www.bookspot.be Open in urlscan Pro
185.76.72.224 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.nucash.be/user/cm-l.php?sk=41e62efb2cc3ec14bc9f0553590eb74fd8b593e1&e=2176f410c860ae58ecc11504e74f62168914...
Effective URL:
https://www.bookspot.be/?utm_source=tradetracker&utm_medium=affiliates&utm_campaign=sales%2Fwerving&utm_content=63059
Submission: On June 21 via api (June 21st 2019, 10:51:24 pm UTC) from BE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 4 countries across 5 domains to perform 13 HTTP transactions. The main IP is 185.76.72.224, located in Amsterdam, Netherlands and belongs to NOVA-, NL. The main domain is www.bookspot.be.
TLS certificate: Issued by GeoTrust RSA CA 2018 on January 15th 2018. Valid for: 3 years.

This is the only time www.bookspot.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	78.137.118.22 78.137.118.22	34934 (UKFAST) (UKFAST)
4	2a02:21a8:0:3... 2a02:21a8:0:3::ca6b:ba66	61323 (SECARMA) (SECARMA)
1	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	34.247.238.67 34.247.238.67	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	185.76.72.224 185.76.72.224	201402 (NOVA-) (NOVA-)
13	4

5 78.137.118.22 (United Kingdom)

ASN34934 (UKFAST, GB)
PTR: 78.137.118.22.srvlist.ukfast.net

www.nucash.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:21a8:0:3::ca6b:ba66 (United Kingdom)

ASN61323 (SECARMA, GB)

static.orangebuddies.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.238.67 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-247-238-67.eu-west-1.compute.amazonaws.com

tc.tradetracker.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.76.72.224 (Amsterdam, Netherlands)

ASN201402 (NOVA-, NL)

www.bookspot.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	nucash.be www.nucash.be	41 KB
4	orangebuddies.com static.orangebuddies.com	130 KB
3	bookspot.be www.bookspot.be	33 KB
1	tradetracker.net 1 redirects tc.tradetracker.net	938 B
1	googleapis.com fonts.googleapis.com	546 B
13	5

	Domain	Requested by
5	www.nucash.be	www.nucash.be
4	static.orangebuddies.com	www.nucash.be
3	www.bookspot.be	www.bookspot.be
1	tc.tradetracker.net	1 redirects
1	fonts.googleapis.com	www.nucash.be
13	5

This site contains no links.

Subject Issuer	Validity	Valid
www.cashbackkorting.nl Sectigo RSA Domain Validation Secure Server CA	`2019-05-06` - `2021-05-21`	2 years	crt.sh
static.orangebuddies.com Sectigo RSA Domain Validation Secure Server CA	`2019-06-17` - `2021-06-17`	2 years	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh
*.bookspot.be GeoTrust RSA CA 2018	`2018-01-15` - `2021-01-14`	3 years	crt.sh

This page contains 2 frames:

Primary Page: https://www.bookspot.be/?utm_source=tradetracker&utm_medium=affiliates&utm_campaign=sales%2Fwerving&utm_content=63059
Frame ID: 2F090D92529821D643C6152C18296A11
Requests: 4 HTTP requests in this frame

Frame: https://www.nucash.be/user/cashmail_text.php?storeid=80391
Frame ID: CE1B53F86690CD5A1B585EFF79A956F4
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.nucash.be/user/cm-l.php?sk=41e62efb2cc3ec14bc9f0553590eb74fd8b593e1&e=2176f410c860ae58... Page URL
http://tc.tradetracker.net/?c=15315&m=1292117&a=63059&r=68-OBS-5d0d5f5c0e8be68 HTTP 301
https://www.bookspot.be/?utm_source=tradetracker&utm_medium=affiliates&utm_campaign=sales%2Fwerving&... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

