www.imprimezmoinscher.be Open in urlscan Pro
213.186.33.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
Submission: On January 26 via api (January 26th 2021, 2:25:18 am UTC) from IE

Summary HTTP 43 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 10 domains to perform 43 HTTP transactions. The main IP is 213.186.33.3, located in France and belongs to OVH, FR. The main domain is www.imprimezmoinscher.be.
TLS certificate: Issued by R3 on January 17th 2021. Valid for: 3 months.

This is the only time www.imprimezmoinscher.be was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Western Union (Banking)

Domain & IP information

	IP Address	AS Autonomous System
21	213.186.33.3 213.186.33.3	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:6c0... 2a02:26f0:6c00:28a::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:206... 2600:9000:206f:9e00:12:601f:a940:93a1	16509 (AMAZON-02) (AMAZON-02)
3	52.213.168.74 52.213.168.74	16509 (AMAZON-02) (AMAZON-02)
2 6	108.128.13.248 108.128.13.248	16509 (AMAZON-02) (AMAZON-02)
3	65.9.67.59 65.9.67.59	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	65.9.67.4 65.9.67.4	16509 (AMAZON-02) (AMAZON-02)
1	52.22.86.95 52.22.86.95	14618 (AMAZON-AES) (AMAZON-AES)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:1901:0:d... 2600:1901:0:d1c::	15169 (GOOGLE) (GOOGLE)
43	12

21 213.186.33.3 (France)

ASN16276 (OVH, FR)
PTR: cluster015.ovh.net

www.imprimezmoinscher.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:28a::1e80 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:9e00:12:601f:a940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.213.168.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-168-74.eu-west-1.compute.amazonaws.com

westernunion.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.128.13.248 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-13-248.eu-west-1.compute.amazonaws.com

westernunion.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.67.59 (Seattle, United States)

ASN16509 (AMAZON-02, US)

www.cdn-net.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.67.4 (Seattle, United States)

ASN16509 (AMAZON-02, US)

cdn.cformanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.86.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-86-95.compute-1.amazonaws.com

westernunion.evergage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:d1c:: (United States)

ASN15169 (GOOGLE, US)

six.cdn-net.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	imprimezmoinscher.be www.imprimezmoinscher.be	300 KB
6	demdex.net 2 redirects westernunion.demdex.net	5 KB
4	cdn-net.com www.cdn-net.com six.cdn-net.com	41 KB
4	omtrdc.net cdn.tt.omtrdc.net westernunion.tt.omtrdc.net	46 KB
4	adobedtm.com assets.adobedtm.com	47 KB
2	facebook.net connect.facebook.net	31 KB
1	facebook.com www.facebook.com	258 B
1	evergage.com westernunion.evergage.com
1	cformanalytics.com cdn.cformanalytics.com
1	googletagmanager.com www.googletagmanager.com	40 KB
43	10

	Domain	Requested by
21	www.imprimezmoinscher.be	www.imprimezmoinscher.be
6	westernunion.demdex.net	2 redirects www.imprimezmoinscher.be
4	assets.adobedtm.com	www.imprimezmoinscher.be
3	www.cdn-net.com	www.imprimezmoinscher.be www.cdn-net.com
3	westernunion.tt.omtrdc.net	assets.adobedtm.com www.imprimezmoinscher.be
2	connect.facebook.net	www.imprimezmoinscher.be connect.facebook.net
1	six.cdn-net.com	www.cdn-net.com
1	www.facebook.com	www.imprimezmoinscher.be
1	westernunion.evergage.com	www.imprimezmoinscher.be
1	cdn.cformanalytics.com	www.imprimezmoinscher.be
1	cdn.tt.omtrdc.net	assets.adobedtm.com
1	www.googletagmanager.com	www.imprimezmoinscher.be
43	12

This site contains links to these domains. Also see Links.

Domain
www.westernunion.com
corporate.westernunion.com
blog.westernunion.com
ir.westernunion.com
foundation.westernunion.com
agentportal.westernunion.com
payments.westernunion.com
sealserver.trustkeeper.net
www.trustlogo.com
www.bbb.org

Subject Issuer	Validity	Valid
imprimezmoinscher.be R3	`2021-01-17` - `2021-04-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA	`2019-10-22` - `2021-10-01`	2 years	crt.sh
*.tt.omtrdc.net DigiCert SHA2 Secure Server CA	`2020-11-02` - `2021-11-09`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.cdn-net.com Amazon	`2019-12-29` - `2021-01-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
*.cformanalytics.com Go Daddy Secure Certificate Authority - G2	`2020-04-23` - `2021-05-30`	a year	crt.sh
*.evergage.com Amazon	`2020-03-05` - `2021-04-05`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
Frame ID: 6B96B67A28B0CFCEDA0F83048037973D
Requests: 40 HTTP requests in this frame

Frame: https://www.imprimezmoinscher.be/.well-known/wu/login-rp_files/dest4.html
Frame ID: 4152F10A932A492053A8F63EA4456098
Requests: 1 HTTP requests in this frame

Frame: https://westernunion.demdex.net/dest4.html?d_nsid=0
Frame ID: 70443BC48B814AEDBE5EC53CF48BF3F2
Requests: 1 HTTP requests in this frame

Frame: https://www.cdn-net.com/s2?t=AdP5Wo8h6Eo5%2FTdCiJdkEK8C&x=1&sid=024b508b-b9db-4bdf-b781-59267acf78f3&tid=
Frame ID: A0BFEA44E003041C137A88589B529ACC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

43
Requests

100 %
HTTPS

50 %
IPv6

10
Domains

12
Subdomains

12
IPs

5
Countries

510 kB
Transfer

1766 kB
Size

0
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://www.westernunion.com/us/en/home.html

Search URL Search Domain Scan URL

URL: https://www.westernunion.com/us/en/wu/login-rp.html
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://www.westernunion.com/us/en/wu/registration-login.html
Title: Sign Up

