www.xsnews.nl Open in urlscan Pro
2001:67c:174:101:1:65:301:1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://viral481.com/srv.html?id=5489612&pub=1001524
Effective URL:
https://www.xsnews.nl/en/ntrial.html?a_aid=11266&a_bid=9af93a6a&data1=18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f...
Submission: On March 16 via manual (March 16th 2020, 9:05:27 pm UTC) from US

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 10 domains to perform 26 HTTP transactions. The main IP is 2001:67c:174:101:1:65:301:1, located in San Marino and belongs to AS-ABAVIA, IT. The main domain is www.xsnews.nl.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 9th 2020. Valid for: 3 months.

This is the only time www.xsnews.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.27.156.197 104.27.156.197	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.14.110 151.101.14.110	54113 (FASTLY) (FASTLY)
1 2	104.26.0.163 104.26.0.163	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.247.242.19 162.247.242.19	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	2606:4700:303... 2606:4700:3033::681b:bfe7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE)
15	2001:67c:174:... 2001:67c:174:101:1:65:301:1	48345 (AS-ABAVIA) (AS-ABAVIA)
1 1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
26	9

1 104.27.156.197 (United States)

ASN13335 (CLOUDFLARENET, US)

viral481.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.0.163 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cpalead.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.cpalead.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.19 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-7.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::681b:bfe7 (United States)

ASN13335 (CLOUDFLARENET, US)

unlocklink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2001:67c:174:101:1:65:301:1 (San Marino)

ASN48345 (AS-ABAVIA, IT)

www.xsnews.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	xsnews.nl www.xsnews.nl	450 KB
3	google-analytics.com 1 redirects www.google-analytics.com	36 KB
2	nr-data.net bam.nr-data.net	421 B
2	cpalead.com 1 redirects cpalead.com www.cpalead.com	6 KB
2	newrelic.com js-agent.newrelic.com	20 KB
1	google.com 1 redirects www.google.com	191 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	161 B
1	google.de www.google.de Failed	109 B
1	unlocklink.com unlocklink.com	2 KB
1	viral481.com viral481.com	5 KB
26	10

	Domain	Requested by
15	www.xsnews.nl	unlocklink.com www.xsnews.nl
3	www.google-analytics.com	1 redirects unlocklink.com www.xsnews.nl
2	bam.nr-data.net	js-agent.newrelic.com
2	js-agent.newrelic.com	viral481.com www.cpalead.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	www.google.de
1	unlocklink.com
1	www.cpalead.com
1	cpalead.com	1 redirects
1	viral481.com
26	11

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-02-04` - `2020-10-09`	8 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-04-10` - `2020-03-21`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
xsnews.nl Let's Encrypt Authority X3	`2020-03-09` - `2020-06-07`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.xsnews.nl/en/ntrial.html?a_aid=11266&a_bid=9af93a6a&data1=18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2
Frame ID: EE1E6D2EE27CAD276D7FE7DB4E6A808D
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://viral481.com/srv.html?id=5489612&pub=1001524 Page URL
https://cpalead.com/offer.php?id=5489303&pub=1001524 HTTP 301
https://www.cpalead.com/offer.php?id=5489303&pub=1001524 Page URL
https://unlocklink.com/redirect/action/1Ind0ZS0ucXMyKSE_sL_dXF7dGFzcA_eQ__eQ_Pyi?tsid=1001524&uc=10... Page URL
https://www.xsnews.nl/en/ntrial.html?a_aid=11266&a_bid=9af93a6a&data1=18031631_19_0_ea7_67df55_640... Page URL

Detected technologies

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /require.*\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

26
Requests

96 %
HTTPS

60 %
IPv6

10
Domains

11
Subdomains

9
IPs

4
Countries

519 kB
Transfer

806 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://viral481.com/srv.html?id=5489612&pub=1001524 Page URL
https://cpalead.com/offer.php?id=5489303&pub=1001524 HTTP 301
https://www.cpalead.com/offer.php?id=5489303&pub=1001524 Page URL
https://unlocklink.com/redirect/action/1Ind0ZS0ucXMyKSE_sL_dXF7dGFzcA_eQ__eQ_Pyi?tsid=1001524&uc=1001524-775845532 Page URL
https://www.xsnews.nl/en/ntrial.html?a_aid=11266&a_bid=9af93a6a&data1=18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://cpalead.com/offer.php?id=5489303&pub=1001524 HTTP 301
https://www.cpalead.com/offer.php?id=5489303&pub=1001524

Request Chain 8

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=307284085&t=pageview&_s=1&dl=https%3A%2F%2Funlocklink.com%2Fredirect%2Faction%2F1Ind0ZS0ucXMyKSE_sL_dXF7dGFzcA_eQ__eQ_Pyi%3Ftsid%3D1001524%26uc%3D1001524-775845532&dr=https%3A%2F%2Fwww.cpalead.com%2Foffer.php%3Fid%3D5489303%26pub%3D1001524&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1836093405&gjid=2095769863&cid=942949315.1584392714&tid=UA-1672790-14&_gid=279885306.1584392714&_r=1&z=1730212854 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1672790-14&cid=942949315.1584392714&jid=1836093405&_gid=279885306.1584392714&gjid=2095769863&_v=j81&z=1730212854 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1672790-14&cid=942949315.1584392714&jid=1836093405&_v=j81&z=1730212854 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1672790-14&cid=942949315.1584392714&jid=1836093405&_v=j81&z=1730212854&slf_rd=1&random=3218141674

