...
Submission: On August 27 via api from BE

Summary

This website contacted 7 IPs in 4 countries across 11 domains to perform 22 HTTP transactions. The main IP is 2.19.44.79, located in Ascension Island and belongs to AKAMAI-ASN1, US. The main domain is www.expedia.be.
TLS certificate: Issued by GeoTrust RSA CA 2018 on July 18th 2019. Valid for: a year.
This is the only time www.expedia.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 78.137.118.22 34934 (UKFAST)
4 2a02:21a8:0:3... 61323 (SECARMA)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 104.109.83.210 20940 (AKAMAI-ASN1)
1 1 5.150.170.6 31151 (PHG-AS)
1 2.19.44.79 20940 (AKAMAI-ASN1)
2 2.19.44.207 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
22 7
Domain Requested by
5 www.nucash.be www.nucash.be
4 static.orangebuddies.com www.nucash.be
2 b.travel-assets.com www.expedia.be
1 www.google.com www.expedia.be
1 www.expedia.be www.expedia.be
1 prf.hn 1 redirects
1 www.zenaps.com 1 redirects
1 www.awin1.com 1 redirects
1 fonts.googleapis.com www.nucash.be
0 thumbnails.trvl-media.com Failed www.expedia.be
0 www.expedia.com Failed www.expedia.be
0 c.travel-assets.com Failed www.expedia.be
0 a.travel-assets.com Failed www.expedia.be
22 13

This site contains no links.

Subject Issuer Validity Valid
www.cashbackkorting.nl
Sectigo RSA Domain Validation Secure Server CA
2019-05-06 -
2021-05-21
2 years crt.sh
static.orangebuddies.com
Sectigo RSA Domain Validation Secure Server CA
2019-06-17 -
2021-06-17
2 years crt.sh
*.googleapis.com
Google Internet Authority G3
2019-07-29 -
2019-10-21
3 months crt.sh
www.expedia.com
GeoTrust RSA CA 2018
2019-07-18 -
2020-09-05
a year crt.sh
www.google.com
Google Internet Authority G3
2019-07-29 -
2019-10-21
3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.expedia.be/?AFFCID=BE.network.affiliatewindow.334005.2058741.68-OBS-5d65b12db9d9e68.8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8&awc=8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8&clickref=1100l6xdb3SD&src=phg
Frame ID: 22C5CB38A014D77FBDF96E89F20117DF
Requests: 14 HTTP requests in this frame

Frame: https://www.nucash.be/user/cashmail_text.php?storeid=71895
Frame ID: A9ACE48B3F5E199A51ADAF3E250FF034
Requests: 9 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www.nucash.be/user/cm-l.php?sk=7596024bab6cc213b6bac49dcd105ab923e592f8&e=d70322eaf0bfc98c... Page URL
  2. http://www.awin1.com/awclick.php?gid=324666&mid=8318&awinaffid=334005&linkid=2058741&clickref=68-... HTTP 302
    http://www.zenaps.com/rclick.php?mid=8318&c_len=2592000&c_ts=1566945585&c_cnt=334005%7C324666%7C20... HTTP 302
    https://prf.hn/click/camref:1101l4Wo/pubref:2058741/adref:334005-httpwwwshopbuddiebe/destin... HTTP 302
    https://www.expedia.be/?AFFCID=BE.network.affiliatewindow.334005.2058741.68-OBS-5d65b12db9d9e68.831... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