Search URL Search Domain Scan URL

URL: http://corporate.westernunion.com/index.html
Title: About us

Search URL Search Domain Scan URL

URL: https://www.westernunion.com/us/en/customer-care.html
Title: Contact us

Search URL Search Domain Scan URL

URL: http://blog.westernunion.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.westernunion.com/us/en/contactus/cc-faqs.html
Title: Help

Search URL Search Domain Scan URL

URL: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html
Title: Fraud Awareness

Search URL Search Domain Scan URL

URL: http://ir.westernunion.com/investor-relations/default.aspx
Title: Investor relations

Search URL Search Domain Scan URL

URL: http://corporate.westernunion.com/careers.html
Title: Careers

Search URL Search Domain Scan URL

URL: http://foundation.westernunion.com/
Title: Western Union Foundation

Search URL Search Domain Scan URL

URL: http://ir.westernunion.com/News/Press-Releases/default.aspx
Title: News

Search URL Search Domain Scan URL

URL: https://agentportal.westernunion.com/ap/agentregister.do?pid=usFtBecomeAgent
Title: Become an agent

Search URL Search Domain Scan URL

URL: http://payments.westernunion.com/
Title: Payment Solutions

Search URL Search Domain Scan URL

URL: https://www.westernunion.com/us/en/intellectual-property.html
Title: Intellectual property

Search URL Search Domain Scan URL

URL: https://www.westernunion.com/us/en/privacy-statement.html
Title: Online privacy statement

Search URL Search Domain Scan URL

URL: http://ir.westernunion.com/investor-relations/corporate-governance/state-licensing/default.aspx
Title: State licensing

Search URL Search Domain Scan URL

URL: https://www.westernunion.com/us/en/file-complaint.html
Title: File a complaint

Search URL Search Domain Scan URL

URL: https://www.westernunion.com/content/dam/wu/us-spanish/PDF/US-Subpoena.pdf
Title: Law Enforcement Subpoena Information

Search URL Search Domain Scan URL

URL: https://www.westernunion.com/us/en/terms-conditions.html
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.westernunion.com/us/en/site-map.html
Title: Site map

Search URL Search Domain Scan URL

URL: https://sealserver.trustkeeper.net/cert.php?customerId=x4izAYufDNOhByusmKtmg3XmHPZqDb&size=105x54&style=normal

Search URL Search Domain Scan URL

URL: http://www.trustlogo.com/ttb_searcher/trustlogo?v_querytype=W&v_shortname=SC5&v_search=http://westernunion.com/Home&x=6&y=5

Search URL Search Domain Scan URL

URL: http://www.bbb.org/denver/business-reviews/money-orders-and-transfers/the-western-union-company-in-englewood-co-1988

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://westernunion.demdex.net/event?d_stuff=1&d_dst=1&d_rtbd=json&d_cts=1&d_cb=aam_tnt_cb HTTP 302
https://westernunion.demdex.net/firstevent?d_stuff=1&d_dst=1&d_rtbd=json&d_cts=1&d_cb=aam_tnt_cb

Request Chain 40

https://westernunion.demdex.net/event?d_nsid=0&d_ld=_ts%3D1611627902509&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_0_1611627902509 HTTP 302
https://westernunion.demdex.net/firstevent?d_nsid=0&d_ld=_ts%3D1611627902509&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_0_1611627902509

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request login-rp.html Show response
www.imprimezmoinscher.be/.well-known/wu/ 35 KB
10 KB 165ms
42ms Document
text/html 213.186.33.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.186.33.3 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster015.ovh.net
Software: Apache /
Resource Hash: 08f27c92540c9295b47fb901f136386f945f55bc8cc09ec5b93563c5624b0111

Request headers

:method: GET
:authority: www.imprimezmoinscher.be
:scheme: https
:path: /.well-known/wu/login-rp.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 02:25:00 GMT
content-type: text/html
content-length: 9964
server: Apache
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip

GET
H2 200 responsive_css.css
www.imprimezmoinscher.be/.well-known/wu/login-rp_files/ 231 KB
35 KB 69ms
68ms Stylesheet
text/css 213.186.33.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp_files/responsive_css.css
Requested by: Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.186.33.3 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster015.ovh.net
Software: Apache /
Resource Hash: c248c8cfc74a058e8d2bb209aeb080aa412074b65344ba97f402b08d5272b619

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 02:25:00 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2016 10:29:02 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: none
content-length: 35703
expires: Tue, 02 Feb 2021 02:25:00 GMT

GET
H2 200 dil-contents-f57e26e5c710446bcf01da9197ac332785a7426f.js Show response
www.imprimezmoinscher.be/.well-known/wu/login-rp_files/ 28 KB
10 KB 41ms
40ms Script
application/javascript 213.186.33.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp_files/dil-contents-f57e26e5c710446bcf01da9197ac332785a7426f.js
Requested by: Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.186.33.3 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster015.ovh.net
Software: Apache /
Resource Hash: 8aa1d3bd02f2383739d5052646f1419e6a3e61672d3d42a729d758d6da892345

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 02:25:00 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2016 10:29:02 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: none
content-length: 10180
expires: Tue, 02 Feb 2021 02:25:00 GMT

GET
H2 200 s-code-contents-611455a1953fab3d58599ed4ce0cdb6f9e7cc83c.js Show response
www.imprimezmoinscher.be/.well-known/wu/login-rp_files/ 50 KB
19 KB 45ms
44ms Script
application/javascript 213.186.33.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp_files/s-code-contents-611455a1953fab3d58599ed4ce0cdb6f9e7cc83c.js
Requested by: Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.186.33.3 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster015.ovh.net
Software: Apache /
Resource Hash: f1b966dbf0541060fff339e1487b443c5efbaed88e75dc3110be01b0df550432

