urlscan.io logo urlscan.io
SecurityTrails logo

healthblogsource.com Open in urlscan Pro
185.61.154.60  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.nucash.be/user/cm-l.php?sk=7596024bab6cc213b6bac49dcd105ab923e592f8&e=c9dd6507300a346dbeb6ed9dfd55baceac7a...
Effective URL: https://healthblogsource.com/beterslapen/?aff_click_id=102a3dd5753535dc756f30fa69296c&affiliate_id=1047&nt=S1
Submission: On June 07 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 20 HTTP transactions. The main IP is 185.61.154.60, located in United Kingdom and belongs to NAMECHEAP-NET - Namecheap, Inc., US. The main domain is healthblogsource.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 20th 2019. Valid for: a year.
This is the only time healthblogsource.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 78.137.118.22 34934 (UKFAST)
4 93.184.220.141 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 52.30.52.254 16509 (AMAZON-02)
10 185.61.154.60 22612 (NAMECHEAP...)
20 4
5    78.137.118.22 (United Kingdom)

ASN34934 (UKFAST, GB)
PTR: 78.137.118.22.srvlist.ukfast.net
www.nucash.be
4    93.184.220.141 (London, United Kingdom)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
static.orangebuddies.nl
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    52.30.52.254 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-30-52-254.eu-west-1.compute.amazonaws.com
tracking.1ards.com
10    185.61.154.60 (United Kingdom)

ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US)
PTR: premium60-3.web-hosting.com
healthblogsource.com
Domain Requested by
10 healthblogsource.com healthblogsource.com
5 www.nucash.be www.nucash.be
4 static.orangebuddies.nl www.nucash.be
1 tracking.1ards.com 1 redirects
1 fonts.googleapis.com www.nucash.be
20 5

This site contains links to these domains. Also see Links.

Domain
www.onlineshopping95.com
Subject Issuer Validity Valid
www.cashbackkorting.nl
Sectigo RSA Domain Validation Secure Server CA		 2019-05-06 -
2021-05-21		 2 years crt.sh
*.turbobytes.net
DigiCert SHA2 Secure Server CA		 2018-05-03 -
2020-08-04		 2 years crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-05-21 -
2019-08-13		 3 months crt.sh
healthblogsource.com
Sectigo RSA Domain Validation Secure Server CA		 2019-05-20 -
2020-05-19		 a year crt.sh

This page contains 2 frames:

Primary Page: https://healthblogsource.com/beterslapen/?aff_click_id=102a3dd5753535dc756f30fa69296c&affiliate_id=1047&nt=S1
Frame ID: B2D49B76F15AC31E707FB61843D1EB01
Requests: 11 HTTP requests in this frame

Frame: https://www.nucash.be/user/cashmail_text.php?storeid=109859
Frame ID: 85ED7DFA2A2DF2FC662B3A21DAA3B3F5
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.nucash.be/user/cm-l.php?sk=7596024bab6cc213b6bac49dcd105ab923e592f8&e=c9dd6507300a346d... Page URL
  2. http://tracking.1ards.com/aff_c?offer_id=2676&aff_id=1047&aff_sub=68-OBS-5cfae3498eeeb68 HTTP 302
    https://healthblogsource.com/beterslapen/?aff_click_id=102a3dd5753535dc756f30fa69296c&affiliate_id=1047&n... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Page Statistics

20
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

2169 kB
Transfer

3120 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.nucash.be/user/cm-l.php?sk=7596024bab6cc213b6bac49dcd105ab923e592f8&e=c9dd6507300a346dbeb6ed9dfd55baceac7a9464-17016 Page URL
  2. http://tracking.1ards.com/aff_c?offer_id=2676&aff_id=1047&aff_sub=68-OBS-5cfae3498eeeb68 HTTP 302
    https://healthblogsource.com/beterslapen/?aff_click_id=102a3dd5753535dc756f30fa69296c&affiliate_id=1047&nt=S1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set cm-l.php
www.nucash.be/user/ 		851 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nucash.be/user/cm-l.php?sk=7596024bab6cc213b6bac49dcd105ab923e592f8&e=c9dd6507300a346dbeb6ed9dfd55baceac7a9464-17016
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.137.118.22 , United Kingdom, ASN34934 (UKFAST, GB),
Reverse DNS
78.137.118.22.srvlist.ukfast.net
Software
nginx /
Resource Hash
e473b6a07d6d224f19e4aec58b25563d10533f8634fc4951fe590969db0b4a86
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
www.nucash.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Fri, 07 Jun 2019 22:20:29 GMT
Content-Type
text/html; charset=utf-8
Content-Length
488
Connection
keep-alive
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Xss-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
Set-Cookie
PHPSESSID=hfakg0ujgh7jok32i6q5hdla64; path=/; secure; HttpOnly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
cashmail_text.php
www.nucash.be/user/ Frame 85ED 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nucash.be/user/cashmail_text.php?storeid=109859
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cm-l.php?sk=7596024bab6cc213b6bac49dcd105ab923e592f8&e=c9dd6507300a346dbeb6ed9dfd55baceac7a9464-17016
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.137.118.22 , United Kingdom, ASN34934 (UKFAST, GB),
Reverse DNS
78.137.118.22.srvlist.ukfast.net
Software
nginx / PHP/5.6.25
Resource Hash
87093f6cd2bd9f55801e813830e42e98d64dfd30d5e4645871b0a1166f41a0af
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
www.nucash.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.nucash.be/user/cm-l.php?sk=7596024bab6cc213b6bac49dcd105ab923e592f8&e=c9dd6507300a346dbeb6ed9dfd55baceac7a9464-17016
Accept-Encoding
gzip, deflate, br
Cookie
PHPSESSID=hfakg0ujgh7jok32i6q5hdla64
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.nucash.be/user/cm-l.php?sk=7596024bab6cc213b6bac49dcd105ab923e592f8&e=c9dd6507300a346dbeb6ed9dfd55baceac7a9464-17016

Response headers

Server
nginx
Date
Fri, 07 Jun 2019 22:20:29 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
1449
Connection
keep-alive
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Xss-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
X-Powered-By
PHP/5.6.25
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
layout.css
static.orangebuddies.nl/templates/www.nucash.be/march16/css/ Frame 85ED 		243 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.orangebuddies.nl/templates/www.nucash.be/march16/css/layout.css
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cashmail_text.php?storeid=109859
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.141 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41AC) /
Resource Hash
816f02dfd8aa8ea14abdc87c9e546d69572548fec0d84514f659aed11a3d2986

Request headers

Referer
https://www.nucash.be/user/cashmail_text.php?storeid=109859
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 07 Jun 2019 22:21:02 GMT
content-encoding
gzip
last-modified
Tue, 30 Apr 2019 11:44:25 GMT
server
ECS (fcn/41AC)
access-control-allow-origin
*
etag
"5cc83519-3cb26"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
accept-ranges
bytes
content-length
51901
exit-page-cbk-new.css
www.nucash.be/general.assets/css/ Frame 85ED 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nucash.be/general.assets/css/exit-page-cbk-new.css
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cashmail_text.php?storeid=109859
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.137.118.22 , United Kingdom, ASN34934 (UKFAST, GB),
Reverse DNS
78.137.118.22.srvlist.ukfast.net
Software
nginx /
Resource Hash
ed5279e550ac7f7e7d13962a02507cc671ba8d5e41cd832edcc436687b2d1d28
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nucash.be/user/cashmail_text.php?storeid=109859
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 07 Jun 2019 22:20:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Feb 2018 05:23:00 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
Accept-Ranges
bytes
Content-Length
706
X-Xss-Protection
1; mode=block
jquery.min.js
www.nucash.be/general.assets/js/ Frame 85ED 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nucash.be/general.assets/js/jquery.min.js
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cashmail_text.php?storeid=109859
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.137.118.22 , United Kingdom, ASN34934 (UKFAST, GB),
Reverse DNS
78.137.118.22.srvlist.ukfast.net
Software
nginx /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nucash.be/user/cashmail_text.php?storeid=109859
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 07 Jun 2019 22:20:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Feb 2018 05:23:00 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
Accept-Ranges
bytes
Content-Length
33430
X-Xss-Protection
1; mode=block
logo.png
static.orangebuddies.nl/templates/www.nucash.be/march16/assets/ Frame 85ED 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.orangebuddies.nl/templates/www.nucash.be/march16/assets/logo.png
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cashmail_text.php?storeid=109859
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.141 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41AF) /
Resource Hash
81bfc535b798aea06763ba112fd7edc6f88fee549f9e0a4a98b0cea84bef23e6

Request headers

Referer
https://www.nucash.be/user/cashmail_text.php?storeid=109859
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 07 Jun 2019 22:20:57 GMT
last-modified
Wed, 02 Nov 2016 07:31:45 GMT
server
ECS (fcn/41AF)
access-control-allow-origin
*
etag
"58199661-5511"
x-cache
HIT
content-type
image/png
status
200
accept-ranges
bytes
content-length
21777
109859.jpg
static.orangebuddies.nl/image/stores/ Frame 85ED 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.orangebuddies.nl/image/stores/109859.jpg
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cashmail_text.php?storeid=109859
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.141 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40DC) /
Resource Hash
7b0198301f2c6581c2de2e36687599213d0991f29d68960156b9a985112ebe71

Request headers

Referer
https://www.nucash.be/user/cashmail_text.php?storeid=109859
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 07 Jun 2019 22:20:57 GMT
last-modified
Fri, 07 Jun 2019 10:15:47 GMT
server
ECS (fcn/40DC)
access-control-allow-origin
*
etag
"5cfa3953-1986"
x-cache
HIT
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
6534
41307-ExitPage468x60.jpg
static.orangebuddies.nl/image/banners/ Frame 85ED 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.orangebuddies.nl/image/banners/41307-ExitPage468x60.jpg
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cashmail_text.php?storeid=109859
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.141 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4193) /
Resource Hash
c2c12346a1236862251a0edf0b08fd1291e92f09ae6d3a8eea92a06a93a717a0

Request headers

Referer
https://www.nucash.be/user/cashmail_text.php?storeid=109859
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 07 Jun 2019 22:20:57 GMT
last-modified
Wed, 17 Apr 2019 13:22:13 GMT
server
ECS (fcn/4193)
access-control-allow-origin
*
etag
"5cb72885-1aeb"
x-cache
HIT
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
6891
css
fonts.googleapis.com/ Frame 85ED 		2 KB
546 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans+Narrow
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cashmail_text.php?storeid=109859
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
71ce8fc7d2207e9fc8c455121b8c45e6cc0a68313c88bc2beee5b3818c44dbb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.nucash.be/user/cashmail_text.php?storeid=109859
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 07 Jun 2019 22:20:57 GMT
server
ESF
access-control-allow-origin
*
date
Fri, 07 Jun 2019 22:20:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Fri, 07 Jun 2019 22:20:57 GMT
bar-loading.gif
www.nucash.be/general.assets/images/ Frame 85ED 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nucash.be/general.assets/images/bar-loading.gif
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/general.assets/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.137.118.22 , United Kingdom, ASN34934 (UKFAST, GB),
Reverse DNS
78.137.118.22.srvlist.ukfast.net
Software
nginx /
Resource Hash
a03a0e52f0f18d00375e4358ede5ec2ab934ea7a739e916c7c1caa702833e1b2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nucash.be/general.assets/css/exit-page-cbk-new.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 07 Jun 2019 22:20:29 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000, public, must-revalidate
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
Accept-Ranges
bytes
Content-Length
3161
X-Xss-Protection
1; mode=block
Primary Request /
healthblogsource.com/beterslapen/
Redirect Chain
  • http://tracking.1ards.com/aff_c?offer_id=2676&aff_id=1047&aff_sub=68-OBS-5cfae3498eeeb68
  • https://healthblogsource.com/beterslapen/?aff_click_id=102a3dd5753535dc756f30fa69296c&affiliate_id=1047&nt=S1
623 KB
87 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://healthblogsource.com/beterslapen/?aff_click_id=102a3dd5753535dc756f30fa69296c&affiliate_id=1047&nt=S1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
premium60-3.web-hosting.com
Software
Apache / PHP/5.6.40
Resource Hash
81911e32a0fb03b471484306f17c1f29d2f4dd16e99085f18e597c112e22c91f

Request headers

:method
GET
:authority
healthblogsource.com
:scheme
https
:path
/beterslapen/?aff_click_id=102a3dd5753535dc756f30fa69296c&affiliate_id=1047&nt=S1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 07 Jun 2019 22:21:00 GMT
server
Apache
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html; charset=UTF-8

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 07 Jun 2019 22:21:00 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://healthblogsource.com/beterslapen/?aff_click_id=102a3dd5753535dc756f30fa69296c&affiliate_id=1047&nt=S1
P3P
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Server
nginx/1.13.12
Set-Cookie
enc_aff_session_2676=ENC03c7c91e9b0dd1df0ae6499f421b9ec974fd1c21d0eb22cbde2ed7e8ac2951ca034acc11f78caed2e3279f40f863b65fcb014c27337fd26097db0dc57a81458a6ce16c14b9c4a8bec09959073d25355915adf6709d0ee7d76b30f4880ebf30e8e89e89ab1e1a5014100458eb778f64a4333cddd5503be4615853caffd32ee92019368c50b5; expires=Sun, 07 Jul 2019 22:21:00 GMT; path=/; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI3NC4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=; expires=Mon, 02 May 2022 09:01:00 GMT; path=/;
tracking_id
102a3dd5753535dc756f30fa69296c
X-Robots-Tag
noindex, nofollow
Content-Length
301
Connection
keep-alive
lander.css
healthblogsource.com/beterslapen/ 		167 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://healthblogsource.com/beterslapen/lander.css
Requested by
Host: healthblogsource.com
URL: https://healthblogsource.com/beterslapen/?aff_click_id=102a3dd5753535dc756f30fa69296c&affiliate_id=1047&nt=S1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
premium60-3.web-hosting.com
Software
Apache /
Resource Hash
1fa2acd0a07e6c3cb5c6c9f4dc031b20d7d8bd94c321b8a66621df46f45fdb8f

Request headers

Referer
https://healthblogsource.com/beterslapen/?aff_click_id=102a3dd5753535dc756f30fa69296c&affiliate_id=1047&nt=S1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 07 Jun 2019 22:21:00 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2019 07:40:06 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
31372
font-awesome.min.css
healthblogsource.com/beterslapen/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://healthblogsource.com/beterslapen/font-awesome.min.css
Requested by
Host: healthblogsource.com
URL: https://healthblogsource.com/beterslapen/?aff_click_id=102a3dd5753535dc756f30fa69296c&affiliate_id=1047&nt=S1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
premium60-3.web-hosting.com
Software
Apache /
Resource Hash
a819de1cc70e12a320ad71643989f2c4bfcb704fc37f6b515b1f4e7dcbc7deab

Request headers

Referer
https://healthblogsource.com/beterslapen/?aff_click_id=102a3dd5753535dc756f30fa69296c&affiliate_id=1047&nt=S1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 07 Jun 2019 22:21:00 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2019 07:40:06 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
6968
css.css
healthblogsource.com/beterslapen/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://healthblogsource.com/beterslapen/css.css
Requested by
Host: healthblogsource.com
URL: https://healthblogsource.com/beterslapen/?aff_click_id=102a3dd5753535dc756f30fa69296c&affiliate_id=1047&nt=S1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
premium60-3.web-hosting.com
Software
Apache /
Resource Hash
dd318cf00ce1835537b55e5eadb81f1eeaafdcd008b753842cdb7ac8aaad8055

Request headers

Referer
https://healthblogsource.com/beterslapen/?aff_click_id=102a3dd5753535dc756f30fa69296c&affiliate_id=1047&nt=S1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 07 Jun 2019 22:21:00 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2019 07:40:06 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
1080
closemodal.png
healthblogsource.com/beterslapen/ 		788 B
900 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://healthblogsource.com/beterslapen/closemodal.png
Requested by
Host: healthblogsource.com
URL: https://healthblogsource.com/beterslapen/?aff_click_id=102a3dd5753535dc756f30fa69296c&affiliate_id=1047&nt=S1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
premium60-3.web-hosting.com
Software
Apache /
Resource Hash
e2bcaa68f0a7810ee95b5a352a707a941602cec2a5f1fde91e6cd1e8ee5326f8

Request headers

Referer
https://healthblogsource.com/beterslapen/?aff_click_id=102a3dd5753535dc756f30fa69296c&affiliate_id=1047&nt=S1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 07 Jun 2019 22:21:00 GMT
last-modified
Thu, 06 Jun 2019 07:40:04 GMT
server
Apache
accept-ranges
bytes
content-length
788
content-type
image/png
sleep-comfort.png
healthblogsource.com/beterslapen/ 		410 KB
411 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://healthblogsource.com/beterslapen/sleep-comfort.png
Requested by
Host: healthblogsource.com
URL: https://healthblogsource.com/beterslapen/?aff_click_id=102a3dd5753535dc756f30fa69296c&affiliate_id=1047&nt=S1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
premium60-3.web-hosting.com
Software
Apache /
Resource Hash
8ec40280ad54536647aa5380adf302110b7d93a293111c136b2b5938f767f417

Request headers

Referer
https://healthblogsource.com/beterslapen/?aff_click_id=102a3dd5753535dc756f30fa69296c&affiliate_id=1047&nt=S1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 07 Jun 2019 22:21:00 GMT
last-modified
Thu, 06 Jun 2019 07:40:04 GMT
server
Apache
accept-ranges
bytes
content-length
420122
content-type
image/png
2.jpg
healthblogsource.com/beterslapen/ 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://healthblogsource.com/beterslapen/2.jpg
Requested by
Host: healthblogsource.com
URL: https://healthblogsource.com/beterslapen/?aff_click_id=102a3dd5753535dc756f30fa69296c&affiliate_id=1047&nt=S1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
premium60-3.web-hosting.com
Software
Apache /
Resource Hash
986eab7f63faea79e5397797dbd1a741e8a4e58db32a772909fc122f55d307f1

Request headers

Referer
https://healthblogsource.com/beterslapen/?aff_click_id=102a3dd5753535dc756f30fa69296c&affiliate_id=1047&nt=S1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 07 Jun 2019 22:21:00 GMT
last-modified
Thu, 06 Jun 2019 07:40:04 GMT
server
Apache
accept-ranges
bytes
content-length
143253
content-type
image/jpeg
couple.png
healthblogsource.com/beterslapen/ 		443 KB
444 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://healthblogsource.com/beterslapen/couple.png
Requested by
Host: healthblogsource.com
URL: https://healthblogsource.com/beterslapen/?aff_click_id=102a3dd5753535dc756f30fa69296c&affiliate_id=1047&nt=S1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
premium60-3.web-hosting.com
Software
Apache /
Resource Hash
25b64a7c451ce019bfe75f7fb17825c640e6f62170b5e1e21ee914ede0b40c1e

Request headers

Referer
https://healthblogsource.com/beterslapen/?aff_click_id=102a3dd5753535dc756f30fa69296c&affiliate_id=1047&nt=S1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 07 Jun 2019 22:21:00 GMT
last-modified
Thu, 06 Jun 2019 07:40:04 GMT
server
Apache
accept-ranges
bytes
content-length
453777
content-type
image/png
relax.png
healthblogsource.com/beterslapen/ 		481 KB
481 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://healthblogsource.com/beterslapen/relax.png
Requested by
Host: healthblogsource.com
URL: https://healthblogsource.com/beterslapen/?aff_click_id=102a3dd5753535dc756f30fa69296c&affiliate_id=1047&nt=S1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
premium60-3.web-hosting.com
Software
Apache /
Resource Hash
d0516f12b8140b076e3a51f91513e57c40a57f2df8a9f1055c06326b848e5ce4

Request headers

Referer
https://healthblogsource.com/beterslapen/?aff_click_id=102a3dd5753535dc756f30fa69296c&affiliate_id=1047&nt=S1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 07 Jun 2019 22:21:00 GMT
last-modified
Thu, 06 Jun 2019 07:40:04 GMT
server
Apache
accept-ranges
bytes
content-length
492469
content-type
image/png
office.png
healthblogsource.com/beterslapen/ 		439 KB
439 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://healthblogsource.com/beterslapen/office.png
Requested by
Host: healthblogsource.com
URL: https://healthblogsource.com/beterslapen/?aff_click_id=102a3dd5753535dc756f30fa69296c&affiliate_id=1047&nt=S1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.61.154.60 , United Kingdom, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
premium60-3.web-hosting.com
Software
Apache /
Resource Hash
4547ed4ff510c5d75aee4e94518cf9fe6b6e1d1eab2aaf71010228bb6eccc40e

Request headers

Referer
https://healthblogsource.com/beterslapen/?aff_click_id=102a3dd5753535dc756f30fa69296c&affiliate_id=1047&nt=S1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 07 Jun 2019 22:21:00 GMT
last-modified
Thu, 06 Jun 2019 07:40:04 GMT
server
Apache
accept-ranges
bytes
content-length
449538
content-type
image/png

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
healthblogsource.com
static.orangebuddies.nl
tracking.1ards.com
www.nucash.be
185.61.154.60
2a00:1450:4001:81c::200a
52.30.52.254
78.137.118.22
93.184.220.141
1fa2acd0a07e6c3cb5c6c9f4dc031b20d7d8bd94c321b8a66621df46f45fdb8f
25b64a7c451ce019bfe75f7fb17825c640e6f62170b5e1e21ee914ede0b40c1e
4547ed4ff510c5d75aee4e94518cf9fe6b6e1d1eab2aaf71010228bb6eccc40e
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
71ce8fc7d2207e9fc8c455121b8c45e6cc0a68313c88bc2beee5b3818c44dbb2
7b0198301f2c6581c2de2e36687599213d0991f29d68960156b9a985112ebe71
816f02dfd8aa8ea14abdc87c9e546d69572548fec0d84514f659aed11a3d2986
81911e32a0fb03b471484306f17c1f29d2f4dd16e99085f18e597c112e22c91f
81bfc535b798aea06763ba112fd7edc6f88fee549f9e0a4a98b0cea84bef23e6
87093f6cd2bd9f55801e813830e42e98d64dfd30d5e4645871b0a1166f41a0af
8ec40280ad54536647aa5380adf302110b7d93a293111c136b2b5938f767f417
986eab7f63faea79e5397797dbd1a741e8a4e58db32a772909fc122f55d307f1
a03a0e52f0f18d00375e4358ede5ec2ab934ea7a739e916c7c1caa702833e1b2
a819de1cc70e12a320ad71643989f2c4bfcb704fc37f6b515b1f4e7dcbc7deab
c2c12346a1236862251a0edf0b08fd1291e92f09ae6d3a8eea92a06a93a717a0
d0516f12b8140b076e3a51f91513e57c40a57f2df8a9f1055c06326b848e5ce4
dd318cf00ce1835537b55e5eadb81f1eeaafdcd008b753842cdb7ac8aaad8055
e2bcaa68f0a7810ee95b5a352a707a941602cec2a5f1fde91e6cd1e8ee5326f8
e473b6a07d6d224f19e4aec58b25563d10533f8634fc4951fe590969db0b4a86
ed5279e550ac7f7e7d13962a02507cc671ba8d5e41cd832edcc436687b2d1d28