urlscan.io logo urlscan.io
SecurityTrails logo

nilafiq.sbs Open in urlscan Pro
143.198.24.213  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://trk.klclick3.com/ls/click?upn=u001.KrX8xM8qk6teV1TCTSTa-2BMG-2BlA4AlM8XdspotHLseeh6y2atbYdesOtAx9Zm4DtyM98rvBCQE5...
Effective URL: https://nilafiq.sbs/be/mypension/index.php?_kx=rAl0v2V-N_lSpGY3bCZ5IOeosqJzAnPO7JhQ5tY-I_4.UwnNG6
Submission: On July 29 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 10 domains to perform 9 HTTP transactions. The main IP is 143.198.24.213, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is nilafiq.sbs.
TLS certificate: Issued by R11 on July 26th 2024. Valid for: 3 months.
This is the only time nilafiq.sbs was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2600:9000:2394:1e00:9:ec94:b800:93a1 (United States)

ASN16509 (AMAZON-02, US)
trk.klclick3.com
1    162.210.100.212 (United States)

ASN32748 (STEADFAST, US)
PTR: orelfc.com
faithcentregh.com
2    143.198.24.213 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
nilafiq.sbs
2    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3.bp.blogspot.com
yt3.ggpht.com
1    2a00:1c98:1000:10d3:0:2:1658:3cce (Belgium)

ASN34762 (COMBELL-AS, BE)
www.onzenatuur.be
1    2a00:1450:4001:831::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play-lh.googleusercontent.com
1    2a02:ec80:300:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)
upload.wikimedia.org
1    2600:9000:2359:1400:11:4274:9d40:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.argenta.be
Apex Domain
Subdomains		 Transfer
2 nilafiq.sbs
nilafiq.sbs
2 MB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 215
77 KB
1 argenta.be
www.argenta.be
33 KB
1 wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 4162
55 KB
1 googleusercontent.com
play-lh.googleusercontent.com — Cisco Umbrella Rank: 324
22 KB
1 onzenatuur.be
www.onzenatuur.be
56 KB
1 blogspot.com
3.bp.blogspot.com — Cisco Umbrella Rank: 17124
11 KB
1 faithcentregh.com
faithcentregh.com
1 KB
1 klclick3.com
trk.klclick3.com — Cisco Umbrella Rank: 68653
444 B
0 kbc.com Failed
www.kbc.com Failed
9 10
Domain Requested by
2 nilafiq.sbs nilafiq.sbs
1 yt3.ggpht.com nilafiq.sbs
1 www.argenta.be nilafiq.sbs
1 upload.wikimedia.org nilafiq.sbs
1 play-lh.googleusercontent.com nilafiq.sbs
1 www.onzenatuur.be nilafiq.sbs
1 3.bp.blogspot.com nilafiq.sbs
1 faithcentregh.com 1 redirects
1 trk.klclick3.com 1 redirects
0 www.kbc.com Failed nilafiq.sbs
9 10

This site contains links to these domains. Also see Links.

Domain
www.mypension.be
Subject Issuer Validity Valid
nilafiq.sbs
R11		 2024-07-26 -
2024-10-24		 3 months crt.sh
misc-sni.blogspot.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
onzenatuur.be
R10		 2024-07-29 -
2024-10-27		 3 months crt.sh
edgestatic.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.wikipedia.org
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-10-18 -
2024-10-16		 a year crt.sh
argenta.be
DigiCert EV RSA CA G2		 2024-04-22 -
2025-04-21		 a year crt.sh
*.googleusercontent.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://nilafiq.sbs/be/mypension/index.php?_kx=rAl0v2V-N_lSpGY3bCZ5IOeosqJzAnPO7JhQ5tY-I_4.UwnNG6
Frame ID: 53E062216A8BA360886EB8B8F494E6F6
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MyPension | Pensioentoeslag

Page URL History Show full URLs

  1. https://trk.klclick3.com/ls/click?upn=u001.KrX8xM8qk6teV1TCTSTa-2BMG-2BlA4AlM8XdspotHLseeh6y2atbYdesO... HTTP 302
    https://faithcentregh.com/?_kx=rAl0v2V-N_lSpGY3bCZ5IOeosqJzAnPO7JhQ5tY-I_4.UwnNG6 HTTP 301
    https://nilafiq.sbs/be/mypension/index.php?_kx=rAl0v2V-N_lSpGY3bCZ5IOeosqJzAnPO7JhQ5tY-I_4.UwnNG6 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc\.clientlibs/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

