urlscan.io logo urlscan.io
SecurityTrails logo

tbc-post.primetime.be Open in urlscan Pro
159.65.204.40  Public Scan

Go To Rescan Add Verdict Report
URL: https://tbc-post.primetime.be/
Submission: On October 06 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 9 domains to perform 26 HTTP transactions. The main IP is 159.65.204.40, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is tbc-post.primetime.be.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on August 7th 2021. Valid for: 3 months.
This is the only time tbc-post.primetime.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    159.65.204.40 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
tbc-post.primetime.be
3    2600:9000:2156:8800:f:544d:dfc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
press-cdn.prezly.com
2    2a04:4e42:600::282 (United States)

ASN54113 (FASTLY, US)
cdn.polyfill.io
6    2a02:26f0:6c00::210:bb89 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.uc.assets.prezly.com
10    104.16.168.131 (None, )

ASN13335 (CLOUDFLARENET, US)
hcaptcha.com
newassets.hcaptcha.com
1    2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
1    2600:9000:2156:d200:b:8bfe:ac40:93a1 (United States)

ASN16509 (AMAZON-02, US)
analytics-cdn.prezly.com
2    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    13.248.153.233 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac164a79b979eeac6.awsglobalaccelerator.com
analytics.prezly.com
Domain Requested by
7 newassets.hcaptcha.com tbc-post.primetime.be
hcaptcha.com
browser.sentry-cdn.com
newassets.hcaptcha.com
6 cdn.uc.assets.prezly.com tbc-post.primetime.be
3 hcaptcha.com 1 redirects newassets.hcaptcha.com
3 press-cdn.prezly.com tbc-post.primetime.be
2 ssl.google-analytics.com 1 redirects tbc-post.primetime.be
2 cdn.polyfill.io tbc-post.primetime.be
1 analytics.prezly.com browser.sentry-cdn.com
1 www.google.de tbc-post.primetime.be
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 analytics-cdn.prezly.com tbc-post.primetime.be
1 browser.sentry-cdn.com tbc-post.primetime.be
1 tbc-post.primetime.be
26 13

This site contains links to these domains. Also see Links.

Domain
hcaptcha.com
www.prezly.com
Subject Issuer Validity Valid
tbc-post.primetime.be
ZeroSSL RSA Domain Secure Site CA		 2021-08-07 -
2021-11-05		 3 months crt.sh
*.prezly.com
Amazon		 2021-02-10 -
2022-03-11		 a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2020		 2021-06-04 -
2022-07-06		 a year crt.sh
cdn.uc.assets.prezly.com
R3		 2021-10-03 -
2022-01-01		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-15 -
2022-06-14		 a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-02-22 -
2022-03-26		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 3 frames:

Primary Page: https://tbc-post.primetime.be/
Frame ID: 5025F14CB57C678EAA07BD7CDC30832D
Requests: 19 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/be86e98/static/hcaptcha-challenge.html
Frame ID: 588F2192B874EEE703B9D5D9E9D67812
Requests: 3 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/be86e98/static/hcaptcha-checkbox.html
Frame ID: 0FF3A03B0C568D8EBAF7518034BC2888
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TBC-Post - Pressroom

Detected technologies

Overall confidence: 100%
Detected patterns
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • ^https?://cdn\.polyfill\.io/
  • /polyfill\.min\.js

Page Statistics

26
Requests

100 %
HTTPS

75 %
IPv6

9
Domains

13
Subdomains

11
IPs

5
Countries

1012 kB
Transfer

2395 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://hcaptcha.com/1/api.js?onload=onSubscribeFormSubmit_615dd771ef657&render=explicit&hl=nl HTTP 302
  • https://newassets.hcaptcha.com/captcha/v1/be86e98/hcaptcha.js
Request Chain 15
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=946904085&utmhn=tbc-post.primetime.be&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=TBC-Post%20-%20Pressroom&utmhid=1548541112&utmr=-&utmp=%2F&utmht=1633539954858&utmac=UA-11267405-1&utmcc=__utma%3D174973799.46685955.1633539955.1633539955.1633539955.1%3B%2B__utmz%3D174973799.1633539955.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=1856300153&utmredir=1&utmu=qgQAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-11267405-1&cid=46685955.1633539955&jid=1856300153&_v=5.7.2&z=946904085 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11267405-1&cid=46685955.1633539955&jid=1856300153&_v=5.7.2&z=946904085 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11267405-1&cid=46685955.1633539955&jid=1856300153&_v=5.7.2&z=946904085&slf_rd=1&random=2898105148

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tbc-post.primetime.be/ 		61 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tbc-post.primetime.be/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.65.204.40 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
ae0c1187ce7aca715785339f17d9ae3b31e9ccdfb8645e921185fca9229a676e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://rock.prezly.com; upgrade-insecure-requests; report-uri https://prezly.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options NOSNIFF
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tbc-post.primetime.be
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 06 Oct 2021 17:05:54 GMT
content-type
text/html; charset=utf-8
content-length
19560
x-content-type-options
NOSNIFF
x-frame-options
SAMEORIGIN
content-security-policy-report-only
block-all-mixed-content; report-uri https://prezly.report-uri.com/r/d/csp/reportOnly
content-security-policy
frame-ancestors 'self' https://rock.prezly.com; upgrade-insecure-requests; report-uri https://prezly.report-uri.com/r/d/csp/enforce
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=15724800; includeSubDomains
x-protected-by
Sqreen
x-newsroom
76134d9816f6760e3608beae66ad5d5bf7d0ab47
vary
Accept-Encoding,Origin
content-encoding
gzip
x-xss-protection
1; mode=block
x-cache
HIT
x-varnish
2359564
age
0
via
1.1 varnish (Varnish/6.3)
section-io-cache
Miss
accept-ranges
bytes
section-io-id
2d8d97c33da0388c13cb41377c2028e8
5823.css
press-cdn.prezly.com/style/ 		211 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://press-cdn.prezly.com/style/5823.css?u=1622554200&d=ltr&v=6d4b5417689673eb5d8d
Requested by
Host: tbc-post.primetime.be
URL: https://tbc-post.primetime.be/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8800:f:544d:dfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
388da0fc6a965d142c4ab81f5d01d7a97d65cb0671632c8ab7b293053acb93a0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://rock.prezly.com; upgrade-insecure-requests; report-uri https://prezly.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options NOSNIFF
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tbc-post.primetime.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 13:44:39 GMT
content-encoding
gzip
x-content-type-options
NOSNIFF
x-newsroom
76134d9816f6760e3608beae66ad5d5bf7d0ab47
age
12075
content-security-policy-report-only
block-all-mixed-content; report-uri https://prezly.report-uri.com/r/d/csp/reportOnly
x-edge-origin-shield-skipped
0
x-protected-by
Sqreen
x-cache
Hit from cloudfront
section-io-cache
Miss
vary
Accept-Encoding,Origin
content-length
30299
x-xss-protection
1; mode=block
access-control-allow-origin
*
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15724800; includeSubDomains
x-varnish
33952
via
1.1 varnish (Varnish/6.3), 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control
public,max-age=86400
access-control-allow-credentials
true
section-io-id
344fb6efafc5422e6fb911508b698c41
content-security-policy
frame-ancestors 'self' https://rock.prezly.com; upgrade-insecure-requests; report-uri https://prezly.report-uri.com/r/d/csp/enforce
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
text/css; charset=utf-8
x-amz-cf-id
HJNmTwShH2JfezOYg9chcfYewqNSo8ozx7hMlWDSvIKsJL8NT9vrzA==
expires
Fri, 05 Nov 2021 13:44:39 GMT
polyfill.min.js
cdn.polyfill.io/v3/ 		101 B
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017&flags=gated
Requested by
Host: tbc-post.primetime.be
URL: https://tbc-post.primetime.be/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tbc-post.primetime.be/
Origin
https://tbc-post.primetime.be
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
1783391
detected-user-agent
Chrome/93.0.4577
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=2
content-length
101
referrer-policy
origin-when-cross-origin
last-modified
Wed, 15 Sep 2021 13:37:31 GMT
date
Wed, 06 Oct 2021 17:05:56 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/93.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
/
cdn.uc.assets.prezly.com/66348a76-b319-4273-be87-e4edf989cc13/-/preview/400x400/-/quality/best/-/format/auto/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.uc.assets.prezly.com/66348a76-b319-4273-be87-e4edf989cc13/-/preview/400x400/-/quality/best/-/format/auto/
Requested by
Host: tbc-post.primetime.be
URL: https://tbc-post.primetime.be/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e7984a915d3e470c25a8a126a4bfa5fd258a7c526cd54e0533c91170023adb0c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tbc-post.primetime.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 17:05:55 GMT
x-image-width
400
server
nginx
etag
"dbd940ad9a93c633e7984d9982eb3e22"
content-disposition
inline
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control
public, max-age=31556913
x-image-height
256
content-length
7482
/
cdn.uc.assets.prezly.com/c7efd33c-f221-43b8-befb-cd221fcee3d3/-/preview/500x500/-/quality/best/-/format/auto/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.uc.assets.prezly.com/c7efd33c-f221-43b8-befb-cd221fcee3d3/-/preview/500x500/-/quality/best/-/format/auto/
Requested by
Host: tbc-post.primetime.be
URL: https://tbc-post.primetime.be/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
553d7d2cdbfeec17e5639129aadcee85b9429cb77a7bdcf7440ee52f4caf7628

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tbc-post.primetime.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 17:05:56 GMT
x-image-width
500
server
nginx
etag
"5cc4231e02859d0de933c99d6632c8d3"
content-disposition
inline
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control
public, max-age=31556879
x-image-height
333
content-length
81896
/
cdn.uc.assets.prezly.com/4794b78e-317c-429f-8a77-3e25d986c1b4/-/preview/500x500/-/quality/best/-/format/auto/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.uc.assets.prezly.com/4794b78e-317c-429f-8a77-3e25d986c1b4/-/preview/500x500/-/quality/best/-/format/auto/
Requested by
Host: tbc-post.primetime.be
URL: https://tbc-post.primetime.be/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a1d3d99974a953c1914d3306b1285e80f4570f01df0f538eb9215f6a098881f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tbc-post.primetime.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 17:05:55 GMT
x-image-width
500
server
nginx
etag
"4b02d88def9c4e3aa4949afcaea70474"
content-disposition
inline
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control
public, max-age=31556926
x-image-height
147
content-length
15654
/
cdn.uc.assets.prezly.com/2da569a5-bfbd-44a2-8234-fd1b91f8040d/-/preview/500x500/-/quality/best/-/format/auto/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.uc.assets.prezly.com/2da569a5-bfbd-44a2-8234-fd1b91f8040d/-/preview/500x500/-/quality/best/-/format/auto/
Requested by
Host: tbc-post.primetime.be
URL: https://tbc-post.primetime.be/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
553d7d2cdbfeec17e5639129aadcee85b9429cb77a7bdcf7440ee52f4caf7628

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tbc-post.primetime.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 17:05:56 GMT
x-image-width
500
server
nginx
etag
"39cf692fb74c26ec415f19deb06a628a"
content-disposition
inline
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control
public, max-age=31556906
x-image-height
333
content-length
81896
/
cdn.uc.assets.prezly.com/0667c727-ae82-417f-81a9-db5da95e6e78/-/preview/500x500/-/quality/best/-/format/auto/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.uc.assets.prezly.com/0667c727-ae82-417f-81a9-db5da95e6e78/-/preview/500x500/-/quality/best/-/format/auto/
Requested by
Host: tbc-post.primetime.be
URL: https://tbc-post.primetime.be/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
553d7d2cdbfeec17e5639129aadcee85b9429cb77a7bdcf7440ee52f4caf7628

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tbc-post.primetime.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 17:05:56 GMT
x-image-width
500
server
nginx
etag
"53e54de77f8912d8b3b6c46646cf6700"
content-disposition
inline
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control
public, max-age=31556926
x-image-height
333
content-length
81896
/
cdn.uc.assets.prezly.com/254ceb0e-a52a-408c-9d0a-69eca0951cc8/-/preview/500x500/-/quality/best/-/format/auto/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.uc.assets.prezly.com/254ceb0e-a52a-408c-9d0a-69eca0951cc8/-/preview/500x500/-/quality/best/-/format/auto/
Requested by
Host: tbc-post.primetime.be
URL: https://tbc-post.primetime.be/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
553d7d2cdbfeec17e5639129aadcee85b9429cb77a7bdcf7440ee52f4caf7628

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tbc-post.primetime.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 17:05:56 GMT
x-image-width
500
server
nginx
etag
"db003ee17b7d124e419b48ceb895ee95"
content-disposition
inline
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control
public, max-age=31556879
x-image-height
333
content-length
81896
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/be86e98/
Redirect Chain
  • https://hcaptcha.com/1/api.js?onload=onSubscribeFormSubmit_615dd771ef657&render=explicit&hl=nl
  • https://newassets.hcaptcha.com/captcha/v1/be86e98/hcaptcha.js
85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/be86e98/hcaptcha.js
Requested by
Host: tbc-post.primetime.be
URL: https://tbc-post.primetime.be/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
014d7a76e45a953d7ae1b5c5c125bbf7d93202d8d4441fb2ffa4e4f1f3e5e3a1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tbc-post.primetime.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 17:05:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15969
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
26839
last-modified
Wed, 06 Oct 2021 12:39:19 GMT
server
cloudflare
etag
"e3219a37fea030487c82fe62b8bcbd5f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/javascript
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
vary
Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
cf-ray
69a07a2ddfeb6957-FRA
x-amz-cf-id
kjYgJsaRpm26Dlqc0LO_ymXmBFai750DtwAYhaaKjNcjImlZivc1pw==

Redirect headers

date
Wed, 06 Oct 2021 17:05:54 GMT
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://newassets.hcaptcha.com/captcha/v1/be86e98/hcaptcha.js
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-ray
69a07a2d6e8a6957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
vendor.7e74ba83c392635ebfe9.js
press-cdn.prezly.com/press/new/build/ 		181 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://press-cdn.prezly.com/press/new/build/vendor.7e74ba83c392635ebfe9.js
Requested by
Host: tbc-post.primetime.be
URL: https://tbc-post.primetime.be/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8800:f:544d:dfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba6e39be9078842084011d0044829a44e394feebeaaf4fce4e501045032bfed6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tbc-post.primetime.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 20:55:26 GMT
content-encoding
gzip
last-modified
Fri, 01 Oct 2021 11:35:53 GMT
server
AmazonS3
age
418229
etag
W/"7e6551ce5425d42b77be66bfdb799b40"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
JF-L0RRyXlHkYflb8Dl7AC4HpiCoHWPbc1D-w1Fnl5pl3e1BrJmHsA==
prezly.a630ef7a453db04aeb17.js
press-cdn.prezly.com/press/new/build/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://press-cdn.prezly.com/press/new/build/prezly.a630ef7a453db04aeb17.js
Requested by
Host: tbc-post.primetime.be
URL: https://tbc-post.primetime.be/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8800:f:544d:dfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ed162bb99af63df305bd1ab9983fe2972d1750dc7470e066b0b225b68b1ee72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tbc-post.primetime.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 21:57:38 GMT
content-encoding
gzip
last-modified
Fri, 24 Sep 2021 15:33:49 GMT
server
AmazonS3
age
328097
etag
W/"278ae59bfafb949227bfc62db5e943c8"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
b9fo4qkKqMlW24GyMkPUyO-EOhM_eCAV_S3LsCR1TWLkFbZqzaQOSw==
bundle.min.js
browser.sentry-cdn.com/5.6.3/ 		51 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/5.6.3/bundle.min.js
Requested by
Host: tbc-post.primetime.be
URL: https://tbc-post.primetime.be/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
0f01986804ccab4ad80088b4d44e0c5850f0e4074fc73b96199ef8de026423d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://tbc-post.primetime.be/
Origin
https://tbc-post.primetime.be
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 17:05:54 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2019 15:37:32 GMT
server
Fastly
age
10393326
etag
"bca53b4b7a6f9ec6743634421740f8b7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
16655
expires
Wed, 08 Jun 2022 10:03:42 GMT
prezly.min.js
analytics-cdn.prezly.com/analytics.js/v1/d7726d0e-395b-46b7-8cec-5fa992d9fe42/ 		176 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics-cdn.prezly.com/analytics.js/v1/d7726d0e-395b-46b7-8cec-5fa992d9fe42/prezly.min.js?version=2018-09-20
Requested by
Host: tbc-post.primetime.be
URL: https://tbc-post.primetime.be/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d200:b:8bfe:ac40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
db88b25b031800416c599fbad555cfce9991120030dfd1caa70b994c917fbb1b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; report-uri https://prezly.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options NOSNIFF
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tbc-post.primetime.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 17:05:54 GMT
content-encoding
gzip
x-content-type-options
NOSNIFF
x-edge-origin-shield-skipped
0, 0
content-security-policy-report-only
block-all-mixed-content; report-uri https://prezly.report-uri.com/r/d/csp/reportOnly
x-cache
Miss from cloudfront
x-protected-by
Sqreen
vary
Accept-Encoding
content-length
53445
x-xss-protection
1; mode=block
access-control-allow-origin
*
server
Apache
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubdomains;
access-control-allow-methods
GET, HEAD, PATCH, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control
public, max-age=300
content-security-policy
upgrade-insecure-requests; report-uri https://prezly.report-uri.com/r/d/csp/enforce
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
TtFs6KYpal5inL7UVRodrzdpFYPofZxJrxq48dHdfhyBQL3iqRG6sw==
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: tbc-post.primetime.be
URL: https://tbc-post.primetime.be/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tbc-post.primetime.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
507
date
Wed, 06 Oct 2021 16:57:27 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Wed, 06 Oct 2021 18:57:27 GMT
polyfill.min.js
cdn.polyfill.io/v3/ 		101 B
172 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017&flags=gated
Requested by
Host: tbc-post.primetime.be
URL: https://tbc-post.primetime.be/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tbc-post.primetime.be/
Origin
https://tbc-post.primetime.be
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
1783391
detected-user-agent
Chrome/93.0.4577
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length
101
referrer-policy
origin-when-cross-origin
last-modified
Wed, 15 Sep 2021 13:37:31 GMT
date
Wed, 06 Oct 2021 17:05:56 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/93.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=946904085&utmhn=tbc-post.primetime.be&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-11267405-1&cid=46685955.1633539955&jid=1856300153&_v=5.7.2&z=946904085
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11267405-1&cid=46685955.1633539955&jid=1856300153&_v=5.7.2&z=946904085
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11267405-1&cid=46685955.1633539955&jid=1856300153&_v=5.7.2&z=946904085&slf_rd=1&random=2898105148
42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11267405-1&cid=46685955.1633539955&jid=1856300153&_v=5.7.2&z=946904085&slf_rd=1&random=2898105148
Requested by
Host: tbc-post.primetime.be
URL: https://tbc-post.primetime.be/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tbc-post.primetime.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Oct 2021 17:05:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 06 Oct 2021 17:05:54 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11267405-1&cid=46685955.1633539955&jid=1856300153&_v=5.7.2&z=946904085&slf_rd=1&random=2898105148
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hcaptcha-challenge.html
newassets.hcaptcha.com/captcha/v1/be86e98/static/ Frame 588F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/be86e98/static/hcaptcha-challenge.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=onSubscribeFormSubmit_615dd771ef657&render=explicit&hl=nl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
593749a11879cf409de05f9936a962592516f58f45820be986998ed254023860
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
newassets.hcaptcha.com
:scheme
https
:path
/captcha/v1/be86e98/static/hcaptcha-challenge.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tbc-post.primetime.be/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tbc-post.primetime.be/

Response headers

date
Wed, 06 Oct 2021 17:05:54 GMT
content-type
text/html
last-modified
Wed, 06 Oct 2021 12:39:18 GMT
cache-control
max-age=1209600
x-cache
Hit from cloudfront
via
1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
6u5r4x_AXa1qFm-dUUZifrHlgErcnfGSWxDyXtd3-Wb6FEcVElw4UQ==
age
15968
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
69a07a2e18a26957-FRA
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
hcaptcha-checkbox.html
newassets.hcaptcha.com/captcha/v1/be86e98/static/ Frame 0FF3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/be86e98/static/hcaptcha-checkbox.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=onSubscribeFormSubmit_615dd771ef657&render=explicit&hl=nl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bc39383b46ed6331b0787660bd363b0a4b509eb5ec4458140e1631c1ad24e78
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
newassets.hcaptcha.com
:scheme
https
:path
/captcha/v1/be86e98/static/hcaptcha-checkbox.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tbc-post.primetime.be/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tbc-post.primetime.be/

Response headers

date
Wed, 06 Oct 2021 17:05:54 GMT
content-type
text/html
last-modified
Wed, 06 Oct 2021 12:39:18 GMT
cache-control
max-age=1209600
x-cache
Hit from cloudfront
via
1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
vq7FmsYpv_1jRgfXi-LE_RhPTPocZrHLnLFM5tYnnaDdPlONo2Y5jA==
age
15969
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
69a07a2e18a66957-FRA
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
nl.json
newassets.hcaptcha.com/captcha/v1/be86e98/static/i18n/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/be86e98/static/i18n/nl.json
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.6.3/bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
549506c5cc351e1dc9280cfbec2df0045d65532f46ba3117389fc3ea9447211f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tbc-post.primetime.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 17:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3034
access-control-allow-origin
*
last-modified
Wed, 06 Oct 2021 12:39:18 GMT
server
cloudflare
etag
"5b6a887e9cca6f51a994af738ba4c191"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
via
1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
69a07a2e29c30eab-FRA
x-amz-cf-id
hHYcJPtz-bkJYV7I7cxCFd2HP0rMf38w7Q50NfPnjJ_rgUjvvz-WYg==
p
analytics.prezly.com/track/ 		15 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.prezly.com/track/p
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.6.3/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.153.233 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac164a79b979eeac6.awsglobalaccelerator.com
Software
Apache /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; report-uri https://prezly.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options NOSNIFF
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tbc-post.primetime.be/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Oct 2021 17:05:55 GMT
x-content-type-options
NOSNIFF
server
Apache
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, HEAD, PATCH, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
content-security-policy-report-only
block-all-mixed-content; report-uri https://prezly.report-uri.com/r/d/csp/reportOnly
cache-control
no-cache, no-store
x-protected-by
Sqreen
content-security-policy
upgrade-insecure-requests; report-uri https://prezly.report-uri.com/r/d/csp/enforce
strict-transport-security
max-age=63072000; includeSubdomains;
vary
Origin
content-length
15
x-xss-protection
1; mode=block
hcaptcha-checkbox.js
newassets.hcaptcha.com/captcha/v1/be86e98/ Frame 0FF3 		135 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/be86e98/hcaptcha-checkbox.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/be86e98/static/hcaptcha-checkbox.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f4cfa6b3b6a7df2b190acea9d5ab600812d40c718b9f66ec7363b7dc4dc8bac
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/be86e98/static/hcaptcha-checkbox.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 17:05:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15968
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43220
last-modified
Wed, 06 Oct 2021 12:39:19 GMT
server
cloudflare
etag
"8503fd19b94c4a989b06f23bb5936718"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/javascript
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
vary
Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
cf-ray
69a07a2e7cf74d89-FRA
x-amz-cf-id
0vqvlExiSpLyLZKjT5pJVUdziIY-u1sPhZWrh4bVdmaLCQlDm9jt1w==
hcaptcha-challenge.js
newassets.hcaptcha.com/captcha/v1/be86e98/ Frame 588F 		211 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/be86e98/hcaptcha-challenge.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/be86e98/static/hcaptcha-challenge.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f71d2e4792afa6fab2f50b4f2797ebc23991dc36370cef6b124eacbaeeb5c959
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/be86e98/static/hcaptcha-challenge.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 17:05:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15968
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
61119
last-modified
Wed, 06 Oct 2021 12:39:19 GMT
server
cloudflare
etag
"0fa6ffb743cd88c37ffbf4dc40c10259"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/javascript
via
1.1 e44e0b24e706487eaec6b9e01f2166dd.cloudfront.net (CloudFront)
vary
Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
cf-ray
69a07a2e7d0e4d89-FRA
x-amz-cf-id
hfCEdwLseYF5B7LKbK-j6TuInveeboldJ3cLNrYJRlWlMDHICuVYGw==
truncated
/ Frame 0FF3 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
checksiteconfig
hcaptcha.com/ Frame 0FF3 		508 B
894 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?host=tbc-post.primetime.be&sitekey=021a8994-d182-4ee3-9dc3-dbcbc115a053&sc=1&swa=1
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/be86e98/hcaptcha-checkbox.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f94f0a640e37a1aec7bad35fd9fdf5e819d8a2603c9b38e23862c3a4939f76d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Cache-Control
no-cache
Referer
https://newassets.hcaptcha.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Wed, 06 Oct 2021 17:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass
2
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-credentials
true
strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-ray
69a07a2f0e5d4d89-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
checksiteconfig
hcaptcha.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?host=tbc-post.primetime.be&sitekey=021a8994-d182-4ee3-9dc3-dbcbc115a053&sc=1&swa=1
Protocol
H3
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
cache-control,content-type
Origin
https://newassets.hcaptcha.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 06 Oct 2021 17:05:55 GMT
content-length
0
access-control-allow-origin
https://newassets.hcaptcha.com
vary
Origin, Accept-Encoding
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
69a07a2edacc0eab-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
hsw.js
newassets.hcaptcha.com/c/c45bac0f/ Frame 588F 		856 KB
322 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/c/c45bac0f/hsw.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/be86e98/hcaptcha-challenge.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79b1be42f06b4f8b805bbdedc37b25f642e6b18613f100dc444f7740487371c7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/be86e98/static/hcaptcha-challenge.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 17:05:55 GMT
via
1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
41
x-cache
Hit from cloudfront
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 05 Oct 2021 18:54:28 GMT
server
cloudflare
etag
W/"286336e1b56f0493a167bde22914760f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
FRA2-C1
cf-ray
69a07a2f2edc4d89-FRA
x-amz-cf-id
rRL2w2OMzV7FEcPWpylxOfIKxOzZufWqqSpnk2emBFS5jMhuPHkIzQ==