13
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

4
IPs

4
Countries

205 kB
Transfer

457 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.nucash.be/user/cm-l.php?sk=41e62efb2cc3ec14bc9f0553590eb74fd8b593e1&e=2176f410c860ae58ecc11504e74f621689143fe1-17074&ic=7 Page URL
http://tc.tradetracker.net/?c=15315&m=1292117&a=63059&r=68-OBS-5d0d5f5c0e8be68 HTTP 301
https://www.bookspot.be/?utm_source=tradetracker&utm_medium=affiliates&utm_campaign=sales%2Fwerving&utm_content=63059 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set cm-l.php Show response
www.nucash.be/user/ 841 B
1 KB 641ms
576ms Document
text/html 78.137.118.22
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nucash.be/user/cm-l.php?sk=41e62efb2cc3ec14bc9f0553590eb74fd8b593e1&e=2176f410c860ae58ecc11504e74f621689143fe1-17074&ic=7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

78.137.118.22 , United Kingdom, ASN34934 (UKFAST, GB),

Reverse DNS

78.137.118.22.srvlist.ukfast.net

Software

nginx /

Resource Hash

1ed9ea4f6e224bad50185ae959a500ab53401801d514e1a27820fddb9db66ef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.nucash.be
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Fri, 21 Jun 2019 22:50:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 486
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Xss-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Set-Cookie: PHPSESSID=5pqo23u7kkve7l324jggdae0m1; path=/; secure; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK cashmail_text.php Show response
www.nucash.be/user/ Frame CE1B 4 KB
2 KB 699ms
698ms Document
text/html 78.137.118.22
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nucash.be/user/cashmail_text.php?storeid=80391

Requested by

Host: www.nucash.be
URL: https://www.nucash.be/user/cm-l.php?sk=41e62efb2cc3ec14bc9f0553590eb74fd8b593e1&e=2176f410c860ae58ecc11504e74f621689143fe1-17074&ic=7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

78.137.118.22 , United Kingdom, ASN34934 (UKFAST, GB),

Reverse DNS

78.137.118.22.srvlist.ukfast.net

Software

nginx / PHP/5.6.25

Resource Hash

c3ea99997cf5db5165ca0d620d04e52c960520841b0c1d90b1468bb61368dcae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.nucash.be
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://www.nucash.be/user/cm-l.php?sk=41e62efb2cc3ec14bc9f0553590eb74fd8b593e1&e=2176f410c860ae58ecc11504e74f621689143fe1-17074&ic=7
Accept-Encoding: gzip, deflate, br
Cookie: PHPSESSID=5pqo23u7kkve7l324jggdae0m1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.nucash.be/user/cm-l.php?sk=41e62efb2cc3ec14bc9f0553590eb74fd8b593e1&e=2176f410c860ae58ecc11504e74f621689143fe1-17074&ic=7

Response headers

Server: nginx
Date: Fri, 21 Jun 2019 22:50:39 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 1381
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Xss-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/5.6.25
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

GET
H2 200 layout.css
static.orangebuddies.com/templates/www.nucash.be/march16/css/ Frame CE1B 243 KB
51 KB 102ms
56ms Stylesheet
text/css 2a02:21a8:0:3::ca6b:ba66
SECARMA

General

Check archive.org

Show headers Download Go to

Full URL: https://static.orangebuddies.com/templates/www.nucash.be/march16/css/layout.css
Requested by: Host: www.nucash.be
URL: https://www.nucash.be/user/cashmail_text.php?storeid=80391
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
Software: nginx/1.4.7 /
Resource Hash: 231e2f24124364cc1fa682d5d9010550d47d3f253c657b90048c6ff561f57a11

Request headers

Referer: https://www.nucash.be/user/cashmail_text.php?storeid=80391
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 21 Jun 2019 22:51:05 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2019 07:20:08 GMT
server: nginx/1.4.7
access-control-allow-origin: *
vary: Accept-Encoding
content-type: text/css
status: 200

GET
H/1.1 200
OK exit-page-cbk-new.css
www.nucash.be/general.assets/css/ Frame CE1B 2 KB
1 KB 40ms
39ms Stylesheet
text/css 78.137.118.22
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nucash.be/general.assets/css/exit-page-cbk-new.css

Requested by

Host: www.nucash.be
URL: https://www.nucash.be/user/cashmail_text.php?storeid=80391