22
Requests

64 %
HTTPS

38 %
IPv6

11
Domains

13
Subdomains

7
IPs

4
Countries

207 kB
Transfer

897 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.nucash.be/user/cm-l.php?sk=7596024bab6cc213b6bac49dcd105ab923e592f8&e=d70322eaf0bfc98c8c98b592ae4b9ed380e4fe88-17362&sid=71895&ftb=1 Page URL
  2. http://www.awin1.com/awclick.php?gid=324666&mid=8318&awinaffid=334005&linkid=2058741&clickref=68-OBS-5d65b12db9d9e68 HTTP 302
    http://www.zenaps.com/rclick.php?mid=8318&c_len=2592000&c_ts=1566945585&c_cnt=334005%7C324666%7C2058741%7C1566945585%7C68-OBS-5d65b12db9d9e68%7Caw%7C0&ir=9163d650-c91b-11e9-b683-692d07f72aaa&pr=https%3A%2F%2Fprf.hn%2Fclick%2Fcamref%3A1101l4Wo%2Fpubref%3A2058741%2Fadref%3A334005-httpwwwshopbuddiebe%2Fdestination%3Ahttps%3A%2F%2Fwww.expedia.be%3FAFFCID%3DBE.network.affiliatewindow.334005.2058741.68-OBS-5d65b12db9d9e68.8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8%26awc%3D8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8&bId=HLEX_5d65b1319275e7.02398301&cookie=1&c_d=zenaps.com HTTP 302
    https://prf.hn/click/camref:1101l4Wo/pubref:2058741/adref:334005-httpwwwshopbuddiebe/destination:https://www.expedia.be?AFFCID=BE.network.affiliatewindow.334005.2058741.68-OBS-5d65b12db9d9e68.8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8&awc=8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8 HTTP 302
    https://www.expedia.be/?AFFCID=BE.network.affiliatewindow.334005.2058741.68-OBS-5d65b12db9d9e68.8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8&awc=8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8&clickref=1100l6xdb3SD&src=phg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set cm-l.php
www.nucash.be/user/
879 B
1 KB
Document
General
Full URL
https://www.nucash.be/user/cm-l.php?sk=7596024bab6cc213b6bac49dcd105ab923e592f8&e=d70322eaf0bfc98c8c98b592ae4b9ed380e4fe88-17362&sid=71895&ftb=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.137.118.22 Northwich, United Kingdom, ASN34934 (UKFAST, GB),
Reverse DNS
78.137.118.22.srvlist.ukfast.net
Software
nginx /
Resource Hash
99a779654047acd8028bd65da51d08a33d8b4466cee7cefc07eaca351dc7250a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
www.nucash.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Server
nginx
Date
Tue, 27 Aug 2019 22:39:41 GMT
Content-Type
text/html; charset=utf-8
Content-Length
506
Connection
keep-alive
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Xss-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
Set-Cookie
PHPSESSID=2pmqvuaq1f2e092mdfdgb6r095; path=/; secure; HttpOnly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
cashmail_text.php
www.nucash.be/user/ Frame A9AC
4 KB
2 KB
Document
General
Full URL
https://www.nucash.be/user/cashmail_text.php?storeid=71895
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cm-l.php?sk=7596024bab6cc213b6bac49dcd105ab923e592f8&e=d70322eaf0bfc98c8c98b592ae4b9ed380e4fe88-17362&sid=71895&ftb=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.137.118.22 Northwich, United Kingdom, ASN34934 (UKFAST, GB),
Reverse DNS
78.137.118.22.srvlist.ukfast.net
Software
nginx / PHP/5.6.25
Resource Hash
b8d3ba10231bafb0227111c69f7d127e59f52d4203a38f4657f88ed3d12a190f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
www.nucash.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
same-origin
Referer
https://www.nucash.be/user/cm-l.php?sk=7596024bab6cc213b6bac49dcd105ab923e592f8&e=d70322eaf0bfc98c8c98b592ae4b9ed380e4fe88-17362&sid=71895&ftb=1
Accept-Encoding
gzip, deflate, br
Cookie
PHPSESSID=2pmqvuaq1f2e092mdfdgb6r095
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.nucash.be/user/cm-l.php?sk=7596024bab6cc213b6bac49dcd105ab923e592f8&e=d70322eaf0bfc98c8c98b592ae4b9ed380e4fe88-17362&sid=71895&ftb=1

Response headers

Server
nginx
Date
Tue, 27 Aug 2019 22:39:41 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
1463
Connection
keep-alive
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Xss-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
X-Powered-By
PHP/5.6.25
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
layout.css
static.orangebuddies.com/templates/www.nucash.be/march16/css/ Frame A9AC
244 KB
51 KB
Stylesheet
General
Full URL
https://static.orangebuddies.com/templates/www.nucash.be/march16/css/layout.css
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cashmail_text.php?storeid=71895
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
cc687bdf5607b3942dec005e11833bb91a8da508de5c383bc40db64382b321ad

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nucash.be/user/cashmail_text.php?storeid=71895
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 27 Aug 2019 22:39:42 GMT
content-encoding
gzip
last-modified
Fri, 19 Jul 2019 10:04:48 GMT
server
nginx/1.4.7
status
200
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
exit-page-cbk-new.css
www.nucash.be/general.assets/css/ Frame A9AC
2 KB
1 KB
Stylesheet
General
Full URL
https://www.nucash.be/general.assets/css/exit-page-cbk-new.css
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cashmail_text.php?storeid=71895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.137.118.22 Northwich, United Kingdom, ASN34934 (UKFAST, GB),
Reverse DNS
78.137.118.22.srvlist.ukfast.net
Software
nginx /
Resource Hash
ed5279e550ac7f7e7d13962a02507cc671ba8d5e41cd832edcc436687b2d1d28
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nucash.be/user/cashmail_text.php?storeid=71895
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 27 Aug 2019 22:39:42 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Wed, 14 Feb 2018 05:23:00 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
706
X-Xss-Protection
1; mode=block
jquery.min.js
www.nucash.be/general.assets/js/ Frame A9AC
91 KB
33 KB
Script
General
Full URL
https://www.nucash.be/general.assets/js/jquery.min.js
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cashmail_text.php?storeid=71895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.137.118.22 Northwich, United Kingdom, ASN34934 (UKFAST, GB),
Reverse DNS
78.137.118.22.srvlist.ukfast.net
Software
nginx /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nucash.be/user/cashmail_text.php?storeid=71895
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 27 Aug 2019 22:39:42 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Wed, 14 Feb 2018 05:23:00 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33430
X-Xss-Protection
1; mode=block
logo.png
static.orangebuddies.com/templates/www.nucash.be/march16/assets/ Frame A9AC
21 KB
21 KB
Image
General
Full URL
https://static.orangebuddies.com/templates/www.nucash.be/march16/assets/logo.png
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cashmail_text.php?storeid=71895
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
81bfc535b798aea06763ba112fd7edc6f88fee549f9e0a4a98b0cea84bef23e6

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nucash.be/user/cashmail_text.php?storeid=71895
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 27 Aug 2019 22:39:42 GMT
last-modified
Wed, 02 Nov 2016 07:31:45 GMT
server
nginx/1.4.7
etag
"58199661-5511"
status
200
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
21777
71895.jpg
static.orangebuddies.com/image/stores/ Frame A9AC
3 KB
3 KB
Image
General
Full URL
https://static.orangebuddies.com/image/stores/71895.jpg
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cashmail_text.php?storeid=71895
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
243ad223d123215b4110021bd71de7a1dc4649c69e62928da0a8b413e4233771