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster object| analytics object| _gaq object| webpackJsonp function| jQuery function| $ object| SocialShareKit object| Prezly object| Sentry object| __SENTRY__ object| _gat object| gaGlobal object| hcaptcha object| grecaptcha function| normalize

8 Cookies

Domain/Path Name / Value
.tbc-post.primetime.be/ Name: __utma
Value: 174973799.46685955.1633539955.1633539955.1633539955.1
.tbc-post.primetime.be/ Name: __utmc
Value: 174973799
.tbc-post.primetime.be/ Name: __utmz
Value: 174973799.1633539955.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.tbc-post.primetime.be/ Name: __utmt
Value: 1
.tbc-post.primetime.be/ Name: __utmb
Value: 174973799.1.10.1633539955
.tbc-post.primetime.be/ Name: ajs_user_id
Value: null
.tbc-post.primetime.be/ Name: ajs_group_id
Value: null
.tbc-post.primetime.be/ Name: ajs_anonymous_id
Value: %22dd62273c-8d09-49fd-921d-a9bbaccc89ae%22

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://rock.prezly.com; upgrade-insecure-requests; report-uri https://prezly.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options NOSNIFF
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics-cdn.prezly.com
analytics.prezly.com
browser.sentry-cdn.com
cdn.polyfill.io
cdn.uc.assets.prezly.com
hcaptcha.com
newassets.hcaptcha.com
press-cdn.prezly.com
ssl.google-analytics.com
stats.g.doubleclick.net
tbc-post.primetime.be
www.google.com
www.google.de
104.16.168.131
13.248.153.233
159.65.204.40
2600:9000:2156:8800:f:544d:dfc0:93a1
2600:9000:2156:d200:b:8bfe:ac40:93a1
2a00:1450:4001:801::2004
2a00:1450:4001:812::2008
2a00:1450:4001:830::2003
2a00:1450:400c:c06::9b
2a02:26f0:6c00::210:bb89
2a04:4e42:200::729
2a04:4e42:600::282
014d7a76e45a953d7ae1b5c5c125bbf7d93202d8d4441fb2ffa4e4f1f3e5e3a1
0f01986804ccab4ad80088b4d44e0c5850f0e4074fc73b96199ef8de026423d1
0f4cfa6b3b6a7df2b190acea9d5ab600812d40c718b9f66ec7363b7dc4dc8bac
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
2f94f0a640e37a1aec7bad35fd9fdf5e819d8a2603c9b38e23862c3a4939f76d
388da0fc6a965d142c4ab81f5d01d7a97d65cb0671632c8ab7b293053acb93a0
4ed162bb99af63df305bd1ab9983fe2972d1750dc7470e066b0b225b68b1ee72
549506c5cc351e1dc9280cfbec2df0045d65532f46ba3117389fc3ea9447211f
553d7d2cdbfeec17e5639129aadcee85b9429cb77a7bdcf7440ee52f4caf7628
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
593749a11879cf409de05f9936a962592516f58f45820be986998ed254023860
79b1be42f06b4f8b805bbdedc37b25f642e6b18613f100dc444f7740487371c7
9bc39383b46ed6331b0787660bd363b0a4b509eb5ec4458140e1631c1ad24e78
a1d3d99974a953c1914d3306b1285e80f4570f01df0f538eb9215f6a098881f6
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
ae0c1187ce7aca715785339f17d9ae3b31e9ccdfb8645e921185fca9229a676e
ba6e39be9078842084011d0044829a44e394feebeaaf4fce4e501045032bfed6
db88b25b031800416c599fbad555cfce9991120030dfd1caa70b994c917fbb1b
dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846
e7984a915d3e470c25a8a126a4bfa5fd258a7c526cd54e0533c91170023adb0c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f71d2e4792afa6fab2f50b4f2797ebc23991dc36370cef6b124eacbaeeb5c959