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

78.137.118.22 , United Kingdom, ASN34934 (UKFAST, GB),

Reverse DNS

78.137.118.22.srvlist.ukfast.net

Software

nginx /

Resource Hash

ed5279e550ac7f7e7d13962a02507cc671ba8d5e41cd832edcc436687b2d1d28

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nucash.be/user/cashmail_text.php?storeid=80391
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Jun 2019 22:50:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Feb 2018 05:23:00 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
Accept-Ranges: bytes
Content-Length: 706
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.min.js Show response
www.nucash.be/general.assets/js/ Frame CE1B 91 KB
33 KB 204ms
163ms Script
text/javascript 78.137.118.22
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nucash.be/general.assets/js/jquery.min.js

Requested by

Host: www.nucash.be
URL: https://www.nucash.be/user/cashmail_text.php?storeid=80391

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

78.137.118.22 , United Kingdom, ASN34934 (UKFAST, GB),

Reverse DNS

78.137.118.22.srvlist.ukfast.net

Software

nginx /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nucash.be/user/cashmail_text.php?storeid=80391
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Jun 2019 22:50:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Feb 2018 05:23:00 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
Accept-Ranges: bytes
Content-Length: 33430
X-Xss-Protection: 1; mode=block

GET
H2 200 logo.png
static.orangebuddies.com/templates/www.nucash.be/march16/assets/ Frame CE1B 21 KB
21 KB 114ms
69ms Image
image/png 2a02:21a8:0:3::ca6b:ba66
SECARMA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.orangebuddies.com/templates/www.nucash.be/march16/assets/logo.png
Requested by: Host: www.nucash.be
URL: https://www.nucash.be/user/cashmail_text.php?storeid=80391
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
Software: nginx/1.4.7 /
Resource Hash: 81bfc535b798aea06763ba112fd7edc6f88fee549f9e0a4a98b0cea84bef23e6

Request headers

Referer: https://www.nucash.be/user/cashmail_text.php?storeid=80391
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 21 Jun 2019 22:51:05 GMT
last-modified: Wed, 02 Nov 2016 07:31:45 GMT
server: nginx/1.4.7
access-control-allow-origin: *
etag: "58199661-5511"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 21777

GET
H2 200 80391.jpg
static.orangebuddies.com/image/stores/ Frame CE1B 6 KB
7 KB 101ms
57ms Image
image/jpeg 2a02:21a8:0:3::ca6b:ba66
SECARMA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.orangebuddies.com/image/stores/80391.jpg
Requested by: Host: www.nucash.be
URL: https://www.nucash.be/user/cashmail_text.php?storeid=80391
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
Software: nginx/1.4.7 /
Resource Hash: 38fa2fd74f0388170521aab4075a602dc4ae349e0631b2a3bf49053a2f210b08

Request headers

Referer: https://www.nucash.be/user/cashmail_text.php?storeid=80391
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 21 Jun 2019 22:51:05 GMT
last-modified: Fri, 09 Mar 2018 14:45:07 GMT
server: nginx/1.4.7
access-control-allow-origin: *
etag: "5aa29df3-19eb"
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 6635

GET
H2 200 41290-ExitPage468x60.jpg
static.orangebuddies.com/image/banners/ Frame CE1B 51 KB
51 KB 25ms
25ms Image
image/jpeg 2a02:21a8:0:3::ca6b:ba66
SECARMA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.orangebuddies.com/image/banners/41290-ExitPage468x60.jpg
Requested by: Host: www.nucash.be
URL: https://www.nucash.be/user/cashmail_text.php?storeid=80391
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
Software: nginx/1.4.7 /
Resource Hash: 3aa09e3a08f7ac8bea3fc59326562a91b727421c1adb1f0af9a02e3006514b8d

Request headers

Referer: https://www.nucash.be/user/cashmail_text.php?storeid=80391
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 21 Jun 2019 22:51:05 GMT
last-modified: Wed, 17 Apr 2019 13:19:46 GMT
server: nginx/1.4.7
access-control-allow-origin: *
etag: "5cb727f2-cb09"
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 51977

GET
H2 200 css
fonts.googleapis.com/ Frame CE1B 2 KB
546 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:81e::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans+Narrow

Requested by

Host: www.nucash.be
URL: https://www.nucash.be/user/cashmail_text.php?storeid=80391