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nucash.be/user/cashmail_text.php?storeid=71895
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 27 Aug 2019 22:39:42 GMT
last-modified
Fri, 03 Nov 2017 12:48:59 GMT
server
nginx/1.4.7
etag
"59fc65bb-d18"
status
200
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
3352
41316-ExitPage468x60.png
static.orangebuddies.com/image/banners/ Frame A9AC
11 KB
11 KB
Image
General
Full URL
https://static.orangebuddies.com/image/banners/41316-ExitPage468x60.png
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cashmail_text.php?storeid=71895
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
d63e9dc6fe7183a21e2b64b9b0e7037a2a7a7023fa50306a76acd1c85a6881c1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nucash.be/user/cashmail_text.php?storeid=71895
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 27 Aug 2019 22:39:42 GMT
last-modified
Wed, 17 Apr 2019 13:24:13 GMT
server
nginx/1.4.7
etag
"5cb728fd-2b47"
status
200
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
11079
css
fonts.googleapis.com/ Frame A9AC
2 KB
535 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=PT+Sans+Narrow
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cashmail_text.php?storeid=71895
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
bc2d206064e6dbc975bb0bf332fb48c7af9b04187b263713b4db2f61831cb8cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nucash.be/user/cashmail_text.php?storeid=71895
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 27 Aug 2019 22:39:42 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Tue, 27 Aug 2019 22:39:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Tue, 27 Aug 2019 22:39:42 GMT
bar-loading.gif
www.nucash.be/general.assets/images/ Frame A9AC
3 KB
4 KB
Image
General
Full URL
https://www.nucash.be/general.assets/images/bar-loading.gif
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/general.assets/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.137.118.22 Northwich, United Kingdom, ASN34934 (UKFAST, GB),
Reverse DNS
78.137.118.22.srvlist.ukfast.net
Software
nginx /
Resource Hash
a03a0e52f0f18d00375e4358ede5ec2ab934ea7a739e916c7c1caa702833e1b2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nucash.be/general.assets/css/exit-page-cbk-new.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 27 Aug 2019 22:39:42 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000, public, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3161
X-Xss-Protection
1; mode=block
Primary Request /
www.expedia.be/
Redirect Chain
  • http://www.awin1.com/awclick.php?gid=324666&mid=8318&awinaffid=334005&linkid=2058741&clickref=68-OBS-5d65b12db9d9e68
  • http://www.zenaps.com/rclick.php?mid=8318&c_len=2592000&c_ts=1566945585&c_cnt=334005%7C324666%7C2058741%7C1566945585%7C68-OBS-5d65b12db9d9e68%7Caw%7C0&ir=9163d650-c91b-11e9-b683-692d07f72aaa&pr=htt...
  • https://prf.hn/click/camref:1101l4Wo/pubref:2058741/adref:334005-httpwwwshopbuddiebe/destination:https://www.expedia.be?AFFCID=BE.network.affiliatewindow.334005.2058741.68-OBS-5d65b12db9d9e68.8318_...
  • https://www.expedia.be/?AFFCID=BE.network.affiliatewindow.334005.2058741.68-OBS-5d65b12db9d9e68.8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8&awc=8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8...
327 KB
34 KB
Document
General
Full URL
https://www.expedia.be/?AFFCID=BE.network.affiliatewindow.334005.2058741.68-OBS-5d65b12db9d9e68.8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8&awc=8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8&clickref=1100l6xdb3SD&src=phg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.44.79 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-44-79.deploy.static.akamaitechnologies.com
Software
Apache-Coyote/1.1 /
Resource Hash
0815cdbd66dac9d4d8a6e6bcf926d202ab6a737f9129e1f23920bca84ccfb653
Security Headers
Name Value
Content-Security-Policy frame-ancestors about: 'self'
Strict-Transport-Security max-age=2592000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

:method
GET
:authority
www.expedia.be
:scheme
https
:path
/?AFFCID=BE.network.affiliatewindow.334005.2058741.68-OBS-5d65b12db9d9e68.8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8&awc=8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8&clickref=1100l6xdb3SD&src=phg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
429
activity-id
93e1bea7-f75f-46f8-b90d-196c49e6df11
cache-control
no-cache,no-store,must-revalidate
content-encoding
gzip
content-language
en
content-security-policy
frame-ancestors about: 'self'
content-type
text/html;charset=UTF-8
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
Apache-Coyote/1.1
strict-transport-security
max-age=2592000; includeSubDomains;
trace-id
93e1bea7-f75f-46f8-b90d-196c49e6df11
vary
Accept-Encoding
x-app-info
re-captcha-web,0b5f1624c9f674f09e3c68a99f8507f7ceb45dd0,us-east-1
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-hcom-request-id
noJvmRouteSet;9169ca12-c91b-11e9-971c-0242d720d77b
x-page-id
page.Recaptcha,U,0
x-xss-protection
1
date
Tue, 27 Aug 2019 22:39:45 GMT
set-cookie
tpid=v.1,64; Max-Age=1000000; Expires=Sun, 08 Sep 2019 12:26:25 GMT; Path=/; Domain=.expedia.be iEAPID=0; Path=/; Domain=.expedia.be currency=EUR; Max-Age=157680000; Expires=Sun, 25 Aug 2024 22:39:45 GMT; Path=/; Domain=.expedia.be; HTTPOnly linfo=v.4,|0|0|255|1|0||||||||1043|0|0||0|0|0|-1|-1; Max-Age=157680000; Expires=Sun, 25 Aug 2024 22:39:45 GMT; Path=/; Domain=.expedia.be user=; Max-Age=1; Expires=Tue, 27 Aug 2019 22:39:46 GMT; Path=/; Domain=.expedia.be; HTTPOnly minfo=; Max-Age=1; Expires=Tue, 27 Aug 2019 22:39:46 GMT; Path=/; Domain=.expedia.be; HTTPOnly accttype=; Max-Age=1; Expires=Tue, 27 Aug 2019 22:39:46 GMT; Path=/; Domain=.expedia.be; HTTPOnly JSESSIONID=212DA64CA8CFA914E2731570866418BE; Path=/; HTTPOnly cesc=%7B%22aff%22%3A%5B%22AFF.BE.network.affiliatewindow.334005.2058741.68-OBS-5d65b12db9d9e68.8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8%22%2C1566945585330%5D%2C%22marketingClick%22%3A%5B%22true%22%2C1566945585330%5D%2C%22hitNumber%22%3A%5B%221%22%2C1566945585330%5D%2C%22visitNumber%22%3A%5B%221%22%2C1566945585330%5D%2C%22cidVisit%22%3A%5B%22AFF.BE.network.affiliatewindow.334005.2058741.68-OBS-5d65b12db9d9e68.8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8%22%2C1566945585330%5D%2C%22entryPage%22%3A%5B%22page.Recaptcha%22%2C1566945585330%5D%2C%22cid%22%3A%5B%22AFF.BE.network.affiliatewindow.334005.2058741.68-OBS-5d65b12db9d9e68.8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8%22%2C1566945585330%5D%7D; Max-Age=157680000; Expires=Sun, 25 Aug 2024 22:39:45 GMT; Path=/; Domain=expedia.be HMS=346b4570-0866-4cfc-8ebc-9fd04937a079; Max-Age=1800; Expires=Tue, 27 Aug 2019 23:09:45 GMT; Path=/; Domain=.expedia.be MC1=GUID=9146ee670f9b4a62b93ed8472aee4db7; Expires=Tue, 27 Aug 2019 22:39:44 GMT DUAID=9146ee67-0f9b-4a62-b93e-d8472aee4db7; Expires=Tue, 27 Aug 2019 22:39:44 GMT MC1=GUID=9146ee670f9b4a62b93ed8472aee4db7; Expires=Tue, 27 Aug 2019 22:39:44 GMT; Domain=.www.expedia.be DUAID=9146ee67-0f9b-4a62-b93e-d8472aee4db7; Expires=Tue, 27 Aug 2019 22:39:44 GMT; Domain=.www.expedia.be MC1=GUID=9146ee670f9b4a62b93ed8472aee4db7; Max-Age=157680000; Expires=Sun, 25 Aug 2024 22:39:45 GMT; Path=/; Domain=.expedia.be DUAID=9146ee67-0f9b-4a62-b93e-d8472aee4db7; Max-Age=157680000; Expires=Sun, 25 Aug 2024 22:39:45 GMT; Path=/; Domain=.expedia.be OIP=gdpr|-1; Max-Age=94608000; Expires=Fri, 26 Aug 2022 22:39:45 GMT; Path=/; Domain=.expedia.be
x-edgeconnect-cache-status
0

Redirect headers

Server
nginx
Date
Tue, 27 Aug 2019 22:39:45 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR PSAa PSDa OUR IND UNI"
Set-Cookie
tPHG-PS=1101l1854766528; expires=Wed, 26-Aug-2020 22:39:45 GMT; Max-Age=31536000; path=/; domain=.prf.hn
Location
https://www.expedia.be?AFFCID=BE.network.affiliatewindow.334005.2058741.68-OBS-5d65b12db9d9e68.8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8&awc=8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8&clickref=1100l6xdb3SD&src=phg
uitk-lib-bundle-min.js
b.travel-assets.com/uitoolkit/2-217/80473e801d577a526da52bbe0e9294f02c2b11d3/core/js/
24 KB
10 KB
Script
General
Full URL
https://b.travel-assets.com/uitoolkit/2-217/80473e801d577a526da52bbe0e9294f02c2b11d3/core/js/uitk-lib-bundle-min.js
Requested by
Host: www.expedia.be
URL: https://www.expedia.be/?AFFCID=BE.network.affiliatewindow.334005.2058741.68-OBS-5d65b12db9d9e68.8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8&awc=8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8&clickref=1100l6xdb3SD&src=phg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.44.207 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-44-207.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ef9e14e9ccc149d0c751281d80dc6b66ad1daa2358a296bc6a780ca33a922279

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.expedia.be/?AFFCID=BE.network.affiliatewindow.334005.2058741.68-OBS-5d65b12db9d9e68.8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8&awc=8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8&clickref=1100l6xdb3SD&src=phg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 27 Aug 2019 22:39:46 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
AC3B369CA4A8A0FE
status
200
content-length
9344
x-amz-id-2
n8ZEIYF5/buYsIjZqQeMOZLeNn4IFd/ORhGqsVb8QJiQuU0zWshx2EMQdreattyQ6vQG5UMA3a0=
last-modified
Wed, 13 Mar 2019 17:14:55 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:501/gname:ewe-jenkins/uname:ewe-jenkins/gid:501/mode:33261/mtime:1552496410/atime:1552496410/md5:c8b9c44e62d7e6d1a0ce923f965605f8/ctime:1552497271
etag
"c8b9c44e62d7e6d1a0ce923f965605f8"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=23970818
accept-ranges
bytes
expires
Sun, 31 May 2020 09:13:24 GMT
expedia-responsive.css
a.travel-assets.com/uitoolkit/2-217/80473e801d577a526da52bbe0e9294f02c2b11d3/core/minifiedCss/brands/
0
0

uitk-jquery-jstemplate-bundle-min.js
c.travel-assets.com/uitoolkit/2-217/80473e801d577a526da52bbe0e9294f02c2b11d3/core/js/
0
0

uitk-core-bundle-min.js
a.travel-assets.com/uitoolkit/2-217/80473e801d577a526da52bbe0e9294f02c2b11d3/core/js/
0
0

dateTimeFormats.js
www.expedia.com/i18n/64/nl_BE/
0
0

globalcontrols-min.css
b.travel-assets.com/globalcontrols-service/content/d1008e7dab60d289de5d3e3ba349d0231ec3a74c/styles/64/nl_BE/
163 KB
34 KB
Stylesheet
General
Full URL
https://b.travel-assets.com/globalcontrols-service/content/d1008e7dab60d289de5d3e3ba349d0231ec3a74c/styles/64/nl_BE/globalcontrols-min.css
Requested by
Host: www.expedia.be
URL: https://www.expedia.be/?AFFCID=BE.network.affiliatewindow.334005.2058741.68-OBS-5d65b12db9d9e68.8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8&awc=8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8&clickref=1100l6xdb3SD&src=phg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.44.207 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-44-207.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
430a7f0e8fd33efe347d825a0b23ecfb983fb486ab3b1bf9676bcd8bcd604e2c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.expedia.be/?AFFCID=BE.network.affiliatewindow.334005.2058741.68-OBS-5d65b12db9d9e68.8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8&awc=8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8&clickref=1100l6xdb3SD&src=phg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 27 Aug 2019 22:39:46 GMT
content-encoding
gzip
last-modified
Tue, 27 Aug 2019 18:50:22 GMT
server
AmazonS3
x-amz-request-id
5555636AC7EA2B2E
etag
"931bc627a80964c070d7174a0018dad7"
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
status
200
cache-control
public, max-age=1197488
accept-ranges
bytes
content-length
33939
x-amz-id-2
tDzmjzTCa3jJXTrGt2DdYsCDzjRI+V6YQcJeUGGyoa1GJT1/7YVSnqICZwYEXP0U8y8KIWgMBBY=
api.js
www.google.com/recaptcha/
762 B
621 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?hl=nl
Requested by
Host: www.expedia.be
URL: https://www.expedia.be/?AFFCID=BE.network.affiliatewindow.334005.2058741.68-OBS-5d65b12db9d9e68.8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8&awc=8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8&clickref=1100l6xdb3SD&src=phg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
e13e0198fa4443bba5b93be82c86b70fd050621305a76f903d743cea1f42d95c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.expedia.be/?AFFCID=BE.network.affiliatewindow.334005.2058741.68-OBS-5d65b12db9d9e68.8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8&awc=8318_1566945585_eb08ac42affb2faec8aaaf028f1d06d8&clickref=1100l6xdb3SD&src=phg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 27 Aug 2019 22:39:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
447
x-xss-protection
1; mode=block
expires
Tue, 27 Aug 2019 22:39:45 GMT
logo.svg
www.expedia.be/_dms/header/
0
0

user-signIn-icon.svg
a.travel-assets.com/globalcontrols-service/content/d1008e7dab60d289de5d3e3ba349d0231ec3a74c/images/
0
0

logo-iata.png
thumbnails.trvl-media.com/yLBuM1sQJxKfPZCskVzCl2t9AL0=/a.travel-assets.com/globalcontrols-service/content/static/images/
0
0