Request Chain 23

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=168733417&t=pageview&_s=1&dl=https%3A%2F%2Fwww.xsnews.nl%2Fen%2Fntrial.html%3Fa_aid%3D11266%26a_bid%3D9af93a6a%26data1%3D18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2&dr=https%3A%2F%2Funlocklink.com%2Fredirect%2Faction%2F1Ind0ZS0ucXMyKSE_sL_dXF7dGFzcA_eQ__eQ_Pyi%3Ftsid%3D1001524%26uc%3D1001524-775845532&dp=%2Fen%2Fntrial.html%3Fa_aid%3D11266%26a_bid%3D9af93a6a%26data1%3D18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2&ul=en-us&de=UTF-8&dt=Try%20our%20best%20package%20for%20FREE!%20-%20XS%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1185133022&gjid=1897948538&cid=1429124720.1584392714&tid=UA-49052953-1&_gid=736210876.1584392714&_r=1&z=1817675865 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-49052953-1&cid=1429124720.1584392714&jid=1185133022&_gid=736210876.1584392714&gjid=1897948538&_v=j81&z=1817675865 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-49052953-1&cid=1429124720.1584392714&jid=1185133022&_v=j81&z=1817675865 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-49052953-1&cid=1429124720.1584392714&jid=1185133022&_v=j81&z=1817675865&slf_rd=1&random=329556019

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 srv.html Show response
viral481.com/ 18 KB
5 KB 668ms
491ms Document
text/html 104.27.156.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://viral481.com/srv.html?id=5489612&pub=1001524

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.156.197 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb05e19de22068e21bd03cb79dacf493fc7f85d8880758eed4201bd81071e4b0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: viral481.com
:scheme: https
:path: /srv.html?id=5489612&pub=1001524
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Mon, 16 Mar 2020 21:05:11 GMT
content-type: text/html
set-cookie: __cfduid=df6107cd0d0662a670e0a614493115f861584392711; expires=Wed, 15-Apr-20 21:05:11 GMT; path=/; domain=.viral481.com; HttpOnly; SameSite=Lax PHPSESSID=di_Px7c3-99-CnMPUyhcziAH-ipO84-zCPqWunWlzf1S2tTvCNx5H5SlX4UErBdf; path=/; HttpOnly SERVERID=web2; path=/
x-frame-options: SAMEORIGIN
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-xss-protection: 1; mode=block
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 57516e4efc47bfed-MAN
content-encoding: br

GET
H2 200 nr-1167.min.js
js-agent.newrelic.com/ 26 KB
10 KB 25ms
25ms Script
application/javascript 151.101.14.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1167.min.js
Requested by: Host: viral481.com
URL: https://viral481.com/srv.html?id=5489612&pub=1001524
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://viral481.com/srv.html?id=5489612&pub=1001524
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 16 Mar 2020 21:05:11 GMT
content-encoding: gzip
x-amz-request-id: 3F6B13CD94955BD2
x-cache: HIT
status: 200
content-length: 10178
x-amz-id-2: owq7LTC2ddnOfWY1uKv5BtBpowDIkcMDm/PvX4TjjjLvjnZV9HT8nBCSuZA0UK8UjkDDMb8Gv+k=
x-served-by: cache-fra19180-FRA
last-modified: Fri, 07 Feb 2020 23:39:55 GMT
server: AmazonS3
x-timer: S1584392712.978215,VS0,VE0
etag: "8155781ab74e51eee2ead2c1d5902e63"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6475

GET
H2

200

offer.php Show response
www.cpalead.com/
Redirect Chain

https://cpalead.com/offer.php?id=5489303&pub=1001524
https://www.cpalead.com/offer.php?id=5489303&pub=1001524

18 KB
5 KB

532ms
523ms

Document
text/html

104.26.0.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cpalead.com/offer.php?id=5489303&pub=1001524

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.163 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57ad677c8010a653d6dcd3deccf5e5c3da24fcef75bb84617b06f70bbd582683

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cpalead.com
:scheme: https
:path: /offer.php?id=5489303&pub=1001524
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://viral481.com/srv.html?id=5489612&pub=1001524
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d8249283bf4db62f0c7b2ce0dd859d3dc1584392712
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://viral481.com/srv.html?id=5489612&pub=1001524

Response headers

status: 200
date: Mon, 16 Mar 2020 21:05:12 GMT
content-type: text/html
x-frame-options: SAMEORIGIN
set-cookie: PHPSESSID=AhDguAkx6OoRoESSWrDmOst95jL5aNq7Vpnn9oDmgW4tCtZmhRa1Xh67FtOpMdYX; path=/; HttpOnly SERVERID=web2; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-xss-protection: 1; mode=block
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 57516e555cfe3675-MAN
content-encoding: br

Redirect headers

status: 301
date: Mon, 16 Mar 2020 21:05:12 GMT
content-type: text/html; charset=iso-8859-1
set-cookie: __cfduid=d8249283bf4db62f0c7b2ce0dd859d3dc1584392712; expires=Wed, 15-Apr-20 21:05:12 GMT; path=/; domain=.cpalead.com; HttpOnly; SameSite=Lax SERVERID=web2; path=/
location: https://www.cpalead.com/offer.php?id=5489303&pub=1001524
vary: Accept-Encoding
cache-control: private
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 57516e533bbd3675-MAN