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 02:25:00 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2016 10:29:02 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: none
content-length: 19024
expires: Tue, 02 Feb 2021 02:25:00 GMT

GET
H2 200 satellite-54fe9e0d34376400190a0700.js Show response
www.imprimezmoinscher.be/.well-known/wu/login-rp_files/ 1 KB
837 B 40ms
39ms Script
application/javascript 213.186.33.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp_files/satellite-54fe9e0d34376400190a0700.js
Requested by: Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.186.33.3 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster015.ovh.net
Software: Apache /
Resource Hash: b123a6d72fea598cc2b96198d30d9f5d9b0a2d6b2f0be048895f860bd1af7d66

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 02:25:00 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2016 10:29:02 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: none
content-length: 613
expires: Tue, 02 Feb 2021 02:25:00 GMT

GET
H2 200 cfwu.js Show response
www.imprimezmoinscher.be/.well-known/wu/login-rp_files/ 35 KB
13 KB 46ms
45ms Script
application/javascript 213.186.33.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp_files/cfwu.js
Requested by: Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.186.33.3 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster015.ovh.net
Software: Apache /
Resource Hash: 3b08e63eab03c9ed7de86a3eae66cc549322a9eea823b6b4018a2ce502960133

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 02:25:01 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2016 10:29:02 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: none
content-length: 13278
expires: Tue, 02 Feb 2021 02:25:01 GMT

GET
H2 200 logo_wu.png
www.imprimezmoinscher.be/.well-known/wu/login-rp_files/ 4 KB
4 KB 43ms
42ms Image
image/png 213.186.33.3
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp_files/logo_wu.png
Requested by: Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.186.33.3 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster015.ovh.net
Software: Apache /
Resource Hash: 281b8ca8f6b45042883032eaa47a206ab5f503dbcf8a0c375340701b9ef560a2

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 02:25:01 GMT
last-modified: Wed, 13 Apr 2016 10:29:02 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4402
expires: Thu, 25 Feb 2021 02:25:01 GMT

GET
H2 200 wu_responsive_signIn.js Show response
www.imprimezmoinscher.be/.well-known/wu/login-rp_files/ 56 KB
10 KB 40ms
40ms Script
application/javascript 213.186.33.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp_files/wu_responsive_signIn.js
Requested by: Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.186.33.3 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster015.ovh.net
Software: Apache /
Resource Hash: 72e844ac57230b4206087a556a247f97a028a1d0fff486274f0de5c55b2b9c8e

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 02:25:00 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2016 10:29:02 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: none
content-length: 9829
expires: Tue, 02 Feb 2021 02:25:00 GMT

GET
H2 200 stylesheet_registration.css
www.imprimezmoinscher.be/.well-known/wu/login-rp_files/ 21 KB
7 KB 40ms
39ms Stylesheet
text/css 213.186.33.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp_files/stylesheet_registration.css
Requested by: Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.186.33.3 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster015.ovh.net
Software: Apache /
Resource Hash: 891d74f14a4a8f005c850aca240c9db5f7f9cdf93dfa32b12dfc52606ff3f2b6

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 02:25:01 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2016 10:29:02 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: none
content-length: 6480
expires: Tue, 02 Feb 2021 02:25:01 GMT

GET
H2 200 false
www.imprimezmoinscher.be/.well-known/wu/login-rp_files/ 462 B
462 B 45ms
44ms Image
text/html 213.186.33.3
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp_files/false
Requested by: Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.186.33.3 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster015.ovh.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 02:25:01 GMT
last-modified: Wed, 13 Apr 2016 10:29:02 GMT
server: Apache
accept-ranges: bytes
content-length: 462

GET
H2 200 WUAnalyticEventCapture.js Show response
www.imprimezmoinscher.be/.well-known/wu/login-rp_files/ 70 KB
12 KB 48ms
47ms Script
application/javascript 213.186.33.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp_files/WUAnalyticEventCapture.js
Requested by: Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.186.33.3 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster015.ovh.net
Software: Apache /
Resource Hash: b31c5969e2a8a80aa727f122c3cfec0ed42bc8dc120426c98cf7026633f65bb2

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 02:25:01 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2016 10:29:02 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: none
content-length: 11684
expires: Tue, 02 Feb 2021 02:25:01 GMT

GET
H2 200 satelliteLib-4566baaf849b14458bd620386f4a90b0ed039480.js Show response
www.imprimezmoinscher.be/.well-known/wu/login-rp_files/ 240 KB
39 KB 51ms
48ms Script
application/javascript 213.186.33.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp_files/satelliteLib-4566baaf849b14458bd620386f4a90b0ed039480.js
Requested by: Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.186.33.3 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster015.ovh.net
Software: Apache /
Resource Hash: 71c73d9e213ebbdd6960a4f2ae147cec0e6583c8aa1f7e9591236aba376d90a4

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 02:25:01 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2016 10:29:02 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: none
content-length: 39374
expires: Tue, 02 Feb 2021 02:25:01 GMT

GET
H2 200 mbox-contents-b325a4b1bd08e3c97502ade49f87673c155f4e59.js Show response
www.imprimezmoinscher.be/.well-known/wu/login-rp_files/ 33 KB
9 KB 44ms
41ms Script
application/javascript 213.186.33.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp_files/mbox-contents-b325a4b1bd08e3c97502ade49f87673c155f4e59.js
Requested by: Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.186.33.3 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster015.ovh.net
Software: Apache /
Resource Hash: 72cf95ea7fef01ad2142f3b96bbd9b574dca57180b62d5fb1f2828429b843041

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 02:25:01 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2016 10:29:02 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: none
content-length: 8863
expires: Tue, 02 Feb 2021 02:25:01 GMT

GET
H2 200 target.js Show response
www.imprimezmoinscher.be/.well-known/wu/login-rp_files/ 41 KB
14 KB 45ms
43ms Script
application/javascript 213.186.33.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp_files/target.js
Requested by: Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.186.33.3 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster015.ovh.net
Software: Apache /
Resource Hash: ec082a8c81ac5b2d8f58db69fa9cdb3f90a2451658d1a52c20d0cfcdf46fcad3

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 02:25:01 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2016 10:29:02 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: none
content-length: 13889
expires: Tue, 02 Feb 2021 02:25:01 GMT

GET
H2 200 standard Show response
www.imprimezmoinscher.be/.well-known/wu/login-rp_files/ 6 KB
6 KB 42ms
40ms Script
text/plain 213.186.33.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp_files/standard
Requested by: Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.186.33.3 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster015.ovh.net
Software: Apache /
Resource Hash: dc7c758d37ecf2a1fb87d459d599b6009fb3271b547b8a0a5ac9ed6699be0dc6

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 02:25:01 GMT
last-modified: Wed, 13 Apr 2016 10:29:02 GMT
server: Apache
accept-ranges: bytes
content-length: 6307

GET
H2 200 event(1) Show response
www.imprimezmoinscher.be/.well-known/wu/login-rp_files/ 157 B
277 B 42ms
40ms Script
text/plain 213.186.33.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp_files/event(1)
Requested by: Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.186.33.3 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster015.ovh.net
Software: Apache /
Resource Hash: 92dd5da4a7026675a4b94d98918ecafb8c9f66e856cf4cc4f57f2265fa4d5a59

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 02:25:01 GMT
last-modified: Wed, 13 Apr 2016 10:29:04 GMT
server: Apache
accept-ranges: bytes
content-length: 157

GET
H2 200 standard(1) Show response
www.imprimezmoinscher.be/.well-known/wu/login-rp_files/ 994 B
1 KB 42ms
40ms Script
text/plain 213.186.33.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp_files/standard(1)
Requested by: Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.186.33.3 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster015.ovh.net
Software: Apache /
Resource Hash: bc937208633a41cd740bc71e0f082afe1d406aa37a58bfd569cad32a08bfaaef

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 02:25:01 GMT
last-modified: Wed, 13 Apr 2016 10:29:04 GMT
server: Apache
accept-ranges: bytes
content-length: 994

GET
H2 200 satellite-5323054662902475d30005e7.js Show response
www.imprimezmoinscher.be/.well-known/wu/login-rp_files/ 2 KB
795 B 43ms
41ms Script
application/javascript 213.186.33.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp_files/satellite-5323054662902475d30005e7.js
Requested by: Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.186.33.3 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster015.ovh.net
Software: Apache /
Resource Hash: a67abe2a19544a2532c9d0a42e622ebb7b265c8b95446bd9d3399b13888cfc93

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 02:25:01 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2016 10:29:04 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: none
content-length: 571
expires: Tue, 02 Feb 2021 02:25:01 GMT

GET
H2 200 evergage.min.js Show response
www.imprimezmoinscher.be/.well-known/wu/login-rp_files/ 424 KB
105 KB 65ms
63ms Script
application/javascript 213.186.33.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp_files/evergage.min.js
Requested by: Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.186.33.3 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster015.ovh.net
Software: Apache /
Resource Hash: f6730d6c0c3d6d18198f886bfdde3e8d5d7d12389bcfdb78bbba680be7e12297

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 02:25:01 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2016 10:29:04 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: none
expires: Tue, 02 Feb 2021 02:25:01 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 136 KB
40 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TPXKGS

Requested by

Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d82dfef5e5adda34e0d158f317c4b73345ae2cb0911d82e33f1054583e98efc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 02:25:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40791
x-xss-protection: 0
last-modified: Tue, 26 Jan 2021 00:05:44 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Jan 2021 02:25:01 GMT

GET
H2 404 cq5dam.web.1280.1280.gif
www.imprimezmoinscher.be/content/dam/wu/responsive/ 1 KB
1 KB 389ms
387ms Image
image/gif 213.186.33.3
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imprimezmoinscher.be/content/dam/wu/responsive/cq5dam.web.1280.1280.gif
Requested by: Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.186.33.3 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster015.ovh.net
Software: Apache / PHP/7.0
Resource Hash: cfc58e473751b9799c4b2d29216ea07d36eba4ccefeab6a704d550b4412a43f6

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 02:25:01 GMT
server: Apache
powered-by: PrestaShop
content-type: image/gif
x-powered-by: PHP/7.0
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"

GET
H2 200 mbox-contents-b325a4b1bd08e3c97502ade49f87673c155f4e59.js Show response
assets.adobedtm.com/b5504cc8f9a8ec27750576da3320a66a94144444/ 40 KB
12 KB 23ms
9ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b5504cc8f9a8ec27750576da3320a66a94144444/mbox-contents-b325a4b1bd08e3c97502ade49f87673c155f4e59.js
Requested by: Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp_files/satelliteLib-4566baaf849b14458bd620386f4a90b0ed039480.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c9e35a185a43366a21fe530f0789196fb113c29d7915a8777a9cabb098f12509

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 26 Jan 2021 02:25:01 GMT
content-encoding: gzip
last-modified: Wed, 17 Aug 2016 07:22:38 GMT
server: AkamaiNetStorage
etag: "c93e8d83b399119da8561f4e5a5bec9d:1471418558"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.imprimezmoinscher.be
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 12081
expires: Tue, 26 Jan 2021 03:25:01 GMT

GET
H2 200 satellite-5323054662902475d30005e7.js Show response
assets.adobedtm.com/b5504cc8f9a8ec27750576da3320a66a94144444/scripts/ 2 KB
838 B 23ms
10ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b5504cc8f9a8ec27750576da3320a66a94144444/scripts/satellite-5323054662902475d30005e7.js
Requested by: Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp_files/satelliteLib-4566baaf849b14458bd620386f4a90b0ed039480.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a67abe2a19544a2532c9d0a42e622ebb7b265c8b95446bd9d3399b13888cfc93