9
Requests

89 %
HTTPS

75 %
IPv6

10
Domains

10
Subdomains

7
IPs

3
Countries

2252 kB
Transfer

3214 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://trk.klclick3.com/ls/click?upn=u001.KrX8xM8qk6teV1TCTSTa-2BMG-2BlA4AlM8XdspotHLseeh6y2atbYdesOtAx9Zm4DtyM98rvBCQE5KS5Ej5-2FdgMRMYj-2BWMVZ6-2Bc2YffuS6co4cagQg-2BlhpA2BWxgx9lJ0lQM0DZ_Dr70TI8HA5IVV7cRStyyiAdumo-2F8OP6JnBeEUAxa5DoOw1IQikdV-2FfhQvxp7f-2BDCHB1FkJ2eM8ZSFctbC6xqDWzFclfvDBFJWXO-2FJuR022YuaXGICWf4-2BH0AoV3D-2F13SHB7XeLZgNMZD2Lg6kS0MAGBY7hEd9Ds5T0HucsU-2B0vOwry80Vk-2BzMatsUL0mqH-2B3DuMSZsSqcpdfCXuIqVl5uZSuEdnCna-2BgiyI7J-2Fkna1uxe20xK0KDhu-2FzgIt0RNO6AWWhpcl9r3fwcHbSEq1t-2B-2FTUayWY-2BbYKBDl51Bmv2nREtAMbJ1IsgVOcsh3-2BzuDm8RyaOQz-2FIls1vVVSuFEJAuHYfYaacIhLt5ST-2BsXR7AKE7iUo6G-2FYtJS7EYYH095EprPN1m9zZF41hXj1BtIKrZG09R-2Bg4j2fcTf7QPLHufWTDU1-2BgCQNRRQFLRf23gjPuKGnRBkB8lwdbkYuX6G6oQxnPdukR03cTPSKiF-2BWieY-3D HTTP 302
    https://faithcentregh.com/?_kx=rAl0v2V-N_lSpGY3bCZ5IOeosqJzAnPO7JhQ5tY-I_4.UwnNG6 HTTP 301
    https://nilafiq.sbs/be/mypension/index.php?_kx=rAl0v2V-N_lSpGY3bCZ5IOeosqJzAnPO7JhQ5tY-I_4.UwnNG6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
nilafiq.sbs/be/mypension/
Redirect Chain
  • https://trk.klclick3.com/ls/click?upn=u001.KrX8xM8qk6teV1TCTSTa-2BMG-2BlA4AlM8XdspotHLseeh6y2atbYdesOtAx9Zm4DtyM98rvBCQE5KS5Ej5-2FdgMRMYj-2BWMVZ6-2Bc2YffuS6co4cagQg-2BlhpA2BWxgx9lJ0lQM0DZ_Dr70TI8HA...
  • https://faithcentregh.com/?_kx=rAl0v2V-N_lSpGY3bCZ5IOeosqJzAnPO7JhQ5tY-I_4.UwnNG6
  • https://nilafiq.sbs/be/mypension/index.php?_kx=rAl0v2V-N_lSpGY3bCZ5IOeosqJzAnPO7JhQ5tY-I_4.UwnNG6
2 MB
2 MB 		Document
General
Check archive.org
Download Go to
Full URL
https://nilafiq.sbs/be/mypension/index.php?_kx=rAl0v2V-N_lSpGY3bCZ5IOeosqJzAnPO7JhQ5tY-I_4.UwnNG6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.198.24.213 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
9feb8a0b123c8f7c7b9b51e06cc75c0e8676eabed075917b44e9ccfa11c532a3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jul 2024 09:48:12 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
795
content-type
text/html
date
Mon, 29 Jul 2024 09:48:11 GMT
location
https://nilafiq.sbs/be/mypension/index.php?_kx=rAl0v2V-N_lSpGY3bCZ5IOeosqJzAnPO7JhQ5tY-I_4.UwnNG6
server
LiteSpeed
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e

Request headers

Referer
Origin
https://nilafiq.sbs
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ 		27 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7576fd25e61dc08cedc116fecca016807f5e165e2b8a0f517c7d2c0480bc1e5

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
KBC.jpg
www.kbc.com/content/dam/common-images/logos/internal/brand/kbc/ 		0
0
Belfius+logo+2012+stacked.png
3.bp.blogspot.com/-ujJCQph0a9s/T1ABRuccVEI/AAAAAAAAEZ8/JqkE0NifVKg/s1600/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-ujJCQph0a9s/T1ABRuccVEI/AAAAAAAAEZ8/JqkE0NifVKg/s1600/Belfius+logo+2012+stacked.png
Requested by
Host: nilafiq.sbs
URL: https://nilafiq.sbs/be/mypension/index.php?_kx=rAl0v2V-N_lSpGY3bCZ5IOeosqJzAnPO7JhQ5tY-I_4.UwnNG6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a837c3efc87d51bddd249c7da2deaddfa0566a35e64a9cb54535e93aa1ed6a2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nilafiq.sbs/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 08:46:33 GMT
x-content-type-options
nosniff
age
3700
content-disposition
inline;filename="Belfius logo 2012 stacked.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10945
x-xss-protection
0
server
fife
etag
"v119f"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 30 Jul 2024 08:46:33 GMT
fortis-bl-q.png
www.onzenatuur.be/media/cache/fb_og_image/uploads/media/5f0f1f59ef1f3/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onzenatuur.be/media/cache/fb_og_image/uploads/media/5f0f1f59ef1f3/fortis-bl-q.png
Requested by
Host: nilafiq.sbs
URL: https://nilafiq.sbs/be/mypension/index.php?_kx=rAl0v2V-N_lSpGY3bCZ5IOeosqJzAnPO7JhQ5tY-I_4.UwnNG6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:1c98:1000:10d3:0:2:1658:3cce , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS
Software
nginx /
Resource Hash
2ecd50ed33694fb11cafc07c853952b381c1df7b0a7d2506d65c980660c37df1

Request headers

Referer
https://nilafiq.sbs/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 09:48:13 GMT
last-modified
Wed, 25 Nov 2020 15:53:28 GMT
server
nginx
content-type
image/png
cache-control
max-age=15552000
accept-ranges
bytes
content-length
57419
expires
Sat, 25 Jan 2025 09:48:13 GMT
ndN307AtKQMAhwCewMS6hfW45HVAxdlKqnlSq2UHQoMfc8I5nNfjmpfdwyPm1FdwcbQ
play-lh.googleusercontent.com/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/ndN307AtKQMAhwCewMS6hfW45HVAxdlKqnlSq2UHQoMfc8I5nNfjmpfdwyPm1FdwcbQ
Requested by
Host: nilafiq.sbs
URL: https://nilafiq.sbs/be/mypension/index.php?_kx=rAl0v2V-N_lSpGY3bCZ5IOeosqJzAnPO7JhQ5tY-I_4.UwnNG6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4817a69b492bc465ac6146f706ebeb656d76a757ecff76ec849fa6c39ca0ed65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nilafiq.sbs/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 09:48:13 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22660
x-xss-protection
0
expires
Tue, 30 Jul 2024 09:48:13 GMT
1200px-AXA_Logo.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/9/94/AXA_Logo.svg/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/9/94/AXA_Logo.svg/1200px-AXA_Logo.svg.png
Requested by
Host: nilafiq.sbs
URL: https://nilafiq.sbs/be/mypension/index.php?_kx=rAl0v2V-N_lSpGY3bCZ5IOeosqJzAnPO7JhQ5tY-I_4.UwnNG6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
envoy /
Resource Hash
1e0bb39924103482796b38c031c9831c5377c920029685e1e22e585f7a2f7290
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nilafiq.sbs/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 28 Jul 2024 22:00:56 GMT
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-content-type-options
nosniff
nel
{ "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age
42436
x-cache-status
hit-front
x-cache
cp3074 hit, cp3074 hit/13
content-disposition
inline;filename*=UTF-8''AXA_Logo.svg.png
server-timing
cache;desc="hit-front", host;desc="cp3074"
content-length
55527
x-client-ip
2001:1b60:1010:3:1011:a8dd:d9bd:2e81
last-modified
Fri, 21 Jun 2024 20:50:45 GMT
server
envoy
etag
71d3e9a71c25b44ff5eab14c027b414a
report-to
{ "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges
bytes
timing-allow-origin
*
argenta-logo-facebook.png
www.argenta.be/etc.clientlibs/argenta/clientlibs/clientlib-site/resources/img/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.argenta.be/etc.clientlibs/argenta/clientlibs/clientlib-site/resources/img/argenta-logo-facebook.png
Requested by
Host: nilafiq.sbs
URL: https://nilafiq.sbs/be/mypension/index.php?_kx=rAl0v2V-N_lSpGY3bCZ5IOeosqJzAnPO7JhQ5tY-I_4.UwnNG6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2359:1400:11:4274:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
d31d98b4db2f33745b13ea1816e6407a58d533b5b56ffef5b7362cebf791baa3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://nilafiq.sbs/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 20:04:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Via
1.1 9a97e41242551c9a56be1311e4d3db70.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P10
Age
49412
Content-Security-Policy-Report-Only
default-src 'self'; script-src 'self' *.argenta.be *.googleapis.com *.adobedtm.com *.googletagmanager.com *.doubleclick.net *.adsrvr.org *.teads.tv *.facebook.net *.hotjar.com *.tiqcdn.com *.pingdom.net *.google.ie 'unsafe-inline' 'unsafe-eval' wasm-eval; style-src 'self' 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' https://agentaspaarbank.tt.omtrdc.net *.googleapis.com *.simargenta.be *.argenta.be *.teads.tv *.googlesyndication.com *.pingdom.net; font-src 'self'; frame-src 'self' *.tst-argenta.be *.adsrvr.org *.teads.tv *.doubleclick.net; img-src 'self' *.argenta.be *.simargenta.be *.facebook.com *.google.be *.google.com *.google.ie *.teads.tv *.gstatic.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
32401
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Sun, 28 Jul 2024 03:37:58 GMT
Server
Apache
ETag
"7e91-61e46787959cc"
X-Frame-Options
sameorigin
Vary
Host
Content-Type
image/png
Cache-Control
max-age=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
eMal9FfgPY6USSr3gm1TI6L5mJcndQtIWk8tnR_WsduWfpxYUPDmyA==
Expires
Tue, 27 Aug 2024 20:04:41 GMT
AMLnZu_mD5sXKCLcF-jC066mbaaIciaT-Wzt968JTXCt=s900-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AMLnZu_mD5sXKCLcF-jC066mbaaIciaT-Wzt968JTXCt=s900-c-k-c0x00ffffff-no-rj
Requested by
Host: nilafiq.sbs
URL: https://nilafiq.sbs/be/mypension/index.php?_kx=rAl0v2V-N_lSpGY3bCZ5IOeosqJzAnPO7JhQ5tY-I_4.UwnNG6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
acab82dda2b530ea393b21d50f5f77a1ac2708dfa66f8c2c98b3a681fdf32096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nilafiq.sbs/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 09:04:20 GMT
x-content-type-options
nosniff
age
2633
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78787
x-xss-protection
0
server
fife
etag
"v50"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 30 Jul 2024 09:04:20 GMT
beologo.png
nilafiq.sbs/be/mypension/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nilafiq.sbs/be/mypension/beologo.png
Requested by
Host: nilafiq.sbs
URL: https://nilafiq.sbs/be/mypension/index.php?_kx=rAl0v2V-N_lSpGY3bCZ5IOeosqJzAnPO7JhQ5tY-I_4.UwnNG6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.198.24.213 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
b4f155f21a53aa03f4fcd2866659585709ed412bf8d4ef79ad632f2a7561237b

Request headers

Referer
https://nilafiq.sbs/be/mypension/index.php?_kx=rAl0v2V-N_lSpGY3bCZ5IOeosqJzAnPO7JhQ5tY-I_4.UwnNG6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 09:48:13 GMT
Last-Modified
Mon, 14 Aug 2023 07:25:58 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
14522
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a59f96089d0834c3d23861641de5d8e4623275f7afdab39b1a28aea4ce31a3dc