GET
H/1.1 200
OK 62915533ca
bam.nr-data.net/1/ 57 B
275 B 109ms
109ms Script
text/javascript 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/62915533ca?a=14035018&v=1167.2a4546b&to=blEHMktWXkQABkRQDFcbMBRQGF9RBwBCFxNRRA%3D%3D&rst=724&ref=https://viral481.com/srv.html&ap=143&be=689&fe=694&dc=692&perf=%7B%22timing%22:%7B%22of%22:1584392711265,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:8,%22c%22:8,%22s%22:14,%22ce%22:177,%22rq%22:177,%22rp%22:668,%22rpe%22:671,%22dl%22:675,%22di%22:692,%22ds%22:692,%22de%22:692,%22dc%22:693,%22l%22:693,%22le%22:694%7D,%22navigation%22:%7B%7D%7D&fp=705&fcp=705&at=QhYERANMTUo%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1167.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash

Request headers

Referer: https://viral481.com/srv.html?id=5489612&pub=1001524
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Content-Type: text/javascript;charset=ISO-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 nr-1167.min.js
js-agent.newrelic.com/ 26 KB
10 KB 31ms
31ms Script
application/javascript 151.101.14.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1167.min.js
Requested by: Host: www.cpalead.com
URL: https://www.cpalead.com/offer.php?id=5489303&pub=1001524
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.cpalead.com/offer.php?id=5489303&pub=1001524
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 16 Mar 2020 21:05:13 GMT
content-encoding: gzip
x-amz-request-id: 3F6B13CD94955BD2
x-cache: HIT
status: 200
content-length: 10178
x-amz-id-2: owq7LTC2ddnOfWY1uKv5BtBpowDIkcMDm/PvX4TjjjLvjnZV9HT8nBCSuZA0UK8UjkDDMb8Gv+k=
x-served-by: cache-fra19180-FRA
last-modified: Fri, 07 Feb 2020 23:39:55 GMT
server: AmazonS3
x-timer: S1584392713.017989,VS0,VE0
etag: "8155781ab74e51eee2ead2c1d5902e63"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6480

GET
H2 200 1Ind0ZS0ucXMyKSE_sL_dXF7dGFzcA_eQ__eQ_Pyi Show response
unlocklink.com/redirect/action/ 1 KB
2 KB 723ms
596ms Document
text/html 2606:4700:3033::681b:bfe7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unlocklink.com/redirect/action/1Ind0ZS0ucXMyKSE_sL_dXF7dGFzcA_eQ__eQ_Pyi?tsid=1001524&uc=1001524-775845532
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681b:bfe7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97df9c086a55dd80f967aeeb9582e84c69a51a4fef8ff3d8468dba0d8fcc09d0

Request headers

:method: GET
:authority: unlocklink.com
:scheme: https
:path: /redirect/action/1Ind0ZS0ucXMyKSE_sL_dXF7dGFzcA_eQ__eQ_Pyi?tsid=1001524&uc=1001524-775845532
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.cpalead.com/offer.php?id=5489303&pub=1001524
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://www.cpalead.com/offer.php?id=5489303&pub=1001524

Response headers

status: 200
date: Mon, 16 Mar 2020 21:05:13 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d43ec65a3b49ed8705e5b2456f455c59d1584392713; expires=Wed, 15-Apr-20 21:05:13 GMT; path=/; domain=.unlocklink.com; HttpOnly; SameSite=Lax; Secure click-1f5-67df55=18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2; expires=Sat, 12-Sep-2020 21:05:13 GMT; Max-Age=15552000; path=/conversion msv-ea7-2cda8-0-50-0-0=55832868898534104861030369468629385218; expires=Tue, 17-Mar-2020 21:05:13 GMT; Max-Age=86400
charset: UTF-8
content-encoding: UTF-8
p3p: CP="NOI CURa ADMa PSA OUR NOR OTC"
pragma: no-cache
cache-control: no-cache no-cache, must-revalidate, max-age=0
x-robots-tag: noindex, nofollow, nocache, noarchive
googlebot: noindex, nofollow, nocache, noarchive
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 57516e592d6297a2-FRA

GET
H/1.1 200
OK 62915533ca
bam.nr-data.net/1/ 57 B
146 B 181ms
112ms Script
text/javascript 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/62915533ca?a=14035018&v=1167.2a4546b&to=blEHMktWXkQABkRQDFcbMBRQGF9RBwBCFxNRRA%3D%3D&rst=1086&ref=https://www.cpalead.com/offer.php&ap=192&be=1045&fe=1051&dc=1050&perf=%7B%22timing%22:%7B%22of%22:1584392711963,%22n%22:0,%22f%22:504,%22dn%22:504,%22dne%22:504,%22c%22:504,%22ce%22:504,%22rq%22:514,%22rp%22:1036,%22rpe%22:1037,%22dl%22:1039,%22di%22:1050,%22ds%22:1050,%22de%22:1050,%22dc%22:1050,%22l%22:1050,%22le%22:1051%7D,%22navigation%22:%7B%7D%7D&fp=1056&fcp=1056&at=QhYERANMTUo%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1167.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash

Request headers

Referer: https://www.cpalead.com/offer.php?id=5489303&pub=1001524
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: unlocklink.com
URL: https://unlocklink.com/redirect/action/1Ind0ZS0ucXMyKSE_sL_dXF7dGFzcA_eQ__eQ_Pyi?tsid=1001524&uc=1001524-775845532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://unlocklink.com/redirect/action/1Ind0ZS0ucXMyKSE_sL_dXF7dGFzcA_eQ__eQ_Pyi?tsid=1001524&uc=1001524-775845532
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 1901
date: Mon, 16 Mar 2020 20:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Mon, 16 Mar 2020 22:33:32 GMT

GET
H/1.1 200
OK Primary Request ntrial.html Show response
www.xsnews.nl/en/ 30 KB
9 KB 69ms
14ms Document
text/html 2001:67c:174:101:1:65:301:1
AS-ABAVIA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xsnews.nl/en/ntrial.html?a_aid=11266&a_bid=9af93a6a&data1=18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2
Requested by: Host: unlocklink.com
URL: https://unlocklink.com/redirect/action/1Ind0ZS0ucXMyKSE_sL_dXF7dGFzcA_eQ__eQ_Pyi?tsid=1001524&uc=1001524-775845532
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2001:67c:174:101:1:65:301:1 , San Marino, ASN48345 (AS-ABAVIA, IT),
Reverse DNS
Software: nginx /
Resource Hash: 51b275179f5b7056dfad28f16de9fd7ccfd4f72bcae106b31ed9c28b9d959768

Request headers

Host: www.xsnews.nl
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://unlocklink.com/redirect/action/1Ind0ZS0ucXMyKSE_sL_dXF7dGFzcA_eQ__eQ_Pyi?tsid=1001524&uc=1001524-775845532
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://unlocklink.com/redirect/action/1Ind0ZS0ucXMyKSE_sL_dXF7dGFzcA_eQ__eQ_Pyi?tsid=1001524&uc=1001524-775845532

Response headers

Server: nginx
Date: Mon, 16 Mar 2020 21:05:13 GMT
Content-Type: text/html; charset=utf-8
Last-Modified: Thu, 12 Mar 2020 10:55:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5e6a150f-776f"
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Content-Encoding: gzip

GET

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=307284085&t=pageview&_s=1&dl=https%3A%2F%2Funlocklink.com%2Fredirect%2Faction%2F1Ind0ZS0ucXMyKSE_sL_dXF7dGFzcA_eQ__eQ_Pyi%3Ftsid%3D1001524%26...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1672790-14&cid=942949315.1584392714&jid=1836093405&_gid=279885306.1584392714&gjid=2095769863&_v=j81&z=1730212854
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1672790-14&cid=942949315.1584392714&jid=1836093405&_v=j81&z=1730212854
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1672790-14&cid=942949315.1584392714&jid=1836093405&_v=j81&z=1730212854&slf_rd=1&random=3218141674

0
0

GET
H/1.1 200
OK v2.css
www.xsnews.nl/assets/ 180 KB
37 KB 16ms
15ms Stylesheet
text/css 2001:67c:174:101:1:65:301:1
AS-ABAVIA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xsnews.nl/assets/v2.css?v=98ac5cd7cc70b976d9fdb751cd2a6147
Requested by: Host: www.xsnews.nl
URL: https://www.xsnews.nl/en/ntrial.html?a_aid=11266&a_bid=9af93a6a&data1=18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2001:67c:174:101:1:65:301:1 , San Marino, ASN48345 (AS-ABAVIA, IT),
Reverse DNS
Software: nginx /
Resource Hash: f60cffea37220e3ef579b395482480242dd47039941655fc7faf45b116b73622

Request headers

Referer: https://www.xsnews.nl/en/ntrial.html?a_aid=11266&a_bid=9af93a6a&data1=18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Mon, 16 Mar 2020 21:05:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Feb 2020 09:10:33 GMT, : Monday, 16-Mar-2020 21:05:13 GMT
Server: nginx
ETag: W/"5e4cfb89-2d142"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Wed, 15 Apr 2020 21:05:13 GMT

GET
H/1.1 200
OK font-awesome.min.css
www.xsnews.nl/assets/ 28 KB
8 KB 36ms
12ms Stylesheet
text/css 2001:67c:174:101:1:65:301:1
AS-ABAVIA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xsnews.nl/assets/font-awesome.min.css
Requested by: Host: www.xsnews.nl
URL: https://www.xsnews.nl/en/ntrial.html?a_aid=11266&a_bid=9af93a6a&data1=18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2001:67c:174:101:1:65:301:1 , San Marino, ASN48345 (AS-ABAVIA, IT),
Reverse DNS
Software: nginx /
Resource Hash: 008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

Referer: https://www.xsnews.nl/en/ntrial.html?a_aid=11266&a_bid=9af93a6a&data1=18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Mon, 16 Mar 2020 21:05:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Apr 2019 11:48:45 GMT, : Monday, 16-Mar-2020 21:05:13 GMT
Server: nginx
ETag: W/"5ca5ef1d-7187"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Wed, 15 Apr 2020 21:05:13 GMT

GET
H/1.1 200
OK require.js Show response
www.xsnews.nl/js/ 26 KB
26 KB 48ms
24ms Script
application/javascript 2001:67c:174:101:1:65:301:1
AS-ABAVIA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xsnews.nl/js/require.js?v1.5
Requested by: Host: www.xsnews.nl
URL: https://www.xsnews.nl/en/ntrial.html?a_aid=11266&a_bid=9af93a6a&data1=18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2001:67c:174:101:1:65:301:1 , San Marino, ASN48345 (AS-ABAVIA, IT),
Reverse DNS
Software: nginx /
Resource Hash: 274aaf2881e92cc7efd29bf5c5bbf3330c5a9a4ecffd889e13ec495a18cbdfac

Request headers

Referer: https://www.xsnews.nl/en/ntrial.html?a_aid=11266&a_bid=9af93a6a&data1=18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 16 Mar 2020 21:05:13 GMT
Last-Modified: Mon, 23 Jul 2018 11:23:01 GMT, : Monday, 16-Mar-2020 21:05:13 GMT
Server: nginx
ETag: "5b55ba95-682e"
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26670
Expires: Wed, 15 Apr 2020 21:05:13 GMT

GET
H/1.1 200
OK xsnews-logo.png
www.xsnews.nl/img/ 12 KB
13 KB 38ms
13ms Image
image/png 2001:67c:174:101:1:65:301:1
AS-ABAVIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xsnews.nl/img/xsnews-logo.png

Requested by

Host: www.xsnews.nl
URL: https://www.xsnews.nl/en/ntrial.html?a_aid=11266&a_bid=9af93a6a&data1=18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2001:67c:174:101:1:65:301:1 , San Marino, ASN48345 (AS-ABAVIA, IT),

Reverse DNS

Software

nginx /

Resource Hash

670f8b79e251748bef73cf82479cc6b313701ccf7bc8c6f115a565c42e8f09c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.xsnews.nl/en/ntrial.html?a_aid=11266&a_bid=9af93a6a&data1=18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 16 Mar 2020 21:05:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 23 Jul 2018 11:23:01 GMT
Server: nginx
ETag: "5b55ba95-300f"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=2592000
Feature-Policy: accelerometer 'none';ambient-light-sensor 'none';autoplay 'none';camera 'none';encrypted-media 'none';fullscreen 'self';geolocation 'none';gyroscope 'none';magnetometer 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none';speaker 'none';sync-xhr 'none';usb 'none';vibrate 'none';vr 'none';
Strict-Transport-Security: max-age=15552000;
Accept-Ranges: bytes
Content-Length: 12303
X-XSS-Protection: 1; mode=block
Expires: Wed, 15 Apr 2020 21:05:13 GMT

GET
H/1.1 200
OK stap1.png
www.xsnews.nl/img/trial/ 11 KB
12 KB 38ms
14ms Image
image/png 2001:67c:174:101:1:65:301:1
AS-ABAVIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xsnews.nl/img/trial/stap1.png

Requested by

Host: www.xsnews.nl
URL: https://www.xsnews.nl/en/ntrial.html?a_aid=11266&a_bid=9af93a6a&data1=18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2001:67c:174:101:1:65:301:1 , San Marino, ASN48345 (AS-ABAVIA, IT),

Reverse DNS

Software

nginx /

Resource Hash

531243f95960d98b8a1d779bbff1a6cd0f0cbc16134f92b776fd3948068aba43

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.xsnews.nl/en/ntrial.html?a_aid=11266&a_bid=9af93a6a&data1=18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 16 Mar 2020 21:05:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 04 Apr 2019 11:48:45 GMT
Server: nginx
ETag: "5ca5ef1d-2b79"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=2592000
Feature-Policy: accelerometer 'none';ambient-light-sensor 'none';autoplay 'none';camera 'none';encrypted-media 'none';fullscreen 'self';geolocation 'none';gyroscope 'none';magnetometer 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none';speaker 'none';sync-xhr 'none';usb 'none';vibrate 'none';vr 'none';
Strict-Transport-Security: max-age=15552000;
Accept-Ranges: bytes
Content-Length: 11129
X-XSS-Protection: 1; mode=block
Expires: Wed, 15 Apr 2020 21:05:13 GMT

GET
H/1.1 200
OK vinkje-red.png
www.xsnews.nl/img/trial/ 558 B
1 KB 39ms
14ms Image
image/png 2001:67c:174:101:1:65:301:1
AS-ABAVIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xsnews.nl/img/trial/vinkje-red.png

Requested by

Host: www.xsnews.nl
URL: https://www.xsnews.nl/en/ntrial.html?a_aid=11266&a_bid=9af93a6a&data1=18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2001:67c:174:101:1:65:301:1 , San Marino, ASN48345 (AS-ABAVIA, IT),

Reverse DNS

Software

nginx /

Resource Hash

bb76c17ca821914173910395ee0de25860100491e52bfa68f11caabcc6b56be7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.xsnews.nl/en/ntrial.html?a_aid=11266&a_bid=9af93a6a&data1=18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 16 Mar 2020 21:05:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 04 Apr 2019 11:48:45 GMT
Server: nginx
ETag: "5ca5ef1d-22e"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=2592000
Feature-Policy: accelerometer 'none';ambient-light-sensor 'none';autoplay 'none';camera 'none';encrypted-media 'none';fullscreen 'self';geolocation 'none';gyroscope 'none';magnetometer 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none';speaker 'none';sync-xhr 'none';usb 'none';vibrate 'none';vr 'none';
Strict-Transport-Security: max-age=15552000;
Accept-Ranges: bytes
Content-Length: 558
X-XSS-Protection: 1; mode=block
Expires: Wed, 15 Apr 2020 21:05:13 GMT

GET
H/1.1 200
OK mailicon.png
www.xsnews.nl/img/ 6 KB
7 KB 12ms
12ms Image
image/png 2001:67c:174:101:1:65:301:1
AS-ABAVIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xsnews.nl/img/mailicon.png

Requested by

Host: www.xsnews.nl
URL: https://www.xsnews.nl/en/ntrial.html?a_aid=11266&a_bid=9af93a6a&data1=18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2001:67c:174:101:1:65:301:1 , San Marino, ASN48345 (AS-ABAVIA, IT),

Reverse DNS

Software

nginx /

Resource Hash

5b669b76f0089da40600d7ad5756d0837aad54b6019e2b567ae90223e6445e05

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.xsnews.nl/en/ntrial.html?a_aid=11266&a_bid=9af93a6a&data1=18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 16 Mar 2020 21:05:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 19 Dec 2019 11:09:40 GMT
Server: nginx
ETag: "5dfb5a74-1783"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=2592000
Feature-Policy: accelerometer 'none';ambient-light-sensor 'none';autoplay 'none';camera 'none';encrypted-media 'none';fullscreen 'self';geolocation 'none';gyroscope 'none';magnetometer 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none';speaker 'none';sync-xhr 'none';usb 'none';vibrate 'none';vr 'none';
Strict-Transport-Security: max-age=15552000;
Accept-Ranges: bytes
Content-Length: 6019
X-XSS-Protection: 1; mode=block
Expires: Wed, 15 Apr 2020 21:05:13 GMT

GET
H/1.1 200
OK verloop.png
www.xsnews.nl/img/trial/ 11 KB
12 KB 13ms
13ms Image
image/png 2001:67c:174:101:1:65:301:1
AS-ABAVIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xsnews.nl/img/trial/verloop.png

Requested by

Host: www.xsnews.nl
URL: https://www.xsnews.nl/en/ntrial.html?a_aid=11266&a_bid=9af93a6a&data1=18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2001:67c:174:101:1:65:301:1 , San Marino, ASN48345 (AS-ABAVIA, IT),

Reverse DNS

Software

nginx /

Resource Hash

452b2e5818ff60f4077d79a436d2cb5bd72a3224769b22de9b4e04d8ebae33cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.xsnews.nl/assets/v2.css?v=98ac5cd7cc70b976d9fdb751cd2a6147
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 16 Mar 2020 21:05:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 04 Apr 2019 11:48:45 GMT
Server: nginx
ETag: "5ca5ef1d-2bc3"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=2592000
Feature-Policy: accelerometer 'none';ambient-light-sensor 'none';autoplay 'none';camera 'none';encrypted-media 'none';fullscreen 'self';geolocation 'none';gyroscope 'none';magnetometer 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none';speaker 'none';sync-xhr 'none';usb 'none';vibrate 'none';vr 'none';
Strict-Transport-Security: max-age=15552000;
Accept-Ranges: bytes
Content-Length: 11203
X-XSS-Protection: 1; mode=block
Expires: Wed, 15 Apr 2020 21:05:13 GMT

GET
H/1.1 200
OK main-built.js Show response
www.xsnews.nl/js/ 300 KB
300 KB 14ms
13ms Script
application/javascript 2001:67c:174:101:1:65:301:1
AS-ABAVIA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xsnews.nl/js/main-built.js?v98ac5cd7cc70b976d9fdb751cd2a6147
Requested by: Host: www.xsnews.nl
URL: https://www.xsnews.nl/js/require.js?v1.5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2001:67c:174:101:1:65:301:1 , San Marino, ASN48345 (AS-ABAVIA, IT),
Reverse DNS
Software: nginx /
Resource Hash: 552c448d89d33d07eb067045ae8b62feaf88252fa81f6e13121116f4d0298420

Request headers

Referer: https://www.xsnews.nl/en/ntrial.html?a_aid=11266&a_bid=9af93a6a&data1=18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 16 Mar 2020 21:05:13 GMT
Last-Modified: Thu, 12 Mar 2020 12:06:45 GMT, : Monday, 16-Mar-2020 21:05:13 GMT
Server: nginx
ETag: "5e6a25d5-4aeda"
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 306906
Expires: Wed, 15 Apr 2020 21:05:13 GMT

GET
H/1.1 200
OK follow Show response
www.xsnews.nl/action/other/ 9 B
1003 B 98ms
97ms XHR
text/html 2001:67c:174:101:1:65:301:1
AS-ABAVIA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xsnews.nl/action/other/follow?a_aid=11266&a_bid=9af93a6a&data1=18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2&origin=https://unlocklink.com/redirect/action/1Ind0ZS0ucXMyKSE_sL_dXF7dGFzcA_eQ__eQ_Pyi?tsid=1001524&uc=1001524-775845532

Requested by

Host: www.xsnews.nl
URL: https://www.xsnews.nl/js/main-built.js?v98ac5cd7cc70b976d9fdb751cd2a6147

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2001:67c:174:101:1:65:301:1 , San Marino, ASN48345 (AS-ABAVIA, IT),

Reverse DNS

Software

nginx /

Resource Hash

955dd0ce723f90afe5c7a9811b6115ce9e6f518e06bb892de7c3f6ad30feb83b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.xsnews.nl/en/ntrial.html?a_aid=11266&a_bid=9af93a6a&data1=18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Mar 2020 21:05:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Feature-Policy: accelerometer 'none';ambient-light-sensor 'none';autoplay 'none';camera 'none';encrypted-media 'none';fullscreen 'self';geolocation 'none';gyroscope 'none';magnetometer 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none';speaker 'none';sync-xhr 'none';usb 'none';vibrate 'none';vr 'none';
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000;
P3P: CP="We have no P3P policy."
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
X-XSS-Protection: 1; mode=block
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK trial.js Show response
www.xsnews.nl/js/ 11 KB
11 KB 12ms
12ms Script
application/javascript 2001:67c:174:101:1:65:301:1
AS-ABAVIA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xsnews.nl/js/trial.js?version=98ac5cd7cc70b976d9fdb751cd2a6147
Requested by: Host: www.xsnews.nl
URL: https://www.xsnews.nl/js/require.js?v1.5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2001:67c:174:101:1:65:301:1 , San Marino, ASN48345 (AS-ABAVIA, IT),
Reverse DNS
Software: nginx /
Resource Hash: 771579e6cb26c87729e868557161c7888d30fc373a15fbb32a52549a3043ab96

Request headers

Referer: https://www.xsnews.nl/en/ntrial.html?a_aid=11266&a_bid=9af93a6a&data1=18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 16 Mar 2020 21:05:13 GMT
Last-Modified: Tue, 10 Mar 2020 16:44:23 GMT, : Monday, 16-Mar-2020 21:05:13 GMT
Server: nginx
ETag: "5e67c3e7-2b00"
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11008
Expires: Wed, 15 Apr 2020 21:05:13 GMT

GET
H/1.1 200
OK analytics.js Show response
www.xsnews.nl/js/ 512 B
893 B 13ms
12ms Script
application/javascript 2001:67c:174:101:1:65:301:1
AS-ABAVIA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xsnews.nl/js/analytics.js?version=98ac5cd7cc70b976d9fdb751cd2a6147
Requested by: Host: www.xsnews.nl
URL: https://www.xsnews.nl/js/require.js?v1.5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2001:67c:174:101:1:65:301:1 , San Marino, ASN48345 (AS-ABAVIA, IT),
Reverse DNS
Software: nginx /
Resource Hash: 9e71d156787068098207422ebfe2ba4e93ac11d969418a71758597a22c7571c6

Request headers

Referer: https://www.xsnews.nl/en/ntrial.html?a_aid=11266&a_bid=9af93a6a&data1=18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 16 Mar 2020 21:05:13 GMT
Last-Modified: Mon, 23 Jul 2018 11:23:01 GMT, : Monday, 16-Mar-2020 21:05:13 GMT
Server: nginx
ETag: "5b55ba95-200"
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 512
Expires: Wed, 15 Apr 2020 21:05:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.xsnews.nl
URL: https://www.xsnews.nl/js/analytics.js?version=98ac5cd7cc70b976d9fdb751cd2a6147

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.xsnews.nl/en/ntrial.html?a_aid=11266&a_bid=9af93a6a&data1=18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 1901
date: Mon, 16 Mar 2020 20:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Mon, 16 Mar 2020 22:33:32 GMT

GET
H/1.1 200
OK jquery.select-to-autocomplete.js Show response
www.xsnews.nl/js/ 12 KB
12 KB 13ms
13ms Script
application/javascript 2001:67c:174:101:1:65:301:1
AS-ABAVIA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xsnews.nl/js/jquery.select-to-autocomplete.js?version=98ac5cd7cc70b976d9fdb751cd2a6147
Requested by: Host: www.xsnews.nl
URL: https://www.xsnews.nl/js/require.js?v1.5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2001:67c:174:101:1:65:301:1 , San Marino, ASN48345 (AS-ABAVIA, IT),
Reverse DNS
Software: nginx /
Resource Hash: cefc93f44d4f00fa859a8c31a047e9da2a5d00dcae5c708290a34fb364a16103

Request headers

Referer: https://www.xsnews.nl/en/ntrial.html?a_aid=11266&a_bid=9af93a6a&data1=18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 16 Mar 2020 21:05:14 GMT
Last-Modified: Mon, 23 Jul 2018 11:23:01 GMT, : Monday, 16-Mar-2020 21:05:14 GMT
Server: nginx
ETag: "5b55ba95-2e6f"
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11887
Expires: Wed, 15 Apr 2020 21:05:14 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=168733417&t=pageview&_s=1&dl=https%3A%2F%2Fwww.xsnews.nl%2Fen%2Fntrial.html%3Fa_aid%3D11266%26a_bid%3D9af93a6a%26data1%3D18031631_19_0_ea7_67...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-49052953-1&cid=1429124720.1584392714&jid=1185133022&_gid=736210876.1584392714&gjid=1897948538&_v=j81&z=1817675865
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-49052953-1&cid=1429124720.1584392714&jid=1185133022&_v=j81&z=1817675865
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-49052953-1&cid=1429124720.1584392714&jid=1185133022&_v=j81&z=1817675865&slf_rd=1&random=329556019