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 26 Jan 2021 02:25:01 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2016 05:00:30 GMT
server: AkamaiNetStorage
etag: "70234f4211c4c781ce7c7c07801d9171:1461128430"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.imprimezmoinscher.be
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 571
expires: Tue, 26 Jan 2021 03:25:01 GMT

GET
H2 200 dil-contents-f57e26e5c710446bcf01da9197ac332785a7426f.js Show response
assets.adobedtm.com/b5504cc8f9a8ec27750576da3320a66a94144444/ 29 KB
11 KB 23ms
10ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b5504cc8f9a8ec27750576da3320a66a94144444/dil-contents-f57e26e5c710446bcf01da9197ac332785a7426f.js
Requested by: Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp_files/satelliteLib-4566baaf849b14458bd620386f4a90b0ed039480.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 32b780742e884fbfb9a19d1b99523a5d47f5711587f45bba64cc46dbf2383647

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 02:25:01 GMT
content-encoding: gzip
last-modified: Fri, 02 Sep 2016 10:14:57 GMT
server: AkamaiNetStorage
etag: "2bd11342f9ea7d6c63bef469b1206370:1472811297"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.imprimezmoinscher.be
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 10610
expires: Tue, 26 Jan 2021 03:25:01 GMT

GET
H2 200 target.js Show response
cdn.tt.omtrdc.net/cdn/ 43 KB
43 KB 30ms
6ms Script
text/javascript 2600:9000:206f:9e00:12:601f:a940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tt.omtrdc.net/cdn/target.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b5504cc8f9a8ec27750576da3320a66a94144444/mbox-contents-b325a4b1bd08e3c97502ade49f87673c155f4e59.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9e00:12:601f:a940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 052ae5d7723241f0a1439298b26beb4db53772b707b58fb707dfc30d5a22c029

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-amz-version-id: null
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
last-modified: Tue, 27 Oct 2020 11:37:15 GMT
server: AmazonS3
age: 2524
etag: "d94f7f548dc11d731f4f5949913bec75"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: must-revalidate, max-age=3600
date: Tue, 26 Jan 2021 01:42:58 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 43693
x-amz-cf-id: Vfje1bHANOtawsvuBuTp9Yd-PHnqS-j3W51QeMNhO8G_V54Q-eHeiQ==

GET
H2 200 ajax Show response
westernunion.tt.omtrdc.net/m2/westernunion/mbox/ 771 B
937 B 164ms
54ms Script
text/javascript 52.213.168.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://westernunion.tt.omtrdc.net/m2/westernunion/mbox/ajax?mboxHost=www.imprimezmoinscher.be&mboxPage=1611627901113-216606&screenHeight=1200&screenWidth=1600&browserWidth=1600&browserHeight=1200&browserTimeOffset=60&colorDepth=24&mboxSession=1611627901113-216606&mboxCount=1&mboxTime=1611631501115&mbox=WU_globalR3&mboxId=0&mboxURL=https%3A%2F%2Fwww.imprimezmoinscher.be%2F.well-known%2Fwu%2Flogin-rp.html&mboxReferrer=&mboxVersion=59
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b5504cc8f9a8ec27750576da3320a66a94144444/mbox-contents-b325a4b1bd08e3c97502ade49f87673c155f4e59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.168.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-168-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 48a5b3f2f278d109d1520e9856fa6a6ee50fd4ed625cf02e680b5288bb5129a3

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Tue, 26 Jan 2021 02:25:01 GMT
cache-control: no-cache
timing-allow-origin: *
content-length: 771
x-request-id: 81d16119513de9ec5b5676e01adf3b65
content-type: text/javascript;charset=utf-8

GET
H/1.1

200
OK

firstevent Show response
westernunion.demdex.net/
Redirect Chain

https://westernunion.demdex.net/event?d_stuff=1&d_dst=1&d_rtbd=json&d_cts=1&d_cb=aam_tnt_cb
https://westernunion.demdex.net/firstevent?d_stuff=1&d_dst=1&d_rtbd=json&d_cts=1&d_cb=aam_tnt_cb

178 B
1 KB

53ms
52ms

Script
application/javascript

108.128.13.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://westernunion.demdex.net/firstevent?d_stuff=1&d_dst=1&d_rtbd=json&d_cts=1&d_cb=aam_tnt_cb

Requested by

Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.13.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-13-248.eu-west-1.compute.amazonaws.com

Software

Resource Hash

fae995b93876531bd213abdb756347763ac3157f54022ab30b289e57f197ab69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v088-0e8189378.edge-irl1.demdex.com 5.80.5.20210120122710 2ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: WNiwppzSSgE=
Vary: Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Content-Length: 178
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: odKfbQdLRqM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://westernunion.demdex.net/firstevent?d_stuff=1&d_dst=1&d_rtbd=json&d_cts=1&d_cb=aam_tnt_cb
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 standard Show response
westernunion.tt.omtrdc.net/m2/westernunion/mbox/ 877 B
1 KB 56ms
54ms Script
text/javascript 52.213.168.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://westernunion.tt.omtrdc.net/m2/westernunion/mbox/standard?mboxHost=www.imprimezmoinscher.be&mboxPage=1611627901113-216606&screenHeight=1200&screenWidth=1600&browserWidth=1600&browserHeight=1200&browserTimeOffset=60&colorDepth=24&mboxSession=1611627901113-216606&aamtest=success&mboxCount=2&mboxTime=1611631501396&mboxPC=1611627901113-216606.37_0&mbox=WU_globalR3&mboxId=1&mboxVersion=59
Requested by: Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp_files/mbox-contents-b325a4b1bd08e3c97502ade49f87673c155f4e59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.168.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-168-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2bd61fb96f7dd63093a3b4cdc6a10917e300be862e3fe2304609e5abc749f25e