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

71ce8fc7d2207e9fc8c455121b8c45e6cc0a68313c88bc2beee5b3818c44dbb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.nucash.be/user/cashmail_text.php?storeid=80391
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 21 Jun 2019 22:51:08 GMT
server: ESF
access-control-allow-origin: *
date: Fri, 21 Jun 2019 22:51:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Fri, 21 Jun 2019 22:51:08 GMT

GET
H/1.1 200
OK bar-loading.gif
www.nucash.be/general.assets/images/ Frame CE1B 3 KB
4 KB 39ms
38ms Image
image/gif 78.137.118.22
UKFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nucash.be/general.assets/images/bar-loading.gif

Requested by

Host: www.nucash.be
URL: https://www.nucash.be/general.assets/js/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

78.137.118.22 , United Kingdom, ASN34934 (UKFAST, GB),

Reverse DNS

78.137.118.22.srvlist.ukfast.net

Software

nginx /

Resource Hash

a03a0e52f0f18d00375e4358ede5ec2ab934ea7a739e916c7c1caa702833e1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nucash.be/general.assets/css/exit-page-cbk-new.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Jun 2019 22:50:39 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000, public, must-revalidate
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
Accept-Ranges: bytes
Content-Length: 3161
X-Xss-Protection: 1; mode=block

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.bookspot.be/
Redirect Chain

http://tc.tradetracker.net/?c=15315&m=1292117&a=63059&r=68-OBS-5d0d5f5c0e8be68
https://www.bookspot.be/?utm_source=tradetracker&utm_medium=affiliates&utm_campaign=sales%2Fwerving&utm_content=63059

1018 B
1 KB

130ms
20ms

Document
text/html

185.76.72.224
NOVA-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookspot.be/?utm_source=tradetracker&utm_medium=affiliates&utm_campaign=sales%2Fwerving&utm_content=63059
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.76.72.224 Amsterdam, Netherlands, ASN201402 (NOVA-, NL),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 95a9c5d9b066b249774f23d101d0536d716761e22e2fc97f0695176cc430c5ab

Request headers

Host: www.bookspot.be
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: text/html
Last-Modified: Thu, 24 Jan 2019 11:47:00 GMT
Accept-Ranges: bytes
ETag: "c2cb5984dab3d41:0"
Server: Microsoft-IIS/8.5
Date: Fri, 21 Jun 2019 22:51:11 GMT
Content-Length: 1018
Set-Cookie: ServerID=srv-uoQlAGeX3OpcrLweVtVXvA|XQ1fY; path=/
Cache-control: private

Redirect headers

Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=utf-8
Date: Fri, 21 Jun 2019 22:51:12 GMT
Location: https://www.bookspot.be/?utm_source=tradetracker&utm_medium=affiliates&utm_campaign=sales%2Fwerving&utm_content=63059
P3P: CP="ALL PUR DSP CUR ADMi DEVi CONi OUR COR IND", policyref="http://tc.tradetracker.net/public/w3c/p3p.xml"
Server: nginx
Set-Cookie: uf=3xzddZ8MS0OCj3YopA30%2Bo0FTcbEDSLRP8eOCajMWDM49DTsHYKVS1tSUqx%2F%2B%2FG%2F19cmowkg88c%3D; expires=Sun, 21-Jun-2020 22:51:12 GMT; Max-Age=31622400; path=/; domain=.tradetracker.net __tdat15315=MTU2MTE1NzQ3Mjo6MTI5MjExNzo6NjMwNTk6OjY4LU9CUy01ZDBkNWY1YzBlOGJlNjg6OmY6OmE0ZGIyYjE0NjdjYzA1NGY2ZjA3ZDY3MDY5NWI3N2Vj; expires=Sun, 21-Jul-2019 22:51:12 GMT; Max-Age=2592000; path=/; domain=.tradetracker.net
X-Powered-By: PHP/7.1.30-1+ubuntu18.04.1+deb.sury.org+1
Content-Length: 0
Connection: keep-alive