42 B
109 B

18ms
18ms

Image
image/gif

2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-49052953-1&cid=1429124720.1584392714&jid=1185133022&_v=j81&z=1817675865&slf_rd=1&random=329556019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xsnews.nl/en/ntrial.html?a_aid=11266&a_bid=9af93a6a&data1=18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Mar 2020 21:05:14 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 16 Mar 2020 21:05:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-49052953-1&cid=1429124720.1584392714&jid=1185133022&_v=j81&z=1817675865&slf_rd=1&random=329556019
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK begin Show response
www.xsnews.nl/action/trial/ 41 B
895 B 38ms
38ms XHR
application/json 2001:67c:174:101:1:65:301:1
AS-ABAVIA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xsnews.nl/action/trial/begin?lang=en&_=1584392713956

Requested by

Host: www.xsnews.nl
URL: https://www.xsnews.nl/js/main-built.js?v98ac5cd7cc70b976d9fdb751cd2a6147

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2001:67c:174:101:1:65:301:1 , San Marino, ASN48345 (AS-ABAVIA, IT),

Reverse DNS

Software

nginx /

Resource Hash

e9b90f86e0f01a19b8add0d82e169039bab8b3e8f8010095c7f8c3b732e2e3e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.xsnews.nl/en/ntrial.html?a_aid=11266&a_bid=9af93a6a&data1=18031631_19_0_ea7_67df55_640_80_5e6fea09_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Mar 2020 21:05:14 GMT
X-Content-Type-Options: nosniff
Server: nginx
Feature-Policy: accelerometer 'none';ambient-light-sensor 'none';autoplay 'none';camera 'none';encrypted-media 'none';fullscreen 'self';geolocation 'none';gyroscope 'none';magnetometer 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none';speaker 'none';sync-xhr 'none';usb 'none';vibrate 'none';vr 'none';
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000;
P3P: CP="We have no P3P policy."
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/json
X-XSS-Protection: 1; mode=block
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1672790-14&cid=942949315.1584392714&jid=1836093405&_v=j81&z=1730212854&slf_rd=1&random=3218141674

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.xsnews.nl/js/main-built.js?v98ac5cd7cc70b976d9fdb751cd2a6147(Line 53) Message: handleBanner called
console-api	log	URL: https://www.xsnews.nl/js/main-built.js?v98ac5cd7cc70b976d9fdb751cd2a6147(Line 53) Message: Set language to en

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cpalead.com
js-agent.newrelic.com
stats.g.doubleclick.net
unlocklink.com
viral481.com
www.cpalead.com
www.google-analytics.com
www.google.com
www.google.de
www.xsnews.nl
www.google.de
104.26.0.163
104.27.156.197
151.101.14.110
162.247.242.19
2001:67c:174:101:1:65:301:1
2606:4700:3033::681b:bfe7
2a00:1450:4001:814::200e
2a00:1450:4001:820::2003
2a00:1450:4001:824::2004
2a00:1450:400c:c0c::9a
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
274aaf2881e92cc7efd29bf5c5bbf3330c5a9a4ecffd889e13ec495a18cbdfac
452b2e5818ff60f4077d79a436d2cb5bd72a3224769b22de9b4e04d8ebae33cc
51b275179f5b7056dfad28f16de9fd7ccfd4f72bcae106b31ed9c28b9d959768
531243f95960d98b8a1d779bbff1a6cd0f0cbc16134f92b776fd3948068aba43
552c448d89d33d07eb067045ae8b62feaf88252fa81f6e13121116f4d0298420
57ad677c8010a653d6dcd3deccf5e5c3da24fcef75bb84617b06f70bbd582683
5b669b76f0089da40600d7ad5756d0837aad54b6019e2b567ae90223e6445e05
670f8b79e251748bef73cf82479cc6b313701ccf7bc8c6f115a565c42e8f09c6
771579e6cb26c87729e868557161c7888d30fc373a15fbb32a52549a3043ab96
955dd0ce723f90afe5c7a9811b6115ce9e6f518e06bb892de7c3f6ad30feb83b
97df9c086a55dd80f967aeeb9582e84c69a51a4fef8ff3d8468dba0d8fcc09d0
9e71d156787068098207422ebfe2ba4e93ac11d969418a71758597a22c7571c6
bb76c17ca821914173910395ee0de25860100491e52bfa68f11caabcc6b56be7
cefc93f44d4f00fa859a8c31a047e9da2a5d00dcae5c708290a34fb364a16103
e9b90f86e0f01a19b8add0d82e169039bab8b3e8f8010095c7f8c3b732e2e3e3
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
eb05e19de22068e21bd03cb79dacf493fc7f85d8880758eed4201bd81071e4b0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f60cffea37220e3ef579b395482480242dd47039941655fc7faf45b116b73622

www.xsnews.nl Open in urlscan Pro 2001:67c:174:101:1:65:301:1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

96 %HTTPS

60 %IPv6

10 Domains

11 Subdomains

9 IPs

4 Countries

519 kBTransfer

806 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

0 Cookies

2 Console Messages

Security Headers

www.xsnews.nl Open in urlscan Pro
2001:67c:174:101:1:65:301:1 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

96 %
HTTPS

60 %
IPv6

10
Domains

11
Subdomains

9
IPs

4
Countries

519 kB
Transfer

806 kB
Size

0
Cookies

26 HTTP transactions
0 data transactions