globalcontrols-min.js
c.travel-assets.com/globalcontrols-service/content/d1008e7dab60d289de5d3e3ba349d0231ec3a74c/scripts/64/nl_BE/
0
0

truncated
/
34 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
a.travel-assets.com
URL
https://a.travel-assets.com/uitoolkit/2-217/80473e801d577a526da52bbe0e9294f02c2b11d3/core/minifiedCss/brands/expedia-responsive.css
Domain
c.travel-assets.com
URL
https://c.travel-assets.com/uitoolkit/2-217/80473e801d577a526da52bbe0e9294f02c2b11d3/core/js/uitk-jquery-jstemplate-bundle-min.js
Domain
a.travel-assets.com
URL
https://a.travel-assets.com/uitoolkit/2-217/80473e801d577a526da52bbe0e9294f02c2b11d3/core/js/uitk-core-bundle-min.js
Domain
www.expedia.com
URL
https://www.expedia.com/i18n/64/nl_BE/dateTimeFormats.js?module=exp_datetimeformats&
Domain
www.expedia.be
URL
https://www.expedia.be/_dms/header/logo.svg?locale=nl_BE&siteid=64&test=b2p-yellow-header
Domain
a.travel-assets.com
URL
https://a.travel-assets.com/globalcontrols-service/content/d1008e7dab60d289de5d3e3ba349d0231ec3a74c/images/user-signIn-icon.svg
Domain
thumbnails.trvl-media.com
URL
https://thumbnails.trvl-media.com/yLBuM1sQJxKfPZCskVzCl2t9AL0=/a.travel-assets.com/globalcontrols-service/content/static/images/logo-iata.png
Domain
c.travel-assets.com
URL
https://c.travel-assets.com/globalcontrols-service/content/d1008e7dab60d289de5d3e3ba349d0231ec3a74c/scripts/64/nl_BE/globalcontrols-min.js

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| conditionizr function| modulizr function| define function| require object| html5 object| Modernizr object| $LAB

1 Cookies

Domain/Path Name / Value
www.nucash.be/ Name: PHPSESSID
Value: 2pmqvuaq1f2e092mdfdgb6r095

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.travel-assets.com
b.travel-assets.com
c.travel-assets.com
fonts.googleapis.com
prf.hn
static.orangebuddies.com
thumbnails.trvl-media.com
www.awin1.com
www.expedia.be
www.expedia.com
www.google.com
www.nucash.be
www.zenaps.com
a.travel-assets.com
c.travel-assets.com
thumbnails.trvl-media.com
www.expedia.be
www.expedia.com
104.109.83.210
2.19.44.207
2.19.44.79
2a00:1450:4001:81d::2004
2a00:1450:4001:81f::200a
2a02:21a8:0:3::ca6b:ba66
5.150.170.6
78.137.118.22
0815cdbd66dac9d4d8a6e6bcf926d202ab6a737f9129e1f23920bca84ccfb653
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
243ad223d123215b4110021bd71de7a1dc4649c69e62928da0a8b413e4233771
430a7f0e8fd33efe347d825a0b23ecfb983fb486ab3b1bf9676bcd8bcd604e2c
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
81bfc535b798aea06763ba112fd7edc6f88fee549f9e0a4a98b0cea84bef23e6
99a779654047acd8028bd65da51d08a33d8b4466cee7cefc07eaca351dc7250a
a03a0e52f0f18d00375e4358ede5ec2ab934ea7a739e916c7c1caa702833e1b2
b8d3ba10231bafb0227111c69f7d127e59f52d4203a38f4657f88ed3d12a190f
bc2d206064e6dbc975bb0bf332fb48c7af9b04187b263713b4db2f61831cb8cc
cc687bdf5607b3942dec005e11833bb91a8da508de5c383bc40db64382b321ad
d63e9dc6fe7183a21e2b64b9b0e7037a2a7a7023fa50306a76acd1c85a6881c1
e13e0198fa4443bba5b93be82c86b70fd050621305a76f903d743cea1f42d95c
ed5279e550ac7f7e7d13962a02507cc671ba8d5e41cd832edcc436687b2d1d28
ef9e14e9ccc149d0c751281d80dc6b66ad1daa2358a296bc6a780ca33a922279