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Tue, 26 Jan 2021 02:25:01 GMT
cache-control: no-cache
timing-allow-origin: *
content-length: 877
x-request-id: 6b8e618e52c7aa68ca2128a7d8e4ae1a
content-type: text/javascript;charset=utf-8

GET
H/1.1 200
OK event Show response
westernunion.demdex.net/ 178 B
1 KB 54ms
53ms Script
application/javascript 108.128.13.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://westernunion.demdex.net/event?d_stuff=1&d_dst=1&d_rtbd=json&d_cts=1&d_cb=aam_tnt_cb

Requested by

Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp_files/mbox-contents-b325a4b1bd08e3c97502ade49f87673c155f4e59.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.13.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-13-248.eu-west-1.compute.amazonaws.com

Software

Resource Hash

032e9253a291a46e9b81168ff50278a7dd0ab2a08917a59f93a26e5b360b3172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

DCS: dcs-prod-irl1-v088-076491ce4.edge-irl1.demdex.com 5.80.5.20210120122710 3ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Di+B4taJSjw=
Vary: Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Content-Length: 178
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200 cc.js Show response
www.cdn-net.com/ 39 KB
39 KB 229ms
131ms Script
application/javascript 65.9.67.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cdn-net.com/cc.js
Requested by: Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.67.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.11.2.3 /
Resource Hash: 5cb8357a5d8ca21b49ae65b1f5559e9bb4b00a9a6977a6811b8b8ca041a3c6be

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Jan 2021 02:25:01 GMT
Via: 1.1 9570c3a1725c20e6faed117bbb74223b.cloudfront.net (CloudFront)
Server: openresty/1.11.2.3
X-Amz-Cf-Pop: FRA56-C1
X-Cache: Miss from cloudfront
Content-Type: application/javascript
Cache-Control: private, no-cache, proxy-revalidate
X-IA-Request-ID: 3f5f786e6e0802fa61b4c44b7c45b5b2
Connection: keep-alive
Content-Length: 39723
X-Amz-Cf-Id: DkoR25gbg-FCMq3rTqknzFQmekgWV_-RWhqnBFX1z3lQYNYo80SeMg==

GET
H2 200 standard Show response
westernunion.tt.omtrdc.net/m2/westernunion/mbox/ 968 B
707 B 53ms
53ms Script
text/javascript 52.213.168.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://westernunion.tt.omtrdc.net/m2/westernunion/mbox/standard?mboxHost=www.imprimezmoinscher.be&mboxPage=1611627901113-216606&screenHeight=1200&screenWidth=1600&browserWidth=1600&browserHeight=1200&browserTimeOffset=60&colorDepth=24&mboxSession=1611627901113-216606&aamtest=success&mboxCount=3&mboxTime=1611631501460&mboxPC=1460581177178-880085.26_7&mbox=us_global_head&mboxId=0&mboxVersion=59
Requested by: Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp_files/mbox-contents-b325a4b1bd08e3c97502ade49f87673c155f4e59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.168.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-168-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 76f7f2cc77fb5c07c63fb3f4606fc1033575543a46fffb5aa91465a250ac393b

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Tue, 26 Jan 2021 02:25:01 GMT
content-encoding: gzip
vary: accept-encoding
content-type: text/javascript;charset=utf-8
cache-control: no-cache
timing-allow-origin: *
x-request-id: 75ac0b05b983347cd98034cf35086447

GET
H2 200 s-code-contents-611455a1953fab3d58599ed4ce0cdb6f9e7cc83c.js Show response
assets.adobedtm.com/b5504cc8f9a8ec27750576da3320a66a94144444/ 67 KB
24 KB 14ms
13ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b5504cc8f9a8ec27750576da3320a66a94144444/s-code-contents-611455a1953fab3d58599ed4ce0cdb6f9e7cc83c.js
Requested by: Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp_files/satelliteLib-4566baaf849b14458bd620386f4a90b0ed039480.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 985e688474d76e1c6e621628433f4131d130cb4be9de3690b7779d07c454a314

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 02:25:01 GMT
content-encoding: gzip
last-modified: Thu, 11 Jun 2020 13:03:44 GMT
server: AkamaiNetStorage
etag: "5895518501c42becf38aa374380ef710:1591880624.472229"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.imprimezmoinscher.be
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 24190
expires: Tue, 26 Jan 2021 03:25:01 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: 3XJofA+fWp92L+SmnQ2TOWiBhXS56Q/9uLCytSeJoWKh+CtfHldKOUlXZ9iXtFsPO62+qLL5fUbjNqnx6ChOkg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 26 Jan 2021 02:25:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 502 cfwu.js
cdn.cformanalytics.com/ 0
0 228ms
147ms Script
text/html 65.9.67.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cformanalytics.com/cfwu.js
Requested by: Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.67.4 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 dest4.html Show response
www.imprimezmoinscher.be/.well-known/wu/login-rp_files/ Frame 4152 8 KB
3 KB 40ms
39ms Document
text/html 213.186.33.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp_files/dest4.html
Requested by: Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.186.33.3 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster015.ovh.net
Software: Apache /
Resource Hash: a9f78140fd80c0c5dd6bf252e5ad645e628829edfa1127098fc99c7de7a6bd5c

Request headers

:method: GET
:authority: www.imprimezmoinscher.be
:scheme: https
:path: /.well-known/wu/login-rp_files/dest4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: WUCountryCookie_=.WELL-KNOWN; WULanguageCookie_=wu; wu_device_id=e06f03e8-062b-2e3f-f0a0-12237b0952ce; mbox=check#true#1611627962|session#1611627901113-216606#1611629762|PC#1611627901113-216606.37_0#1619403902; _at_id.westernunion.production.bfb8=ce0b9384d75c510f.1611627902.1.1611627902.1611627902.0.0.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html

Response headers

date: Tue, 26 Jan 2021 02:25:01 GMT
content-type: text/html
content-length: 3371
server: Apache
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip

GET
H/1.1 400
Bad Request twreceiver
westernunion.evergage.com/ 0
0 438ms
107ms Script
text/plain 52.22.86.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://westernunion.evergage.com/twreceiver?_callback=jQuery180020858589070056488_1611627901561&_ak=westernunion&_ds=production&_r=885040&_clientTS=1611627901595&.anonId=ce0b9384d75c510f&_anon=true&url=https%3A%2F%2Fwww.imprimezmoinscher.be%2F.well-known%2Fwu%2Flogin-rp.html&title=&.pv=&.bv=8&_=1611627901597
Requested by: Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp_files/evergage.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.86.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-86-95.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 26 Jan 2021 02:25:01 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 96
Content-Type: text/plain;charset=utf-8

GET
H2 200 1131643220187654 Show response
connect.facebook.net/signals/config/ 28 KB
8 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1131643220187654?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a802c3924fe3286b1d4458eda0495d62f193e36dfd49a65f6b6419afb448121

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 8064
x-fb-rlafr: 0
pragma: public
x-fb-debug: W+3HadfopuezGieeL2JEnhZvtwwpp6zBtjwhbkfLLPkRXBO0dUhTPhWDMbEDbmD7Piy2Io97nkPJFF7evsa2jg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 26 Jan 2021 02:25:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1879807923
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1131643220187654&ev=PageView&dl=https%3A%2F%2Fwww.imprimezmoinscher.be%2F.well-known%2Fwu%2Flogin-rp.html&rl=&if=false&ts=1611627901630&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=28&fbp=fb.1.1611627901628.170505392&it=1611627901610&coo=false&rqm=GET

Requested by

Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 02:25:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 26 Jan 2021 02:25:01 GMT

GET
H2 200 6.js Show response
six.cdn-net.com/ 1 KB
1 KB 49ms
29ms Script
application/javascript 2600:1901:0:d1c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://six.cdn-net.com/6.js
Requested by: Host: www.cdn-net.com
URL: https://www.cdn-net.com/cc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:d1c:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: b217f191f5fd4f1ca6ff725af1b2325681e8efee254ee644e7ddaa1f010ee364

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Jan 2021 02:25:01 GMT
via: 1.1 google
cache-control: no-cache, no-store, max-age=0
alt-svc: clear
content-length: 1050
content-type: application/javascript

GET
H/1.1 200 et.js Show response
www.cdn-net.com/ 98 B
628 B 415ms
414ms Script
application/javascript 65.9.67.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cdn-net.com/et.js
Requested by: Host: www.cdn-net.com
URL: https://www.cdn-net.com/cc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.67.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.11.2.3 /
Resource Hash: 84e664cec88a6a14c3a987ce66933a514e8c7b00a86729eb998b315f1bebdea5

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 26 Jan 2021 02:25:02 GMT
Via: 1.1 9570c3a1725c20e6faed117bbb74223b.cloudfront.net (CloudFront)
Server: openresty/1.11.2.3
X-Amz-Cf-Pop: FRA56-C1
ETag: "ZDZkNTY5OTUtYTFmOC00MjE3LTkzMTYtMzFiNzI3NTExMWFhOjE2MTE2Mjc5MDIwNjk"
X-Cache: Miss from cloudfront
Content-Type: application/javascript
Cache-Control: public, max-age=31536000
X-IA-Request-ID: 176398c172ecd1f06dd260d0e9a5cce2
Connection: keep-alive
Content-Length: 98
X-Amz-Cf-Id: 9JhWF070fP_APxvZrixmFbgWMtQtOCc84o-RKz3JxtlX3T5R-qrOIQ==

GET
H/1.1 200
OK dest4.html
westernunion.demdex.net/ Frame 7044 0
0 51ms
51ms Document
text/html 108.128.13.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://westernunion.demdex.net/dest4.html?d_nsid=0

Requested by

Host: www.imprimezmoinscher.be
URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp_files/dil-contents-f57e26e5c710446bcf01da9197ac332785a7426f.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.13.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-13-248.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: westernunion.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 21 Jan 2021 11:34:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: x1hvBh+LSLQ=
Content-Length: 2437
Connection: keep-alive

GET
H/1.1

200
OK

firstevent Show response
westernunion.demdex.net/
Redirect Chain

https://westernunion.demdex.net/event?d_nsid=0&d_ld=_ts%3D1611627902509&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_0_1611627902509
https://westernunion.demdex.net/firstevent?d_nsid=0&d_ld=_ts%3D1611627902509&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_0_1611627902509

205 B
1 KB

53ms
53ms

Script
application/javascript

108.128.13.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://westernunion.demdex.net/firstevent?d_nsid=0&d_ld=_ts%3D1611627902509&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_0_1611627902509

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.13.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-13-248.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ae1458b0f97138feae7cc0f05b437edc1ecb28c968042c1c911a724216796505

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v088-023751168.edge-irl1.demdex.com 5.80.5.20210120122710 2ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: sd9kcNZxSlI=
Vary: Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Content-Length: 205
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: /tLtNYRvQYQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://westernunion.demdex.net/firstevent?d_nsid=0&d_ld=_ts%3D1611627902509&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_0_1611627902509
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200 s2
www.cdn-net.com/ Frame A0BF 0
0 199ms
198ms Document
text/html 65.9.67.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cdn-net.com/s2?t=AdP5Wo8h6Eo5%2FTdCiJdkEK8C&x=1&sid=024b508b-b9db-4bdf-b781-59267acf78f3&tid=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.67.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.11.2.3 /
Resource Hash

Request headers

Host: www.cdn-net.com
Connection: keep-alive
Content-Length: 28245
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Origin: https://www.imprimezmoinscher.be
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryZRKZKO2BpCBCCPYn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://www.imprimezmoinscher.be
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryZRKZKO2BpCBCCPYn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html

Response headers

Content-Type: text/html
Content-Length: 26
Connection: keep-alive
Server: openresty/1.11.2.3
Date: Tue, 26 Jan 2021 02:25:03 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate
Pragma: no-cache
X-IA-Request-ID: b443cf3bfa6a3b7b9808e4fb1b2829ca
X-Cache: Miss from cloudfront
Via: 1.1 9570c3a1725c20e6faed117bbb74223b.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Cf-Id: 6nMikaZk_AEB4AAyIn9IoZv1KKtkf2dW1zw-PUT1VqtdkKagf9RWtg==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Western Union (Banking)

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html(Line 777) Message: Can not find SessionId
console-api	log	URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html(Line 777) Message: ci,[object Object],run,https://www.cdn-net.com
console-api	log	URL: https://www.imprimezmoinscher.be/.well-known/wu/login-rp.html(Line 805) Message: before defining url

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cdn.cformanalytics.com
cdn.tt.omtrdc.net
connect.facebook.net
six.cdn-net.com
westernunion.demdex.net
westernunion.evergage.com
westernunion.tt.omtrdc.net
www.cdn-net.com
www.facebook.com
www.googletagmanager.com
www.imprimezmoinscher.be
108.128.13.248
213.186.33.3
2600:1901:0:d1c::
2600:9000:206f:9e00:12:601f:a940:93a1
2a00:1450:4001:82a::2008
2a02:26f0:6c00:28a::1e80
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
52.213.168.74
52.22.86.95
65.9.67.4
65.9.67.59
032e9253a291a46e9b81168ff50278a7dd0ab2a08917a59f93a26e5b360b3172
052ae5d7723241f0a1439298b26beb4db53772b707b58fb707dfc30d5a22c029
08f27c92540c9295b47fb901f136386f945f55bc8cc09ec5b93563c5624b0111
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
281b8ca8f6b45042883032eaa47a206ab5f503dbcf8a0c375340701b9ef560a2
2bd61fb96f7dd63093a3b4cdc6a10917e300be862e3fe2304609e5abc749f25e
32b780742e884fbfb9a19d1b99523a5d47f5711587f45bba64cc46dbf2383647
3b08e63eab03c9ed7de86a3eae66cc549322a9eea823b6b4018a2ce502960133
48a5b3f2f278d109d1520e9856fa6a6ee50fd4ed625cf02e680b5288bb5129a3
4a802c3924fe3286b1d4458eda0495d62f193e36dfd49a65f6b6419afb448121
5cb8357a5d8ca21b49ae65b1f5559e9bb4b00a9a6977a6811b8b8ca041a3c6be
71c73d9e213ebbdd6960a4f2ae147cec0e6583c8aa1f7e9591236aba376d90a4
72cf95ea7fef01ad2142f3b96bbd9b574dca57180b62d5fb1f2828429b843041
72e844ac57230b4206087a556a247f97a028a1d0fff486274f0de5c55b2b9c8e
76f7f2cc77fb5c07c63fb3f4606fc1033575543a46fffb5aa91465a250ac393b
84e664cec88a6a14c3a987ce66933a514e8c7b00a86729eb998b315f1bebdea5
891d74f14a4a8f005c850aca240c9db5f7f9cdf93dfa32b12dfc52606ff3f2b6
8aa1d3bd02f2383739d5052646f1419e6a3e61672d3d42a729d758d6da892345
92dd5da4a7026675a4b94d98918ecafb8c9f66e856cf4cc4f57f2265fa4d5a59
985e688474d76e1c6e621628433f4131d130cb4be9de3690b7779d07c454a314
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a67abe2a19544a2532c9d0a42e622ebb7b265c8b95446bd9d3399b13888cfc93
a9f78140fd80c0c5dd6bf252e5ad645e628829edfa1127098fc99c7de7a6bd5c
ae1458b0f97138feae7cc0f05b437edc1ecb28c968042c1c911a724216796505
b123a6d72fea598cc2b96198d30d9f5d9b0a2d6b2f0be048895f860bd1af7d66
b217f191f5fd4f1ca6ff725af1b2325681e8efee254ee644e7ddaa1f010ee364
b31c5969e2a8a80aa727f122c3cfec0ed42bc8dc120426c98cf7026633f65bb2
bc937208633a41cd740bc71e0f082afe1d406aa37a58bfd569cad32a08bfaaef
c248c8cfc74a058e8d2bb209aeb080aa412074b65344ba97f402b08d5272b619
c9e35a185a43366a21fe530f0789196fb113c29d7915a8777a9cabb098f12509
cfc58e473751b9799c4b2d29216ea07d36eba4ccefeab6a704d550b4412a43f6
d82dfef5e5adda34e0d158f317c4b73345ae2cb0911d82e33f1054583e98efc8
dc7c758d37ecf2a1fb87d459d599b6009fb3271b547b8a0a5ac9ed6699be0dc6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec082a8c81ac5b2d8f58db69fa9cdb3f90a2451658d1a52c20d0cfcdf46fcad3
f1b966dbf0541060fff339e1487b443c5efbaed88e75dc3110be01b0df550432
f6730d6c0c3d6d18198f886bfdde3e8d5d7d12389bcfdb78bbba680be7e12297
fae995b93876531bd213abdb756347763ac3157f54022ab30b289e57f197ab69

www.imprimezmoinscher.be Open in urlscan Pro 213.186.33.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

43 Requests

100 %HTTPS

50 %IPv6

10 Domains

12 Subdomains

12 IPs

5 Countries

510 kBTransfer

1766 kBSize

0 Cookies

24 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.imprimezmoinscher.be Open in urlscan Pro
213.186.33.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

100 %
HTTPS

50 %
IPv6

10
Domains

12
Subdomains

12
IPs

5
Countries

510 kB
Transfer

1766 kB
Size

0
Cookies

43 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!