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		44 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c0bb5b64a4befbc5d483a0bb9458df0bbf201dc76bcba3bee7aa04f2222d31ed

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		753 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a040adc825f4b25e88191b5a3a419b6c36929c4d531d7635c9912ce82d78d66f

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		20 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eba6f4c9d01052a3c5534fb1bffe7d26b69ddfc34c64df2b05a78570687d3f17

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		43 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08da6c1556db04e361ad772efe9d62ec9368189df52513887e2672049667abac

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		27 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20f95eb7e7b9c94fb694e4eda1d07f3cfdb4f2cb88fc87f249abed36d796c798

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		51 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93d5b2cd372f06ec277d73998792d39fb1dc41f2f3cf88c7a9dd5b3994e591e1

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.kbc.com
URL
https://www.kbc.com/content/dam/common-images/logos/internal/brand/kbc/KBC.jpg

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| savepage_ShadowLoader

0 Cookies

1 Console Messages

Source Level URL
Text
security warning URL: https://nilafiq.sbs/be/mypension/index.php?_kx=rAl0v2V-N_lSpGY3bCZ5IOeosqJzAnPO7JhQ5tY-I_4.UwnNG6(Line 854)
Message:
Mixed Content: The page at 'https://nilafiq.sbs/be/mypension/index.php?_kx=rAl0v2V-N_lSpGY3bCZ5IOeosqJzAnPO7JhQ5tY-I_4.UwnNG6' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-ujJCQph0a9s/T1ABRuccVEI/AAAAAAAAEZ8/JqkE0NifVKg/s1600/Belfius+logo+2012+stacked.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3.bp.blogspot.com
faithcentregh.com
nilafiq.sbs
play-lh.googleusercontent.com
trk.klclick3.com
upload.wikimedia.org
www.argenta.be
www.kbc.com
www.onzenatuur.be
yt3.ggpht.com
www.kbc.com
143.198.24.213
162.210.100.212
2600:9000:2359:1400:11:4274:9d40:93a1
2600:9000:2394:1e00:9:ec94:b800:93a1
2a00:1450:4001:829::2001
2a00:1450:4001:831::2016
2a00:1c98:1000:10d3:0:2:1658:3cce
2a02:ec80:300:ed1a::2:b
08da6c1556db04e361ad772efe9d62ec9368189df52513887e2672049667abac
1e0bb39924103482796b38c031c9831c5377c920029685e1e22e585f7a2f7290
20f95eb7e7b9c94fb694e4eda1d07f3cfdb4f2cb88fc87f249abed36d796c798
2ecd50ed33694fb11cafc07c853952b381c1df7b0a7d2506d65c980660c37df1
4817a69b492bc465ac6146f706ebeb656d76a757ecff76ec849fa6c39ca0ed65
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
93d5b2cd372f06ec277d73998792d39fb1dc41f2f3cf88c7a9dd5b3994e591e1
9feb8a0b123c8f7c7b9b51e06cc75c0e8676eabed075917b44e9ccfa11c532a3
a040adc825f4b25e88191b5a3a419b6c36929c4d531d7635c9912ce82d78d66f
a59f96089d0834c3d23861641de5d8e4623275f7afdab39b1a28aea4ce31a3dc
a837c3efc87d51bddd249c7da2deaddfa0566a35e64a9cb54535e93aa1ed6a2b
acab82dda2b530ea393b21d50f5f77a1ac2708dfa66f8c2c98b3a681fdf32096
b4f155f21a53aa03f4fcd2866659585709ed412bf8d4ef79ad632f2a7561237b
b7576fd25e61dc08cedc116fecca016807f5e165e2b8a0f517c7d2c0480bc1e5
c0bb5b64a4befbc5d483a0bb9458df0bbf201dc76bcba3bee7aa04f2222d31ed
d31d98b4db2f33745b13ea1816e6407a58d533b5b56ffef5b7362cebf791baa3
eba6f4c9d01052a3c5534fb1bffe7d26b69ddfc34c64df2b05a78570687d3f17