GET
H/1.1 200
OK style.css
www.bookspot.be/ 780 B
1003 B 19ms
18ms Stylesheet
text/css 185.76.72.224
NOVA-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookspot.be/style.css
Requested by: Host: www.bookspot.be
URL: https://www.bookspot.be/?utm_source=tradetracker&utm_medium=affiliates&utm_campaign=sales%2Fwerving&utm_content=63059
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.76.72.224 Amsterdam, Netherlands, ASN201402 (NOVA-, NL),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 437b77d2a906e044443439a5445193da45bc68b66d7ea8c6299133c2052447d1

Request headers

Referer: https://www.bookspot.be/?utm_source=tradetracker&utm_medium=affiliates&utm_campaign=sales%2Fwerving&utm_content=63059
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Jun 2019 22:51:11 GMT
Last-Modified: Thu, 04 Oct 2018 08:11:12 GMT
Server: Microsoft-IIS/8.5
Accept-Ranges: bytes
ETag: "ef3bb5d0b95bd41:0"
Content-Length: 780
Content-Type: text/css

GET
H/1.1 200
OK bookspot-logo.png
www.bookspot.be/img/ 31 KB
31 KB 39ms
19ms Image
image/png 185.76.72.224
NOVA-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bookspot.be/img/bookspot-logo.png
Requested by: Host: www.bookspot.be
URL: https://www.bookspot.be/?utm_source=tradetracker&utm_medium=affiliates&utm_campaign=sales%2Fwerving&utm_content=63059
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.76.72.224 Amsterdam, Netherlands, ASN201402 (NOVA-, NL),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 81067cd76c90ad96fd93c2fc9dd04d591e8c90cc282d62336c45f6fe7da42a4d

Request headers

Referer: https://www.bookspot.be/?utm_source=tradetracker&utm_medium=affiliates&utm_campaign=sales%2Fwerving&utm_content=63059
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Jun 2019 22:51:11 GMT
Last-Modified: Thu, 04 Oct 2018 07:13:35 GMT
Server: Microsoft-IIS/8.5
Accept-Ranges: bytes
ETag: "6e30c4b15bd41:0"
Content-Length: 31560
Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.bookspot.be/	1969-12-31 23:59:59	Name: ServerID Value: srv-uoQlAGeX3OpcrLweVtVXvA\|XQ1fY

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
static.orangebuddies.com
tc.tradetracker.net
www.bookspot.be
www.nucash.be
185.76.72.224
2a00:1450:4001:81e::200a
2a02:21a8:0:3::ca6b:ba66
34.247.238.67
78.137.118.22
1ed9ea4f6e224bad50185ae959a500ab53401801d514e1a27820fddb9db66ef5
231e2f24124364cc1fa682d5d9010550d47d3f253c657b90048c6ff561f57a11
38fa2fd74f0388170521aab4075a602dc4ae349e0631b2a3bf49053a2f210b08
3aa09e3a08f7ac8bea3fc59326562a91b727421c1adb1f0af9a02e3006514b8d
437b77d2a906e044443439a5445193da45bc68b66d7ea8c6299133c2052447d1
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
71ce8fc7d2207e9fc8c455121b8c45e6cc0a68313c88bc2beee5b3818c44dbb2
81067cd76c90ad96fd93c2fc9dd04d591e8c90cc282d62336c45f6fe7da42a4d
81bfc535b798aea06763ba112fd7edc6f88fee549f9e0a4a98b0cea84bef23e6
95a9c5d9b066b249774f23d101d0536d716761e22e2fc97f0695176cc430c5ab
a03a0e52f0f18d00375e4358ede5ec2ab934ea7a739e916c7c1caa702833e1b2
c3ea99997cf5db5165ca0d620d04e52c960520841b0c1d90b1468bb61368dcae
ed5279e550ac7f7e7d13962a02507cc671ba8d5e41cd832edcc436687b2d1d28

www.bookspot.be Open in urlscan Pro 185.76.72.224 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

40 %IPv6

5 Domains

5 Subdomains

4 IPs

4 Countries

205 kBTransfer

457 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

www.bookspot.be Open in urlscan Pro
185.76.72.224 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

4
IPs

4
Countries

205 kB
Transfer

457 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions