www.dhnet.be Open in urlscan Pro
81.246.65.145 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-626317...
Submission: On April 23 via api (April 23rd 2022, 5:07:01 am UTC) from GB — Scanned from GB

Summary HTTP 140 Redirects Links 42 Behaviour Indicators

Summary

This website contacted 45 IPs in 7 countries across 38 domains to perform 140 HTTP transactions. The main IP is 81.246.65.145, located in Etterbeek, Belgium and belongs to PROXIMUS-ISP-AS, BE. The main domain is www.dhnet.be. The Cisco Umbrella rank of the primary domain is 182746.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 13th 2021. Valid for: a year.

This is the only time www.dhnet.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	81.246.65.145 81.246.65.145	5432 (PROXIMUS-...) (PROXIMUS-ISP-AS)
16	23.206.209.55 23.206.209.55	16625 (AKAMAI-AS) (AKAMAI-AS)
10	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.32.99.70 13.32.99.70	16509 (AMAZON-02) (AMAZON-02)
1	52.19.126.55 52.19.126.55	16509 (AMAZON-02) (AMAZON-02)
1	178.79.242.16 178.79.242.16	22822 (LLNW) (LLNW)
4	2600:9000:223... 2600:9000:223f:2a00:5:b7cc:d3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	13.32.99.19 13.32.99.19	16509 (AMAZON-02) (AMAZON-02)
2	52.239.242.148 52.239.242.148	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	35.233.20.168 35.233.20.168	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	194.213.114.133 194.213.114.133	8315 (SENTIA) (SENTIA)
5	2a02:26f0:6c0... 2a02:26f0:6c00:2a7::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42::282 2a04:4e42::282	54113 (FASTLY) (FASTLY)
2	34.120.251.88 34.120.251.88	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2600:9000:226... 2600:9000:2260:2800:d:2044:5c40:93a1	() ()
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba22	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.59.29.0 146.59.29.0	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:7a12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	147.75.85.120 147.75.85.120	54825 (PACKET) (PACKET)
19	51.210.116.132 51.210.116.132	16276 (OVH) (OVH)
3	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.111.245.50 104.111.245.50	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
3	147.75.83.64 147.75.83.64	54825 (PACKET) (PACKET)
5	2.20.86.44 2.20.86.44	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
1	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
1	2600:9000:223... 2600:9000:223f:2000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	8.248.131.244 8.248.131.244	3356 (LEVEL3) (LEVEL3)
1	50.31.142.127 50.31.142.127	() ()
3	23.35.229.181 23.35.229.181	() ()
140	45

1 81.246.65.145 (Etterbeek, Belgium)

ASN5432 (PROXIMUS-ISP-AS, BE)
PTR: 81-246-65-145.saipm.com

www.dhnet.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 23.206.209.55 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-209-55.deploy.static.akamaitechnologies.com

o0.ldh.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t2.ldh.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t1.ldh.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-70.fra60.r.cloudfront.net

script.ownpage.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.126.55 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-126-55.eu-west-1.compute.amazonaws.com

api.ownpage.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.16 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net

api.dmcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223f:2a00:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdk.privacy-center.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-19.fra60.r.cloudfront.net

c.pebblemedia.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.239.242.148 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

targetemsecure.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.233.20.168 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 168.20.233.35.bc.googleusercontent.com

offer.slgnt.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.213.114.133 (Belgium)

ASN8315 (SENTIA, NL)
PTR: webapp133.emsecure.net

ipm.emsecure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00:2a7::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.251.88 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 88.251.120.34.bc.googleusercontent.com

data-api.lavenir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2260:2800:d:2044:5c40:93a1 (United States)

ASN- ()

api.privacy-center.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba22 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.lalibre.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.29.0 (France)

ASN16276 (OVH, FR)
PTR: ip0.ip-146-59-29.eu

gabe.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:7a12 (United States)

ASN13335 (CLOUDFLARENET, US)

site-azp.slgnt.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.85.120 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

api.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
csyn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 51.210.116.132 (France)

ASN16276 (OVH, FR)
PTR: dtk-lb-gra08.dginfra.net

www.ultimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
medialb.ultimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.videoadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.245.50 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-245-50.deploy.static.akamaitechnologies.com

code3.adtlgc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.83.64 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

p1cluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.20.86.44 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-86-44.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.87 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:2000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7caf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 8.248.131.244 (United States)

ASN3356 (LEVEL3, US)

cdn.digiteka.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.31.142.127 (None, )

ASN- ()

mcdp-chidc2.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.229.181 (None, )

ASN- ()

images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	ultimedia.com www.ultimedia.com — Cisco Umbrella Rank: 45997 medialb.ultimedia.com — Cisco Umbrella Rank: 71492	186 KB
16	ldh.be o0.ldh.be — Cisco Umbrella Rank: 368548 t2.ldh.be — Cisco Umbrella Rank: 383978 t1.ldh.be — Cisco Umbrella Rank: 389556	1 MB
11	cxense.com cdn.cxense.com — Cisco Umbrella Rank: 4834 api.cxense.com — Cisco Umbrella Rank: 6734 p1cluster.cxense.com — Cisco Umbrella Rank: 7095 comcluster.cxense.com — Cisco Umbrella Rank: 4597 id.cxense.com — Cisco Umbrella Rank: 8374 csyn.cxense.com — Cisco Umbrella Rank: 28070	76 KB
9	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1385 m.addthis.com — Cisco Umbrella Rank: 1349 api-public.addthis.com — Cisco Umbrella Rank: 3868	334 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	61 KB
7	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1335 widget-pixels.outbrain.com — Cisco Umbrella Rank: 2886 odb.outbrain.com — Cisco Umbrella Rank: 1499 mcdp-chidc2.outbrain.com	99 KB
6	slgnt.eu offer.slgnt.eu — Cisco Umbrella Rank: 18991 site-azp.slgnt.eu — Cisco Umbrella Rank: 20873	28 KB
6	privacy-center.org sdk.privacy-center.org — Cisco Umbrella Rank: 7080 api.privacy-center.org — Cisco Umbrella Rank: 10591	150 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 174 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 80	154 KB
4	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 864	10 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 137	196 KB
3	outbrainimg.com images.outbrainimg.com	148 KB
3	digiteka.com cdn.digiteka.com — Cisco Umbrella Rank: 64262	284 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 437	6 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	106 B
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	2 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 212	112 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 394	2 KB
2	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 3476	655 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	655 B
2	lavenir.net data-api.lavenir.net — Cisco Umbrella Rank: 212588	19 KB
2	polyfill.io cdn.polyfill.io — Cisco Umbrella Rank: 2175	634 B
2	emsecure.net ipm.emsecure.net — Cisco Umbrella Rank: 404847	17 KB
2	windows.net targetemsecure.blob.core.windows.net — Cisco Umbrella Rank: 17415	48 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 58	145 KB
2	ownpage.fr script.ownpage.fr — Cisco Umbrella Rank: 108921 api.ownpage.fr — Cisco Umbrella Rank: 89828	2 KB
1	videoadex.com ads.videoadex.com — Cisco Umbrella Rank: 60122	238 B
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 527	7 KB
1	gstatic.com fonts.gstatic.com	16 KB
1	adtlgc.com code3.adtlgc.com — Cisco Umbrella Rank: 91683
1	gemius.pl gabe.hit.gemius.pl — Cisco Umbrella Rank: 36685	12 KB
1	lalibre.be www.lalibre.be — Cisco Umbrella Rank: 190873	10 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 103	15 KB
1	pebblemedia.be c.pebblemedia.be — Cisco Umbrella Rank: 307140	581 B
1	dmcdn.net api.dmcdn.net — Cisco Umbrella Rank: 28893	11 KB
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1602	727 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 350	1 KB
1	dhnet.be www.dhnet.be — Cisco Umbrella Rank: 182746	41 KB
140	38

	Domain	Requested by
13	o0.ldh.be	www.dhnet.be o0.ldh.be
12	www.ultimedia.com	o0.ldh.be data-api.lavenir.net www.ultimedia.com
8	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
6	medialb.ultimedia.com
5	cdn.cxense.com	www.dhnet.be cdn.cxense.com
5	s7.addthis.com	www.dhnet.be s7.addthis.com
4	unpkg.com	2 redirects www.ultimedia.com
4	widgets.outbrain.com	www.dhnet.be widgets.outbrain.com
4	connect.facebook.net	o0.ldh.be connect.facebook.net www.dhnet.be
4	offer.slgnt.eu	o0.ldh.be targetemsecure.blob.core.windows.net offer.slgnt.eu data-api.lavenir.net
4	sdk.privacy-center.org	o0.ldh.be sdk.privacy-center.org
3	images.outbrainimg.com
3	cdn.digiteka.com	www.ultimedia.com
3	cdn.jsdelivr.net	data-api.lavenir.net www.ultimedia.com
3	www.facebook.com	connect.facebook.net
3	securepubads.g.doubleclick.net	www.dhnet.be securepubads.g.doubleclick.net data-api.lavenir.net
3	fonts.googleapis.com	ipm.emsecure.net client cdn.digiteka.com
3	api-public.addthis.com	s7.addthis.com
2	cdnjs.cloudflare.com	www.ultimedia.com
2	secure.adnxs.com	2 redirects
2	www.google.co.uk
2	www.google.com
2	api.cxense.com	cdn.cxense.com
2	site-azp.slgnt.eu	targetemsecure.blob.core.windows.net
2	api.privacy-center.org	data-api.lavenir.net
2	data-api.lavenir.net	www.dhnet.be data-api.lavenir.net
2	cdn.polyfill.io	www.googletagmanager.com targetemsecure.blob.core.windows.net
2	ipm.emsecure.net	o0.ldh.be ipm.emsecure.net
2	targetemsecure.blob.core.windows.net	o0.ldh.be targetemsecure.blob.core.windows.net
2	www.googletagmanager.com	o0.ldh.be www.googletagmanager.com
2	t1.ldh.be	www.dhnet.be
1	mcdp-chidc2.outbrain.com	widgets.outbrain.com
1	ads.videoadex.com	www.ultimedia.com
1	static.adsafeprotected.com	www.ultimedia.com
1	odb.outbrain.com	widgets.outbrain.com
1	widget-pixels.outbrain.com
1	csyn.cxense.com
1	id.cxense.com	cdn.cxense.com
1	comcluster.cxense.com	cdn.cxense.com
1	p1cluster.cxense.com	cdn.cxense.com
1	fonts.gstatic.com	fonts.googleapis.com
1	code3.adtlgc.com	www.dhnet.be
1	stats.g.doubleclick.net	data-api.lavenir.net
1	googleads.g.doubleclick.net	www.googleadservices.com
1	gabe.hit.gemius.pl	o0.ldh.be
1	www.lalibre.be
1	www.googleadservices.com	www.googletagmanager.com
1	c.pebblemedia.be	o0.ldh.be
1	api.dmcdn.net	o0.ldh.be
1	api.ownpage.fr	www.dhnet.be
1	t2.ldh.be	www.dhnet.be
1	script.ownpage.fr	www.dhnet.be
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	www.dhnet.be
140	56

This site contains links to these domains. Also see Links.

Domain
www.outbrain.com
shefence-citional.com
za.investing.com
www.facebook.com
parismatch.be
gourmandiz.dhnet.be
www.instagram.com
kiosque.dhnet.be
dossiers.dhnet.be
banners.livepartners.com
infosports.dhnet.be
bourse.dhnet.be
tv.moustique.be
agendadesjeux.dhnet.be
meteo.dhnet.be
www.logic-immo.be
www.jobat.be
www.yago.be
www.proprietaire-conseil.be
www.continents-insolites.com
wantotravel.be
twitter.com
www.lalibre.be
cinebel.dhnet.be
agenda.brussels
www.onlysalesjob.com
www.ipmadvertising.be
www.lesvoyagesdelalibre.be
www.lalibrenetwork.be
www.lavenir.net
www.moustique.be
www.cim.be

Subject Issuer	Validity	Valid
dhnet.be Sectigo RSA Domain Validation Secure Server CA	`2021-10-13` - `2022-11-12`	a year	crt.sh
ipmgroup.be DigiCert TLS RSA SHA256 2020 CA1	`2022-04-19` - `2023-04-19`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.ownpage.fr Amazon	`2021-11-26` - `2022-12-25`	a year	crt.sh
*.dmcdn.net ZeroSSL RSA Domain Secure Site CA	`2022-03-12` - `2022-06-10`	3 months	crt.sh
*.privacy-center.org Amazon	`2022-04-09` - `2023-05-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
c.pebblemedia.be Go Daddy Secure Certificate Authority - G2	`2021-09-28` - `2022-09-28`	a year	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2022-03-16` - `2023-03-16`	a year	crt.sh
*.slgnt.eu DigiCert TLS RSA SHA256 2020 CA1	`2021-09-02` - `2022-09-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-29` - `2022-04-29`	3 months	crt.sh
*.emsecure.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-25` - `2023-04-25`	a year	crt.sh
*.cxense.com DigiCert SHA2 Secure Server CA	`2021-05-21` - `2022-05-26`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-08` - `2023-04-09`	a year	crt.sh
data-api.lavenir.net GTS CA 1D4	`2022-04-03` - `2022-07-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
api.privacy-center.org Amazon	`2021-07-10` - `2022-08-08`	a year	crt.sh
ipmgroup.web.arc-cdn.net R3	`2022-03-01` - `2022-05-30`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
*.ultimedia.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-04` - `2023-03-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
cdn-content-production.cxpublic.com R3	`2022-03-21` - `2022-06-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
*.digiteka.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-10-24`	a year	crt.sh
*.videoadex.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-04` - `2023-03-07`	a year	crt.sh
*.outbrainimg.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66
Frame ID: FC6C59C6F0FD3C3418377D23873006FD
Requests: 112 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: C6B54FF680652F071ABDB212983C5314
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: E845EAFE59174AE5478AB0FA86E7D17D
Requests: 1 HTTP requests in this frame

Frame: https://ipm.emsecure.net/optiext/optiextension.dll?ID=kTPkniX3YxWv89s4JZGkyYh1HHpsNeqXJcFQGl%2BHR5gGQBXsTLb%2BGuEl_9CqkkMxB5jBdVzEYqPkku&NEWSLETTER_ID=DH_FLASH_INFO&NEWSLETTER_NAME=DH%20Les%20Sports+&NEWSLETTER_DESCRIPTION=L%27actu%20vous%20int%C3%A9resse?%20Inscrivez-vous%20%C3%A0%20la%20newsletter%20quotidienne!&NEWSLETTER_DESCRIPTION_MAIL=Vous%20recevrez,%20tous%20les%20matins,%20les%20derni%C3%A8res%20actus%20de%20La%20DH%20Les%20Sports+.&PRIMARY_COLOR=051f3a&BG_COLOR=e1001a
Frame ID: 59FA9BFC0DCDDFAA45169BA28C09F097
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/v8.0/plugins/comments.php?app_id=463125397122134&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df273fe92d36e4dc%26domain%3Dwww.dhnet.be%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.dhnet.be%252Ff35a2cf1716bafc%26relation%3Dparent.parent&color_scheme=light&container_width=1060&height=100&href=https%3A%2F%2Fwww.dhnet.be%2Fs%2Fart%2F6263175e9978e23b8f737e66&locale=fr_FR&numposts=10&sdk=joey&version=v8.0&width=
Frame ID: 6A1320545C24C6CBABB865CC32C7F987
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: CD9B013DEC900058A93183A0C18D1A64
Requests: 4 HTTP requests in this frame

Frame: https://offer.slgnt.eu/static/cookie.html
Frame ID: 8C1FFC041F2182DAF576BA6B2868DDBF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: A8619C4E958663805EC0B5C130715F3C
Requests: 1 HTTP requests in this frame

Frame: https://www.ultimedia.com/deliver/generic/iframe?mdtk=01585661&zone=2&type_player=0&sendstats=0&src=q3rk83u&width=1060&height=596&urlfacebook=https%3A%2F%2Fwww.dhnet.be%2F&ad=1&autoplay=yes&fstart=1&title=Le+R%C3%A9cap%27+-+Pr%C3%A9sidentielle+fran%C3%A7aise+%3A+semaine+du+18+avril+2022&endMessage=um_Smart_Container_ultimediaEndRoll&widgetPrefix=um_Smart_Container_&tagparam=CxSegments%3D%26video_section%3Ddhnet.be%2Cactu%2Cbelgique&tagparamdecoded=&sspParam=%7B%22spotxipm%22%3A%7B%22cxsegment%22%3A%5B%5D%2C%22digitype%22%3A%5B%22smartplayer%22%5D%2C%22video_section%22%3A%5B%22dhnet.be%22%2C%22actu%22%2C%22belgique%22%5D%7D%2C%22spotxipmd%22%3A%7B%22cxdavid%22%3A%5B%5D%2C%22Format%22%3A%5B%22Instream%22%5D%2C%22Network%22%3A%5B%22ipm%22%5D%2C%22Language%22%3A%5B%22FR%22%5D%7D%7D&visible=&gdprconsentstring=
Frame ID: 04DA86BAC9B457504A9D56B833DF01DC
Requests: 14 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Frame ID: E1C00CA2D378C1639DD85C8A550C93CE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Une tentative de phishing touche les utilisateurs de titres-services Sodexo - DH Les Sports+WhatsAppFacebookTwitterPrintEmailAddThisWhatsAppFacebookTwitterPrintEmailAddThis

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AddThis (Widgets) Expand

Didomi (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

sdk\.privacy-center\.org/.*/loader\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

140
Requests

96 %
HTTPS

44 %
IPv6

38
Domains

56
Subdomains

45
IPs

7
Countries

3266 kB
Transfer

8048 kB
Size

27
Cookies

42 Outgoing links

These are links going to different origins than the main page.

URL: https://www.outbrain.com/what-is/default/fr

Search URL Search Domain Scan URL

URL: https://shefence-citional.com/aa5e0776-39a1-435d-84d3-1232d2799c63?utm_source=ob&utm_campaign=uk_desk_feb22&utm_term=$section_name$&utm_content=00c5fde0f2f015455377bd71d4adbaa506-Simple+Bedtime+Ritual+To+Empty+Your+Bowels+Properly&t=$ob_click_id$&dt=ob&obOrigUrl=true
Title: Gut Solution Simple Bedtime Ritual To Empty Your Bowels Properly

Search URL Search Domain Scan URL

URL: https://za.investing.com/magazine/expensive-mansions-that-nobody-wants-to-buy/?utm_source=Outbrain&utm_medium=cpm&utm_campaign=003c266e2e3314cb56316486778491fdbe&utm_content=Peaches+Geldof%27s+%241+Million+Kent+Mansion+Was+Abandoned+After+Her+Passi&utm_term=$publisher_name$_$section_name$&origin=outbrain&outbrain_params[ad_id]=002163a67de44381f2c8612277345b3f91&outbrain_params[doc_title]=Expensive+Mansions+That+Nobody+Wants+To+Buy&outbrain_params[doc_author]=Audrey+Kyanova&outbrain_params[doc_id]=007f61e460566897a46d27b4410dacf61a&outbrain_params[ad_title]=Peaches+Geldof%27s+%241+Million+Kent+Mansion+Was+Abandoned+After+Her+Passi&outbrain_params[publish_date]=20220216&outbrain_params[req_id]=$req_id$&outbrain_params[source_id]=$source_id$&outbrain_params[promoted_link_id]=002163a67de44381f2c8612277345b3f91&outbrain_params[time_stamp]=$time_stamp$&outbrain_params[campaign_id]=003c266e2e3314cb56316486778491fdbe&outbrain_params[uuid]=$uuid$&outbrain_params[section_id]=$section_id$&outbrain_params[section_name]=$section_name$&outbrain_params[publisher_id]=$publisher_id$&outbrain_params[publisher_name]=$publisher_name$&outbrain_params[ob_click_id]=$ob_click_id$&outbrain_params[android_id]=$android_id$&outbrain_params[idfa]=$idfa$&outbrain_params[cpc]=$cpc$&im_dars=1x100_3x103_5x369_7x774&im[p19]=124576&obOrigUrl=true
Title: Investing.com Peaches Geldof's $1 Million Kent Mansion Was Abandoned After Her Passing

Search URL Search Domain Scan URL

URL: https://shefence-citional.com/9f2b6f47-08c4-4399-be70-872b1406a437?utm_source=ob&utm_campaign=uk_dk_feb22&utm_term=$section_name$&utm_content=00e6f09afd9f580c30a8a358164962fbe1-%22Nature%27s+Morphine%22%2C+Could+Help+Against+Joint+Pain+%26+Arthritis&t=$ob_click_id$&dt=ob&obOrigUrl=true
Title: Nutravya "Nature's Morphine", Could Help Against Joint Pain & Arthritis

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dhnet

Search URL Search Domain Scan URL

URL: https://parismatch.be/lifestyle/voyages/555288/besoin-didees-pour-vos-vacances-voici-les-10-plus-belles-plages-deurope
Title: Besoin d’idées pour vos vacances ? Voici les 10 plus belles plages d’Europe

Search URL Search Domain Scan URL

URL: https://parismatch.be/actualites/environnement/555178/jour-de-la-terre-google-nous-plonge-de-plein-fouet-dans-limpact-du-changement-climatique
Title: Jour de la Terre : Google nous plonge de plein fouet dans l’impact du changement climatique

Search URL Search Domain Scan URL

URL: https://parismatch.be/actualites/people/555271/la-maitresse-de-vladimir-poutine-refait-surface-avec-un-visage-different
Title: La maîtresse de Vladimir Poutine refait surface avec un visage différent

Search URL Search Domain Scan URL

URL: https://gourmandiz.dhnet.be/concours/18348/concours-gagnez-un-mixeur-plongeur-bosch-2
Title: Concours: gagnez un mixeur plongeur Bosch

Search URL Search Domain Scan URL

URL: https://gourmandiz.dhnet.be/en-bref/18344/lhuile-de-thon-pourquoi-il-ne-faut-plus-jamais-la-jeter
Title: L’huile de thon : pourquoi il ne faut plus jamais la jeter

Search URL Search Domain Scan URL

URL: https://gourmandiz.dhnet.be/recette/pesto-des-ours
Title: Pesto des ours

Search URL Search Domain Scan URL

URL: https://www.instagram.com/dh_lessports/

Search URL Search Domain Scan URL

URL: https://kiosque.dhnet.be/
Title: Journal

Search URL Search Domain Scan URL

URL: https://dossiers.dhnet.be/dhradio-player/dhradio/
Title: Radio

Search URL Search Domain Scan URL

URL: https://banners.livepartners.com/click.php?z=76838&wogifs=DHButton
Title: Pariez sur Betfirst

Search URL Search Domain Scan URL

URL: https://dossiers.dhnet.be/promo/abo-accueil/
Title: S'abonner

Search URL Search Domain Scan URL

URL: https://infosports.dhnet.be/
Title: Live Center

Search URL Search Domain Scan URL

URL: https://bourse.dhnet.be/
Title: La Bourse

Search URL Search Domain Scan URL

URL: https://tv.moustique.be/
Title: Programmes TV

Search URL Search Domain Scan URL

URL: https://banners.livepartners.com/click.php?z=117604
Title: betFIRST

Search URL Search Domain Scan URL

URL: http://agendadesjeux.dhnet.be/
Title: Jeux

Search URL Search Domain Scan URL

URL: https://meteo.dhnet.be/
Title: Météo

Search URL Search Domain Scan URL

URL: https://www.logic-immo.be/fr/immobilier-belgique.html
Title: Immo Belgique

Search URL Search Domain Scan URL

URL: https://www.jobat.be/fr
Title: Emploi

Search URL Search Domain Scan URL

URL: https://www.yago.be/fr/assurance-auto
Title: Yago

Search URL Search Domain Scan URL

URL: https://www.proprietaire-conseil.be/fr/
Title: Proprietaire Conseil

Search URL Search Domain Scan URL

URL: https://www.continents-insolites.com/
Title: Continents Insolites

Search URL Search Domain Scan URL

URL: https://wantotravel.be/
Title: Wanto Travel

Search URL Search Domain Scan URL

URL: https://twitter.com/ladh
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.lalibre.be/
Title: La Libre

Search URL Search Domain Scan URL

URL: https://cinebel.dhnet.be/fr/
Title: Cinebel

Search URL Search Domain Scan URL

URL: https://www.logic-immo.be/
Title: Logic-Immo

Search URL Search Domain Scan URL

URL: https://gourmandiz.dhnet.be/
Title: Gourmandiz

Search URL Search Domain Scan URL

URL: https://agenda.brussels/
Title: Agenda

Search URL Search Domain Scan URL

URL: https://www.onlysalesjob.com/
Title: Only sales Job

Search URL Search Domain Scan URL

URL: http://www.ipmadvertising.be/fr/
Title: IPM Advertising

Search URL Search Domain Scan URL

URL: https://parismatch.be/
Title: Paris Match Belgique

Search URL Search Domain Scan URL

URL: http://www.lesvoyagesdelalibre.be/
Title: Les voyages de La Libre

Search URL Search Domain Scan URL

URL: https://www.lalibrenetwork.be/
Title: La Libre Network

Search URL Search Domain Scan URL

URL: https://www.lavenir.net/
Title: L'avenir

Search URL Search Domain Scan URL

URL: https://www.moustique.be/
Title: Moustique

Search URL Search Domain Scan URL

URL: https://www.cim.be/fr/internet/disclaimer-cim-internet

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 103

https://secure.adnxs.com/getuid?https%3A%2F%2Fcsyn.cxense.com%2Fapn.png%3Fcxsite%3D1144067785159202749%26uid%3D%24UID%26cxckp%3Dcx%253Aodxtzrhndsuxvyk3dd4ze6co%253Av6ja14wvtbl HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcsyn.cxense.com%252Fapn.png%253Fcxsite%253D1144067785159202749%2526uid%253D%2524UID%2526cxckp%253Dcx%25253Aodxtzrhndsuxvyk3dd4ze6co%25253Av6ja14wvtbl HTTP 302
https://csyn.cxense.com/apn.png?cxsite=1144067785159202749&uid=3413553083430360983&cxckp=cx%3Aodxtzrhndsuxvyk3dd4ze6co%3Av6ja14wvtbl

Request Chain 123

https://unpkg.com/@silvermine/videojs-quality-selector/dist/css/quality-selector.css HTTP 302
https://unpkg.com/@silvermine/videojs-quality-selector@1.2.5/dist/css/quality-selector.css

Request Chain 128

https://unpkg.com/@silvermine/videojs-quality-selector/dist/js/silvermine-videojs-quality-selector.min.js HTTP 302
https://unpkg.com/@silvermine/videojs-quality-selector@1.2.5/dist/js/silvermine-videojs-quality-selector.min.js

140 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66 Show response
www.dhnet.be/actu/belgique/ 188 KB
41 KB 168ms
82ms Document
text/html 81.246.65.145
PROXIMUS-ISP-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.246.65.145 Etterbeek, Belgium, ASN5432 (PROXIMUS-ISP-AS, BE),
Reverse DNS: 81-246-65-145.saipm.com
Software: /
Resource Hash: 0b5413d248154678613186ef20ab47d4de0abfee15c2a6a5c9de83e899efa46b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization, Content-Type, Accept, X-Requested-With, Origin
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, HEAD, OPTIONS
Age: 22
Cache-Control: public, max-age=30
Content-Encoding: gzip
Content-Length: 41822
Content-Type: text/html; charset=utf-8
Date: Sat, 23 Apr 2022 05:06:33 GMT
Expires: Sat, 23 Apr 2022 05:07:03 GMT
Magicnumbers
Pragma
Vary: Accept-Encoding
X-Varnish: 985728187 986022609

GET
H/1.1 200
OK HKNova-Heavy-b89734129419.woff2
o0.ldh.be/fonts/hknova/ 31 KB
31 KB 256ms
56ms Font
application/octet-stream 23.206.209.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o0.ldh.be/fonts/hknova/HKNova-Heavy-b89734129419.woff2
Requested by: Host: www.dhnet.be
URL: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.209.55 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-209-55.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7c5d5b8df4a105141d112b5a429e3f98faf283577e100be0e60367b6a446afce

Request headers

Referer: https://www.dhnet.be/
Origin: https://www.dhnet.be
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sat, 23 Apr 2022 05:06:56 GMT
X-Openstack-Request-Id: tx2be82b2dac8549c4b7a60-0060c8f157
X-IPLB-Instance: 38342
Connection: keep-alive
X-Trans-Id: tx2be82b2dac8549c4b7a60-0060c8f157
Accept-Ranges: bytes
Expires: Thu, 08 Sep 2022 18:50:31 GMT
Last-Modified: Thu, 06 Feb 2020 13:40:24 GMT
X-IPLB-Request-ID: 54358C0C:8320_3626E64B:01BB_60C8F157_1037ED:B398
ETag: b897341294197844efe1e11ab2d24129
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
X-Timestamp: 1580996423.97087
Cache-Control: public, max-age=11972615
Content-Length: 31372
Access-Control-Expose-Headers: x-trans-id, content-language, X-Container-Read, expires, X-Storage-Policy, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id

GET
H/1.1 200
OK eleven-sports-31dd88907ad8.svg
o0.ldh.be/img/ 3 KB
4 KB 170ms
41ms Image
image/svg+xml 23.206.209.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o0.ldh.be/img/eleven-sports-31dd88907ad8.svg
Requested by: Host: www.dhnet.be
URL: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.209.55 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-209-55.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1a19ea567edb90af91e7af0521b54d6c4a277280b0efc3e0d26baead50ebefca

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sat, 23 Apr 2022 05:06:56 GMT
X-Openstack-Request-Id: tx1ee176a0cf634935817a5-0060c8f157
Last-Modified: Mon, 16 Mar 2020 14:05:08 GMT
X-Trans-Id: tx1ee176a0cf634935817a5-0060c8f157
X-IPLB-Request-ID: 54358C57:929C_3626E64B:01BB_60C8F152_12DF87:18F71
ETag: 31dd88907ad8b7ea517758a930289bf5
X-IPLB-Instance: 33617
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Timestamp: 1584367507.42675
Cache-Control: public, max-age=4627329
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3277
Expires: Wed, 15 Jun 2022 18:29:05 GMT

GET
H/1.1 200
OK logoMain-red-5e34f4fc32bd.svg
o0.ldh.be/img/ 3 KB
4 KB 165ms
41ms Image
image/svg+xml 23.206.209.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o0.ldh.be/img/logoMain-red-5e34f4fc32bd.svg
Requested by: Host: www.dhnet.be
URL: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.209.55 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-209-55.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 26d661261c6e458ca29f1b127d4033183ab7318a8d917c1cdc23ee95e1c4f07d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sat, 23 Apr 2022 05:06:56 GMT
X-Openstack-Request-Id: txe2a6e578e8eb4a3292954-0060c8f157
Last-Modified: Mon, 16 Mar 2020 14:05:28 GMT
X-Trans-Id: txe2a6e578e8eb4a3292954-0060c8f157
X-IPLB-Request-ID: 54358C67:F6D7_3626E64B:01BB_60C8F157_113C73:10A21
ETag: 5e34f4fc32bde2e02ebaa06a78d40f67
X-IPLB-Instance: 12309
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Timestamp: 1584367527.50566
Cache-Control: public, max-age=4627327
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3062
Expires: Wed, 15 Jun 2022 18:29:03 GMT

GET
H/1.1 200
OK eleven-sports-small-aa66d0e3d33b.svg
o0.ldh.be/img/ 3 KB
4 KB 174ms
42ms Image
image/svg+xml 23.206.209.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o0.ldh.be/img/eleven-sports-small-aa66d0e3d33b.svg
Requested by: Host: www.dhnet.be
URL: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.209.55 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-209-55.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c03243abc518c9870de0eb327e7b9b864b644241a34efac94bfa0f346ade2162

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sat, 23 Apr 2022 05:06:56 GMT
X-Openstack-Request-Id: tx1000ab8c4b2b4e8d95e01-0060c8f157
Last-Modified: Mon, 16 Mar 2020 14:05:07 GMT
X-Trans-Id: tx1000ab8c4b2b4e8d95e01-0060c8f157
X-IPLB-Request-ID: 54358C6D:F345_3626E64B:01BB_60C8F157_12D579:2775
ETag: aa66d0e3d33b3d132cf28f6e6082b05b
X-IPLB-Instance: 33618
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Timestamp: 1584367506.25001
Cache-Control: public, max-age=4627269
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3349
Expires: Wed, 15 Jun 2022 18:28:05 GMT

GET
H/1.1 200
OK logoDH-light-fd9f8f15b78e.svg
o0.ldh.be/img/ 824 B
1 KB 205ms
41ms Image
image/svg+xml 23.206.209.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o0.ldh.be/img/logoDH-light-fd9f8f15b78e.svg
Requested by: Host: www.dhnet.be
URL: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.209.55 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-209-55.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3e5413bc2f86314be41266aade8bd67f6fc97de28f36f5e1a26b95493585674f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sat, 23 Apr 2022 05:06:56 GMT
X-Openstack-Request-Id: tx0860caabd9414ddda7143-0060c8f157
Last-Modified: Mon, 16 Mar 2020 14:05:15 GMT
X-Trans-Id: tx0860caabd9414ddda7143-0060c8f157
X-IPLB-Request-ID: 54358C27:A262_3626E64B:01BB_60C8F157_152F44:1B292
ETag: fd9f8f15b78e1280cf920de1710cbf6d
X-IPLB-Instance: 38426
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Timestamp: 1584367514.32648
Cache-Control: public, max-age=4627337
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 824
Expires: Wed, 15 Jun 2022 18:29:13 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 165ms
45ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.dhnet.be
URL: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Sat, 23 Apr 2022 05:06:56 GMT
x-host: s7.addthis.com
content-length: 116389

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eea95f08081abedd133b378464e0d9c3d2d7bfbd7a289d4e2019ec2ada12f2d0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d0e398d4f9db02ea500121cac634d860741dccba6868e746e3eb6dabcdecb8f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK articleNonCritical-0035c7ec3c04.css
o0.ldh.be/css/ 110 KB
110 KB 156ms
44ms Stylesheet
text/css 23.206.209.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o0.ldh.be/css/articleNonCritical-0035c7ec3c04.css
Requested by: Host: www.dhnet.be
URL: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.209.55 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-209-55.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 738e2ec45148de2e0ec5ec4048451975a9912318db57694af70e99f2ef1c5c87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sat, 23 Apr 2022 05:06:56 GMT
X-Openstack-Request-Id: tx914b158742d64277a9d1b-0061152d39
Last-Modified: Thu, 12 Aug 2021 14:15:45 GMT
X-Trans-Id: tx914b158742d64277a9d1b-0061152d39
X-IPLB-Request-ID: 02148FA5:D538_3626E64B:01BB_61152D39_B3EE80:2695A
ETag: 1f9999e78845d0df55d46472dfbd36d3
X-IPLB-Instance: 33617
Content-Type: text/css; charset=utf-8
X-Timestamp: 1628777744.85842
Cache-Control: public, max-age=9623326
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 112193
Expires: Fri, 12 Aug 2022 14:15:42 GMT

GET
H/1.1 200
OK script-22c744726567.js Show response
o0.ldh.be/js/ 223 KB
223 KB 48ms
48ms Script
application/javascript 23.206.209.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o0.ldh.be/js/script-22c744726567.js
Requested by: Host: www.dhnet.be
URL: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.209.55 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-209-55.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 56a5a661809e8f50bdac000c2d078929fd2a636bc2d941ad7242773c909e8bfc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sat, 23 Apr 2022 05:06:56 GMT
X-Openstack-Request-Id: txfc2095ed089b4b998f847-006114c4a6
Last-Modified: Thu, 12 Aug 2021 06:49:39 GMT
X-Trans-Id: txfc2095ed089b4b998f847-006114c4a6
X-IPLB-Request-ID: C16C5E9F:DF6C_3626E64B:01BB_6114C4A6_8D332F:26947
ETag: 22c74472656793b27083aaefbb595349
X-IPLB-Instance: 33617
Content-Type: application/javascript
X-Timestamp: 1628750978.81354
Cache-Control: public, max-age=9596605
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 228096
Expires: Fri, 12 Aug 2022 06:50:21 GMT

GET
H/1.1 200
OK logoSportsPlus-light-956f8159a1fc.svg
o0.ldh.be/img/ 2 KB
3 KB 47ms
40ms Image
image/svg+xml 23.206.209.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o0.ldh.be/img/logoSportsPlus-light-956f8159a1fc.svg
Requested by: Host: www.dhnet.be
URL: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.209.55 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-209-55.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 66a85b535dba1e1e5702efe8fb48de0eacdc4f6ca0ac94d55c9f02fb612ecdf2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sat, 23 Apr 2022 05:06:56 GMT
X-Openstack-Request-Id: txe8d15a655f354624aa168-0060c8f1ef
Last-Modified: Mon, 16 Mar 2020 14:05:34 GMT
X-Trans-Id: txe8d15a655f354624aa168-0060c8f1ef
X-IPLB-Request-ID: 54358C4C:B135_3626E64B:01BB_60C8F1EF_121AF7:2770
ETag: 956f8159a1fc145209e426ca7f9b8ee0
X-IPLB-Instance: 33618
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Timestamp: 1584367533.77326
Cache-Control: public, max-age=4627438
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2490
Expires: Wed, 15 Jun 2022 18:30:54 GMT

GET
H/1.1 200
OK HKNova-Heavy-b89734129419.woff2
o0.ldh.be/fonts/hknova/ 31 KB
31 KB 96ms
45ms Font
application/octet-stream 23.206.209.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o0.ldh.be/fonts/hknova/HKNova-Heavy-b89734129419.woff2?
Requested by: Host: www.dhnet.be
URL: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.209.55 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-209-55.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7c5d5b8df4a105141d112b5a429e3f98faf283577e100be0e60367b6a446afce

Request headers

Referer: https://www.dhnet.be/
Origin: https://www.dhnet.be
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sat, 23 Apr 2022 05:06:56 GMT
X-Openstack-Request-Id: tx758b1ad7ba46418893a44-0060c8f1ef
Last-Modified: Thu, 06 Feb 2020 13:40:24 GMT
X-Trans-Id: tx758b1ad7ba46418893a44-0060c8f1ef
X-IPLB-Request-ID: 54358C0C:A677_3626E64B:01BB_60C8F1EF_11D704:276B
ETag: b897341294197844efe1e11ab2d24129
X-IPLB-Instance: 33618
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
X-Timestamp: 1580996423.97087
Cache-Control: public, max-age=4627381
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31372
Expires: Wed, 15 Jun 2022 18:29:57 GMT

GET
H/1.1 200
OK font-custom-ee496ec8a95c.ttf
o0.ldh.be/fonts/font-custom/ 26 KB
27 KB 177ms
58ms Font
application/font-sfnt 23.206.209.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o0.ldh.be/fonts/font-custom/font-custom-ee496ec8a95c.ttf
Requested by: Host: www.dhnet.be
URL: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.209.55 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-209-55.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 87452a45fa95d7b04d3f8fe1e222f0ecf5cf455ac1d0a395b3507611c2f8d901

Request headers

Referer: https://www.dhnet.be/
Origin: https://www.dhnet.be
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sat, 23 Apr 2022 05:06:56 GMT
X-Openstack-Request-Id: txa30120d25bbc4e34b8d83-0060e64a51
X-IPLB-Instance: 12308
Connection: keep-alive
X-Trans-Id: txa30120d25bbc4e34b8d83-0060e64a51
Accept-Ranges: bytes
Expires: Fri, 08 Jul 2022 00:43:43 GMT
Last-Modified: Mon, 24 Feb 2020 14:30:22 GMT
X-IPLB-Request-ID: 54358C5D:9947_3626E64B:01BB_60E64A51_6F7EEE0:2DF69
ETag: ee496ec8a95c48328cbef22768f9b9a6
Content-Type: application/font-sfnt
Access-Control-Allow-Origin: *
X-Timestamp: 1582554621.74310
Cache-Control: public, max-age=6550607
Content-Length: 27044
Access-Control-Expose-Headers: x-trans-id, content-language, X-Container-Read, expires, X-Storage-Policy, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 124ms
41ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:56 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=54615
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H/1.1 200
OK logoBetFIRST-b0841bab70b1.svg
o0.ldh.be/img/ 2 KB
3 KB 41ms
41ms Image
image/svg+xml 23.206.209.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o0.ldh.be/img/logoBetFIRST-b0841bab70b1.svg
Requested by: Host: o0.ldh.be
URL: https://o0.ldh.be/css/articleNonCritical-0035c7ec3c04.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.209.55 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-209-55.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b9ac948dfd7ba62399cbd2446770c952946d17d9b5a47c94a5f14420f10f4d57

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://o0.ldh.be/css/articleNonCritical-0035c7ec3c04.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sat, 23 Apr 2022 05:06:56 GMT
X-Openstack-Request-Id: txf8b2b1176cc44d668c3e2-0061152d39
Last-Modified: Thu, 12 Aug 2021 14:15:44 GMT
X-Trans-Id: txf8b2b1176cc44d668c3e2-0061152d39
X-IPLB-Request-ID: 02148F96:EB1D_3626E64B:01BB_61152D39_D6DB53:202D6
ETag: b0841bab70b11507ffa919a3c763e5b7
X-IPLB-Instance: 38427
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Timestamp: 1628777743.05026
Cache-Control: public, max-age=9623360
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2364
Expires: Fri, 12 Aug 2022 14:16:16 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-50f953e90e478d9e/ 2 KB
727 B 45ms
44ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-50f953e90e478d9e/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f20973e2ba365ab9abcfd7cd7cd7ddd33f448a26e1bd0e42f159daad07b0979c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:56 GMT
content-encoding: gzip
etag: 1735616028--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=18, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 551

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 166ms
166ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=626389706ca7ff6b&bkl=0&bl=1&pdt=217&sid=626389706ca7ff6b&pub=ra-50f953e90e478d9e&rev=v8.28.8-wp&ln=fr&pc=men&cb=0&ab=-&dp=www.dhnet.be&fp=actu%2Fbelgique%2Fune-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1650690416649&jsl=0&uvs=6263897078f97b3f000&skipb=1&callback=addthis.cbs.jsonp__181709651585027170
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 09cd64f90723633695ca4bff5e3b8cf13104725dc60626d58c4f12af07618cb8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Apr 2022 05:06:56 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame C6B5 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame E845 71 KB
26 KB 55ms
55ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.dhnet.be/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Sat, 23 Apr 2022 05:06:56 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 client.fr.min.json Show response
s7.addthis.com/l10n/ 4 KB
2 KB 160ms
43ms XHR
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.fr.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

a362f69b2d3a4c7524c423ce51bcee34a234354552e150be760bd91be2f0084b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
server: nginx/1.15.8
etag: W/"5d77be05-fb9"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
date: Sat, 23 Apr 2022 05:06:56 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 1924

GET
H/1.1 200
OK ownpage.js Show response
script.ownpage.fr/v1/ 2 KB
1 KB 148ms
42ms Script
application/javascript 13.32.99.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://script.ownpage.fr/v1/ownpage.js
Requested by: Host: www.dhnet.be
URL: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-70.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 47dcc5ccddda02ae4a968f0d40073bcd4c1fff886815b0ea5064c6f2d96b535a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sat, 23 Apr 2022 03:31:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Mar 2020 14:26:58 GMT
Server: AmazonS3
Age: 5739
ETag: "d8294557b39e581c7b73d8741f78cf18"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Content-Length: 1034
X-Amz-Cf-Id: A2UCg_b6S-P0dOkgc2kXU8BtLPaDoCjCvHBvyYFalVi9lwWMFf94fA==

GET
H/1.1 200
OK plyr-c157e2dfa91a.js Show response
o0.ldh.be/js/libs/ 155 KB
156 KB 46ms
46ms Script
application/javascript 23.206.209.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o0.ldh.be/js/libs/plyr-c157e2dfa91a.js
Requested by: Host: www.dhnet.be
URL: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.209.55 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-209-55.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3293295a418ba890ec9519ec0e0aeda6a2e7a260033fc012001b1e3d6a3577ff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sat, 23 Apr 2022 05:06:56 GMT
X-Openstack-Request-Id: tx687529927c9d45c2bc3da-0060e64a51
Last-Modified: Mon, 24 Feb 2020 14:30:25 GMT
X-Trans-Id: tx687529927c9d45c2bc3da-0060e64a51
X-IPLB-Request-ID: 54358C66:9DFE_3626E64B:01BB_60E64A51_85BF912:1C729
ETag: c157e2dfa91a8d4af5b8f8131b95924d
X-IPLB-Instance: 38427
Content-Type: application/javascript
X-Timestamp: 1582554624.29786
Cache-Control: public, max-age=6550622
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 159057
Expires: Fri, 08 Jul 2022 00:43:58 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 46ms
45ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sat, 23 Apr 2022 05:06:56 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H/1.1 200
OK 625fd97d9978e23b8f737ad4.jpg
t2.ldh.be/vfzhZULG2hphy-R5brLfog6P5D0=/0x37:2560x1317/140x70/ 1 KB
2 KB 200ms
45ms Image
image/webp 23.206.209.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2.ldh.be/vfzhZULG2hphy-R5brLfog6P5D0=/0x37:2560x1317/140x70/625fd97d9978e23b8f737ad4.jpg
Requested by: Host: www.dhnet.be
URL: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.209.55 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-209-55.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 834630fc6facfdffddbd975cc5668fd9e39e2f77f9b0fb12e40c4fffafcbf436

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sat, 23 Apr 2022 05:06:56 GMT
X-Check-Cacheable: YES
X-Serial: 1048
ETag: "602d26a09f9f545ec7fe6f7371b1c6a967585e8f"
Content-Type: image/webp
Cache-Control: private, no-transform, max-age=2352116
Last-Modified: Wed, 20 Apr 2022 10:28:25 GMT
Connection: keep-alive
Content-Length: 1280
Server: Akamai Image Manager
Expires: Fri, 20 May 2022 10:28:52 GMT

GET
H/1.1 200
OK 62630a30d8ad582648f2052c.jpg
t1.ldh.be/2n-scXZJP-tw4hz4JxM-FHgojSs=/0x0:2560x1280/940x470/ 18 KB
19 KB 200ms
47ms Image
image/webp 23.206.209.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t1.ldh.be/2n-scXZJP-tw4hz4JxM-FHgojSs=/0x0:2560x1280/940x470/62630a30d8ad582648f2052c.jpg
Requested by: Host: www.dhnet.be
URL: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.209.55 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-209-55.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: ce9aae2e1f800022f1df65437f84aa4b17adb820fcbff926114e4e211baf50aa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sat, 23 Apr 2022 05:06:56 GMT
Last-Modified: Fri, 22 Apr 2022 21:00:56 GMT
Server: Akamai Image Manager
ETag: "47df63f055c5df8a610d02f9c5081219c4710078"
Content-Type: image/webp
Cache-Control: private, no-transform, max-age=2562723
Connection: keep-alive
Content-Length: 18642
Expires: Sun, 22 May 2022 20:58:59 GMT

GET
H/1.1 200
OK 5fd9b0bed8ad5844d1b9592f.png
t1.ldh.be/H-ILceVD20is0rdLlgNV0zbmYfk=/100x100/ 734 B
1 KB 207ms
54ms Image
image/webp 23.206.209.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t1.ldh.be/H-ILceVD20is0rdLlgNV0zbmYfk=/100x100/5fd9b0bed8ad5844d1b9592f.png
Requested by: Host: www.dhnet.be
URL: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.209.55 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-209-55.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: d6257685f5cd2201c1550411a818eabbb451062712bfb690bef18485f795b03a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sat, 23 Apr 2022 05:06:56 GMT
X-Check-Cacheable: YES
X-Serial: 920
ETag: "f9086a30872575680146825100b1fd6f28685843"
Content-Type: image/webp
Cache-Control: private, no-transform, max-age=2038880
Last-Modified: Mon, 21 Feb 2022 19:28:02 GMT
Connection: keep-alive
Content-Length: 734
Server: Akamai Image Manager
Expires: Mon, 16 May 2022 19:28:16 GMT

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
331 B 231ms
43ms XHR
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.dhnet.be%2Factu%2Fbelgique%2Fune-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.dhnet.be/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66
last-modified: Sat, 23 Apr 2022 04:00:00 GMT
server: nginx/1.15.8
date: Sat, 23 Apr 2022 05:06:57 GMT
content-type: application/json
access-control-allow-origin: https://www.dhnet.be
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
359 B 401ms
213ms Script
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.dhnet.be%2Factu%2Fbelgique%2Fune-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66&callback=_ate.cbs.rcb_4p090

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

16c28e89f974c1f10312af596be9f6cd90c839895f1fa3265158c7ce7de505d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66
last-modified: Sat, 23 Apr 2022 05:06:57 GMT
server: nginx/1.15.8
date: Sat, 23 Apr 2022 05:06:57 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
359 B 401ms
213ms Script
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.dhnet.be%2Factu%2Fbelgique%2Fune-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66&callback=_ate.cbs.rcb_5beb0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

d0ebb90b8bbe3efc8dde8d51fa4372b82fd608b3975cc920e21a44377bb8123b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66
last-modified: Sat, 23 Apr 2022 05:06:57 GMT
server: nginx/1.15.8
date: Sat, 23 Apr 2022 05:06:57 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
H/1.1 200
OK hits
api.ownpage.fr/v1/collect/ 0
556 B 195ms
43ms Image
image/png 52.19.126.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.ownpage.fr/v1/collect/hits?client_key=ba3f563cd65946639710e2fcc8bc8bf6&url=https%3A%2F%2Fwww.dhnet.be%2Factu%2Fbelgique%2Fune-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66&cookie_id=649d05a954d0e0c8

Requested by

Host: www.dhnet.be
URL: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.126.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-126-55.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

X-Runtime: 0.002578
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
X-Permitted-Cross-Domain-Policies: none
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Origin,Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: 56b06ba2-84a8-4697-9ccd-92a1d0d46847

GET
H/1.1 200
OK scriptBottom-15028db1f2ad.js Show response
o0.ldh.be/js/ 451 KB
451 KB 42ms
42ms Script
application/javascript 23.206.209.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o0.ldh.be/js/scriptBottom-15028db1f2ad.js
Requested by: Host: www.dhnet.be
URL: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.209.55 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-209-55.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 42a96f0cf20709f6bf045ff3e3297d937a63f09e23129a95fc8e9c32c8b18bfe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sat, 23 Apr 2022 05:06:57 GMT
X-Openstack-Request-Id: tx7cdf3efbcb214a96a8586-0061de8732
Last-Modified: Wed, 12 Jan 2022 07:45:19 GMT
X-Trans-Id: tx7cdf3efbcb214a96a8586-0061de8732
X-IPLB-Request-ID: 02148F97:CA08_3626E64B:01BB_61DE8732_6BBEAD:1735D
ETag: e6b96fcc5b7b4de913cc99d4181e1f3c
X-IPLB-Instance: 12308
Content-Type: application/javascript
X-Timestamp: 1641973518.61255
Cache-Control: public, max-age=22819150
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 461664
Expires: Thu, 12 Jan 2023 07:46:07 GMT

GET
H2 200 all.js Show response
api.dmcdn.net/ 29 KB
11 KB 135ms
43ms Script
application/x-javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dmcdn.net/all.js
Requested by: Host: o0.ldh.be
URL: https://o0.ldh.be/js/scriptBottom-15028db1f2ad.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 49566600bfa0cd1a7804582e0cb5da0f8abaad1c19cba621fb698d5536f0d4ca

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:57 GMT
content-encoding: gzip
age: 5178
server-timing: total;dur=0, dc;desc="dc3"
content-length: 10850
last-modified: Tue, 23 Nov 2021 08:29:55 GMT
server: DMS/1.0.42
etag: "619ca683-7477"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
x-llid: f79e834009d281a1d0ce3fd5299fa679
expires: Sun, 24 Apr 2022 03:40:39 GMT

GET
H2 200 loader.js Show response
sdk.privacy-center.org/cc4f85a8-c8fa-4cde-a4fe-bc6383fdff93/ 8 KB
4 KB 121ms
39ms Script
application/javascript 2600:9000:223f:2a00:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/cc4f85a8-c8fa-4cde-a4fe-bc6383fdff93/loader.js?target=www.dhnet.be
Requested by: Host: o0.ldh.be
URL: https://o0.ldh.be/js/scriptBottom-15028db1f2ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:2a00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 200e2e78796d67fd36e80a9b89fbb19ddcc0e1ddd7850f33ab53e8c1456e531c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:24 GMT
content-encoding: gzip
server: CloudFront
age: 6576
etag: "b90ea7df3420c42226fe906b2ca6239e"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: public, max-age=7200
x-amz-cf-pop: FRA56-P5
content-length: 3550
x-amz-cf-id: EBEy7EtPz6gtAsItfqf5r7yRRDnzxemJw89PXVjjFSeRP5g6-fD6zg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 248 KB
79 KB 137ms
49ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WPVNNM

Requested by

Host: o0.ldh.be
URL: https://o0.ldh.be/js/scriptBottom-15028db1f2ad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

240b98cb4ea76bc74308ad7a68193ec59dd4014ffe0eea91be591b8fe77abb06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80600
x-xss-protection: 0
last-modified: Sat, 23 Apr 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 23 Apr 2022 05:06:57 GMT

GET
H/1.1 200
OK _david_publishers_master_ipm.js Show response
c.pebblemedia.be/js/data/david/ 56 B
581 B 123ms
40ms Script
application/javascript 13.32.99.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pebblemedia.be/js/data/david/_david_publishers_master_ipm.js
Requested by: Host: o0.ldh.be
URL: https://o0.ldh.be/js/scriptBottom-15028db1f2ad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-19.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f9193db640616df6c3585e013abfc8c42a0a083b092a8d8001205f05e03027d4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-version-id: IOiLlg8obSZ3rY8WiMwzt7ZTHD5ynaRe
Via: 1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
Last-Modified: Thu, 02 Dec 2021 10:46:22 GMT
Server: AmazonS3
Age: 3682
ETag: "1474a8cd8dd5228167fe4139b8871b0b"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Date: Sat, 23 Apr 2022 04:05:36 GMT
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Content-Length: 56
X-Amz-Cf-Id: KhcsfhnczsC_MvbLPW3-7-JUiFpxhnC8Ih_o7eRmnFlsfAYtF6nOwg==

GET
H/1.1 200
OK 48f39e1e5f22458fbbea2e5fd9f383ca_1.js Show response
targetemsecure.blob.core.windows.net/48f39e1e-5f22-458f-bbea-2e5fd9f383ca/ 29 KB
5 KB 146ms
38ms Script
application/javascript 52.239.242.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://targetemsecure.blob.core.windows.net/48f39e1e-5f22-458f-bbea-2e5fd9f383ca/48f39e1e5f22458fbbea2e5fd9f383ca_1.js
Requested by: Host: o0.ldh.be
URL: https://o0.ldh.be/js/scriptBottom-15028db1f2ad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.242.148 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0a3dc3cb39a25d8bd524198a72cf9e40f3227b1fe7f7b5d4e2803721102bf8fc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 23 Apr 2022 05:06:57 GMT
Content-Encoding: gzip
Last-Modified: Sat, 23 Apr 2022 03:00:41 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: OPl1ZB2eLhLz3np9TSdmKA==
ETag: 0x8DA24D5738C5154
Content-Type: application/javascript
x-ms-request-id: 837f532b-b01e-0005-22cf-562f69000000
Cache-Control: public
x-ms-version: 2009-09-19
Content-Length: 4406

GET
H2 200 th.js Show response
offer.slgnt.eu/static/ 34 KB
12 KB 113ms
38ms Script
application/javascript 35.233.20.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://offer.slgnt.eu/static/th.js

Requested by

Host: o0.ldh.be
URL: https://o0.ldh.be/js/scriptBottom-15028db1f2ad.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.233.20.168 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

168.20.233.35.bc.googleusercontent.com

Software

Resource Hash

e2d4ac7c9300d48c6aae4856ef2802e97d05b2b5bf978ac3999dd7079d73a427

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Apr 2022 08:18:05 GMT
etag: W/"625fc1bd-8945"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public
strict-transport-security: max-age=15724800; includeSubDomains
x-xss-protection: 1; mode=block
expires: Mon, 23 May 2022 05:06:57 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/fr_FR/ 3 KB
2 KB 122ms
41ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/fr_FR/sdk.js

Requested by

Host: o0.ldh.be
URL: https://o0.ldh.be/js/script-22c744726567.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5c7d2b05a55f87b7e0758799c42ef069841769a279eea94ff9e7cdc842d58c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: hYKTIeLG3LaMkk6BTBVicA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: oAg99w4WKSJ5IThubyV13sLWW8eK5cJEUmCQTXZbbkrRn/dNL/f07tPa6wUNeZrNN8io2NX9oCHzZNDkW2N2sA==
x-fb-trip-id: 686109401
x-fb-content-md5: 1098d0e043dc3a64793ed9a925668713
x-frame-options: DENY
date: Sat, 23 Apr 2022 05:06:57 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "12910afb1c50cdbe644a0f4ae439557e"
timing-allow-origin: *
expires: Sat, 23 Apr 2022 05:11:53 GMT

GET
H/1.1 200
OK optiextension.dll Show response
ipm.emsecure.net/optiext/ Frame 59FA 5 KB
5 KB 254ms
83ms Document
text/html 194.213.114.133
SENTIA

General

Check archive.org

Show headers Download Go to

Full URL

https://ipm.emsecure.net/optiext/optiextension.dll?ID=kTPkniX3YxWv89s4JZGkyYh1HHpsNeqXJcFQGl%2BHR5gGQBXsTLb%2BGuEl_9CqkkMxB5jBdVzEYqPkku&NEWSLETTER_ID=DH_FLASH_INFO&NEWSLETTER_NAME=DH%20Les%20Sports+&NEWSLETTER_DESCRIPTION=L%27actu%20vous%20int%C3%A9resse?%20Inscrivez-vous%20%C3%A0%20la%20newsletter%20quotidienne!&NEWSLETTER_DESCRIPTION_MAIL=Vous%20recevrez,%20tous%20les%20matins,%20les%20derni%C3%A8res%20actus%20de%20La%20DH%20Les%20Sports+.&PRIMARY_COLOR=051f3a&BG_COLOR=e1001a

Requested by

Host: o0.ldh.be
URL: https://o0.ldh.be/js/scriptBottom-15028db1f2ad.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

194.213.114.133 , Belgium, ASN8315 (SENTIA, NL),

Reverse DNS

webapp133.emsecure.net

Software

Resource Hash

c3f6af5c32c664fd08c458a844c4271c2c7b8aab5fe00bbe74bb72bbc55f90c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dhnet.be/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: https://preview.lavenir.net
Cache-Tag: 10670
Content-Length: 5260
Content-Type: text/html; charset=UTF-8
Date: Sat, 23 Apr 2022 05:06:57 GMT
Referrer-Policy: strict-origin
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Xss-Protection: 1; mode=block

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 45ms
45ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.dhnet.be
URL: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Sat, 23 Apr 2022 05:06:57 GMT
x-host: s7.addthis.com
content-length: 116389

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 64 KB
22 KB 171ms
83ms Script
application/x-javascript 2a02:26f0:6c00:2a7::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: www.dhnet.be
URL: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b4058bf3400bbf6d6e83470de4f5a097187f7f299a513abf127d59dfdf13a2dc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sat, 23 Apr 2022 05:06:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Apr 2022 05:44:23 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21991
Expires: Sat, 23 Apr 2022 06:06:58 GMT

GET
H2 200 sdk.99f345634098814fa32e2799a9b203360a8abe5a.js Show response
sdk.privacy-center.org/ 388 KB
87 KB 47ms
47ms Script
application/javascript 2600:9000:223f:2a00:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/sdk.99f345634098814fa32e2799a9b203360a8abe5a.js
Requested by: Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/cc4f85a8-c8fa-4cde-a4fe-bc6383fdff93/loader.js?target=www.dhnet.be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:2a00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01c840ec351900aa89af7d71692d07db6e1b41347fcf3698fd70af56599a936d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 21 Apr 2022 10:58:43 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 10:53:51 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1650538116/ctime:1650538116/gid:0/gname:root/md5:b6fe60d2243291687a8af088445d8432/mode:33188/mtime:1650538116/uid:0/uname:root
age: 151695
etag: W/"b6fe60d2243291687a8af088445d8432"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: x7uRZ8rD2qKEYvVWA8bB_rDb1Rn4P11UIkqnC8bciKtfxwTLi5k6XQ==

GET
H3 200 sdk.js Show response
connect.facebook.net/fr_FR/ 283 KB
81 KB 88ms
46ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/fr_FR/sdk.js?hash=10647c3a2932c72c6dc888871e60246c

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bfa5f048a81ae20fd6174f23a17a0a5557f8c2a3a3d5ec4a37b3216e6239a49a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.dhnet.be/
Origin: https://www.dhnet.be
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: rm2vbhkJgw32btt/DYhAEQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Sun, 23 Apr 2023 02:15:44 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 82933
x-fb-rlafr: 0
x-fb-debug: wkXGDI1qpYGGGmurKfppjDsxcCEcQj76ygf38NBZIfZzUTQkSbhZ7TRPyY4BWbrBWZjPRYY0Dgr1ApDwV8sArA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 31dc55a8f8c8929c055ff1b2711fdc7c
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 23 Apr 2022 05:06:58 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "0ab31672d9ba45e428abe33a241e054f"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK 48f39e1e5f22458fbbea2e5fd9f383ca_2_1650623829.js Show response
targetemsecure.blob.core.windows.net/48f39e1e-5f22-458f-bbea-2e5fd9f383ca/ 139 KB
43 KB 39ms
39ms Script
application/javascript 52.239.242.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://targetemsecure.blob.core.windows.net/48f39e1e-5f22-458f-bbea-2e5fd9f383ca/48f39e1e5f22458fbbea2e5fd9f383ca_2_1650623829.js
Requested by: Host: targetemsecure.blob.core.windows.net
URL: https://targetemsecure.blob.core.windows.net/48f39e1e-5f22-458f-bbea-2e5fd9f383ca/48f39e1e5f22458fbbea2e5fd9f383ca_1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.242.148 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d500aac24dfd839e0e1fe2b7fa85c2da423784025034444e82d351bb6ef7f9b2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 23 Apr 2022 05:06:57 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Apr 2022 10:37:26 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 1teVIbldKwLh7I0BqVT+VQ==
ETag: 0x8DA244C183FD9AD
Content-Type: application/javascript
x-ms-request-id: 837f533c-b01e-0005-30cf-562f69000000
Cache-Control: public, max-age=86400
x-ms-version: 2009-09-19
Content-Length: 43476

GET
H2 200 56206051c1164e.js Show response
offer.slgnt.eu/e55e3c1e31284a66b38eae861fbb9a15/ 34 KB
12 KB 38ms
38ms Script
application/javascript 35.233.20.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://offer.slgnt.eu/e55e3c1e31284a66b38eae861fbb9a15/56206051c1164e.js?v=e65dcf1ee6918bfa405a6a2507792e1b

Requested by

Host: targetemsecure.blob.core.windows.net
URL: https://targetemsecure.blob.core.windows.net/48f39e1e-5f22-458f-bbea-2e5fd9f383ca/48f39e1e5f22458fbbea2e5fd9f383ca_1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.233.20.168 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

168.20.233.35.bc.googleusercontent.com

Software

Resource Hash

e2d4ac7c9300d48c6aae4856ef2802e97d05b2b5bf978ac3999dd7079d73a427

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Apr 2022 08:18:05 GMT
etag: W/"625fc1bd-8945"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public
strict-transport-security: max-age=15724800; includeSubDomains
x-xss-protection: 1; mode=block
expires: Mon, 23 May 2022 05:06:57 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 108 KB
40 KB 167ms
78ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-PSDSSPP

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WPVNNM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5a623997f79453cba050fc927d02543563d665e190fa627bce4fdecdfbebc531

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:58 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40442
x-xss-protection: 0
expires: Sat, 23 Apr 2022 05:06:58 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 125ms
40ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WPVNNM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5528
date: Sat, 23 Apr 2022 03:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 23 Apr 2022 05:34:50 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 153ms
62ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WPVNNM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14892
x-xss-protection: 0
server: cafe
etag: 4605403730725282575
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 23 Apr 2022 05:06:58 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 83ms
41ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.dhnet.be
URL: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: BdEBRVWhHrwOG5FTtBs5bXDygbU+gg7g5aGD0Ufltl++qO2uBDdAltANac7NGrcSYsbdjllJzHbszDs9cwIs5g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 23 Apr 2022 05:06:58 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 polyfill.js Show response
cdn.polyfill.io/v2/ 222 B
217 B 196ms
72ms Script
text/javascript 2a04:4e42::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.polyfill.io/v2/polyfill.js?features=URL
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WPVNNM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:58 GMT
content-encoding: br
last-modified: Mon, 18 Apr 2022 17:49:11 GMT
age: 0
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser: chrome/100.0.0
server-timing: cache-mxp6940, PASS, fastly;desc="Edge time";dur=12
accept-ranges: bytes
content-length: 126

GET
H2 200 ipmpix.min.js Show response
data-api.lavenir.net/pixel/ 19 KB
19 KB 101ms
39ms Script
application/javascript 34.120.251.88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data-api.lavenir.net/pixel/ipmpix.min.js?t=1650758400000
Requested by: Host: www.dhnet.be
URL: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.251.88 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 88.251.120.34.bc.googleusercontent.com
Software: gunicorn /
Resource Hash: 36b31e752b1d59640e3d14f716e5b5f3bc081720a8ff16371a5af4f9fa482163

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:58 GMT
via: 1.1 google
last-modified: Fri, 14 Jan 2022 09:58:30 GMT
server: gunicorn
access-control-allow-headers: content-type
etag: "1642154310.0-19512-1047398068"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
content-disposition: inline; filename=ipmpix.min.js
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19512

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
66 KB 143ms
60ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SN0WVX8DBQ

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WPVNNM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bac644a00f3d78174ac4697352f5187000147682bd9b425012f77f4a7ce70213

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:58 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67799
x-xss-protection: 0
expires: Sat, 23 Apr 2022 05:06:58 GMT

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v3/ 101 B
417 B 191ms
72ms Script
text/javascript 2a04:4e42::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.polyfill.io/v3/polyfill.min.js?features=es6&gated=true
Requested by: Host: targetemsecure.blob.core.windows.net
URL: https://targetemsecure.blob.core.windows.net/48f39e1e-5f22-458f-bbea-2e5fd9f383ca/48f39e1e5f22458fbbea2e5fd9f383ca_2_1650623829.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:58 GMT
content-encoding: br
last-modified: Mon, 04 Apr 2022 11:52:54 GMT
age: 0
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser: chrome/100.0.0
server-timing: cache-mxp6940, PASS, fastly;desc="Edge time";dur=11
accept-ranges: bytes
content-length: 94

GET
H2 200 ui-gdpr-fr.99f345634098814fa32e2799a9b203360a8abe5a.js Show response
sdk.privacy-center.org/ 272 KB
55 KB 45ms
45ms Script
application/javascript 2600:9000:223f:2a00:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/ui-gdpr-fr.99f345634098814fa32e2799a9b203360a8abe5a.js
Requested by: Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk.99f345634098814fa32e2799a9b203360a8abe5a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:2a00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 85b3df5351416c2fb03b74eb0491180924f5f5daeddebd65e68eac7908d600fb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 21 Apr 2022 10:58:52 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 10:54:13 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1650538116/ctime:1650538116/gid:0/gname:root/md5:a0e6b2b922c67340361161e8ad47ed56/mode:33188/mtime:1650538116/uid:0/uname:root
age: 151687
etag: W/"a0e6b2b922c67340361161e8ad47ed56"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: e-AniIamC7udg5eDmgQ_dBtBQ7qfx7n5eRx7_KbUNxv0NOz5TbiRLA==

GET
H2 200 css2
fonts.googleapis.com/ Frame 59FA 2 KB
1 KB 138ms
49ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap

Requested by

Host: ipm.emsecure.net
URL: https://ipm.emsecure.net/optiext/optiextension.dll?ID=kTPkniX3YxWv89s4JZGkyYh1HHpsNeqXJcFQGl%2BHR5gGQBXsTLb%2BGuEl_9CqkkMxB5jBdVzEYqPkku&NEWSLETTER_ID=DH_FLASH_INFO&NEWSLETTER_NAME=DH%20Les%20Sports+&NEWSLETTER_DESCRIPTION=L%27actu%20vous%20int%C3%A9resse?%20Inscrivez-vous%20%C3%A0%20la%20newsletter%20quotidienne!&NEWSLETTER_DESCRIPTION_MAIL=Vous%20recevrez,%20tous%20les%20matins,%20les%20derni%C3%A8res%20actus%20de%20La%20DH%20Les%20Sports+.&PRIMARY_COLOR=051f3a&BG_COLOR=e1001a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6f02ea61b580dd0d3d5fd8b473d8584ab32e741a5a969704928df2d2753a44e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ipm.emsecure.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 23 Apr 2022 04:14:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 23 Apr 2022 05:06:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Apr 2022 05:06:58 GMT

GET
H/1.1 200
OK bouncer.polyfills.min.js Show response
ipm.emsecure.net/scripts/RS/form-validation/ Frame 59FA 12 KB
12 KB 56ms
56ms Script
application/javascript 194.213.114.133
SENTIA

General

Check archive.org

Show headers Download Go to

Full URL

https://ipm.emsecure.net/scripts/RS/form-validation/bouncer.polyfills.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

194.213.114.133 , Belgium, ASN8315 (SENTIA, NL),

Reverse DNS

webapp133.emsecure.net

Software

Resource Hash

91134acdbcaa117f5507fa00a9a4550b6492854b095a2df55ed268f33abfdaa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ipm.emsecure.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sat, 23 Apr 2022 05:06:57 GMT
Referrer-Policy: strict-origin
Last-Modified: Wed, 16 Sep 2020 11:40:31 GMT
ETag: "405cf82e1e8cd61:0"
Strict-Transport-Security: max-age=31536000; includeSubdomains
Cache-Tag: 10670
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 11883
X-Xss-Protection: 1; mode=block

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 84 KB
29 KB 149ms
58ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.dhnet.be
URL: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

773da69a87f5aa86a8e530165b1ba535dce8b8042b43332fe907c0c4a187f6a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28647
x-xss-protection: 0
server: sffe
etag: "1194 / 333 of 1000 / last-modified: 1650665455"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 23 Apr 2022 05:06:58 GMT

GET
H2 200 comments.php
www.facebook.com/v8.0/plugins/ Frame 6A13 0
0 141ms
59ms Document
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v8.0/plugins/comments.php?app_id=463125397122134&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df273fe92d36e4dc%26domain%3Dwww.dhnet.be%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.dhnet.be%252Ff35a2cf1716bafc%26relation%3Dparent.parent&color_scheme=light&container_width=1060&height=100&href=https%3A%2F%2Fwww.dhnet.be%2Fs%2Fart%2F6263175e9978e23b8f737e66&locale=fr_FR&numposts=10&sdk=joey&version=v8.0&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js?hash=10647c3a2932c72c6dc888871e60246c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.dhnet.be/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 23 Apr 2022 05:06:58 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-content-type-options: nosniff
x-fb-debug: 0OkzCyZKmZdBMfguI4YEqWO6JJSxQOR9Fn8FgQFNhE8wUoo4Ef+cCcaJte9CHjwVAHzaUWAt0qIS51AsUDaFfw==
x-frame-options: DENY
x-xss-protection: 0

POST
H3 200 pixel.png
data-api.lavenir.net/pixel/ 43 B
62 B 98ms
39ms Ping
image/gif 34.120.251.88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data-api.lavenir.net/pixel/pixel.png?id=dhnet&uid=&sid=1-wxrajzu2-l2bege9d&pvid=1-027cc3kq-l2bege9e&ev=pageload&ed=&v=1&dl=https%3A%2F%2Fwww.dhnet.be%2Factu%2Fbelgique%2Fune-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66&rl=&ts=1650690418096&de=UTF-8&sr=1600x1200&vp=1600x1200&cd=24&dt=Une%20tentative%20de%20phishing%20touche%20les%20utilisateurs%20de%20titres-services%20Sodexo%20-%20DH%20Les%20Sports%2B&bn=Chrome%20100&md=false&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F100.0.4896.127%20Safari%2F537.36&tz=0&utm_source=&utm_medium=&utm_term=&utm_content=&utm_campaign=&ct=unknown&aid=6263175e9978e23b8f737e66&apd=2022-04-22T23%3A00%3A44.000Z&as=Free&fa=1&pa=false&pt=Article&fp=&ru=Article&ss=&uuid=Anonymous&slgt_p_id=
Requested by: Host: data-api.lavenir.net
URL: https://data-api.lavenir.net/pixel/ipmpix.min.js?t=1650758400000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.251.88 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 88.251.120.34.bc.googleusercontent.com
Software: gunicorn /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:58 GMT
via: 1.1 google
last-modified: Fri, 14 Jan 2022 09:58:30 GMT
server: gunicorn
access-control-allow-headers: content-type
etag: "1642154310.0-43-630326566"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
content-disposition: inline; filename=pixel.gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3 200 1074425032615672 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 41ms
41ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1074425032615672?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

543e601fcf05fe12bfdd1787e64cadb0a033e2708849fe075312fd935c30125f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88827
x-xss-protection: 0
pragma: public
x-fb-debug: ISYuwpm6waNgFo48ECAhXWLDudhZq+IjnwuGBThux1Yj+pxR42BOwn2NG2LgOgI3kugxVDMncbt7HCBMHhiV8A==
x-frame-options: DENY
date: Sat, 23 Apr 2022 05:06:58 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame CD9B 684 B
749 B 120ms
120ms Document
text/html 2a02:26f0:6c00:2a7::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Referer: https://www.dhnet.be/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 379
Content-Type: text/html
Date: Sat, 23 Apr 2022 05:06:58 GMT
Expires: Tue, 03 May 2022 05:06:58 GMT
Last-Modified: Tue, 11 Jan 2022 07:21:04 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H2 200 loader.js Show response
sdk.privacy-center.org/cc4f85a8-c8fa-4cde-a4fe-bc6383fdff93/ 8 KB
4 KB 40ms
40ms Script
application/javascript 2600:9000:223f:2a00:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/cc4f85a8-c8fa-4cde-a4fe-bc6383fdff93/loader.js?target=www.dhnet.be&_=1650690416664
Requested by: Host: o0.ldh.be
URL: https://o0.ldh.be/js/script-22c744726567.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:2a00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 200e2e78796d67fd36e80a9b89fbb19ddcc0e1ddd7850f33ab53e8c1456e531c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:24 GMT
content-encoding: gzip
server: CloudFront
age: 6577
etag: "b90ea7df3420c42226fe906b2ca6239e"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: public, max-age=7200
x-amz-cf-pop: FRA56-P5
content-length: 3550
x-amz-cf-id: t4KyfXam9GIaQH1RHmFedpBFABCFmKmkwWqXQfnhjlfHlWWVKLen1w==

OPTIONS
H2 204 events
api.privacy-center.org/v1/ Frame 0
0 269ms
88ms Preflight 2600:9000:2260:2800:d:2044:5c40:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.privacy-center.org/v1/events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2260:2800:d:2044:5c40:93a1 , United States, ASN (),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.dhnet.be
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-requested-with
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 86400
date: Sat, 23 Apr 2022 05:06:58 GMT
vary: Access-Control-Request-Headers
via: 1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
x-amz-cf-id: 3dpRahYBanGAH1zoI6NYrmG2zO45ok985oQL5mkn_ifw9Yh7Ts9kkQ==
x-amz-cf-pop: TXL50-P3
x-cache: Miss from cloudfront
x-powered-by: Express

POST
H2 204 events Show response
api.privacy-center.org/v1/ 0
523 B 90ms
90ms XHR
text/plain 2600:9000:2260:2800:d:2044:5c40:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.privacy-center.org/v1/events

Requested by

Host: data-api.lavenir.net
URL: https://data-api.lavenir.net/pixel/ipmpix.min.js?t=1650758400000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2260:2800:d:2044:5c40:93a1 , United States, ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dhnet.be/
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 23 Apr 2022 05:06:58 GMT
via: 1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: TXL50-P3
surrogate-control: no-store
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
strict-transport-security: max-age=15552000; includeSubDomains
x-xss-protection: 1; mode=block
pragma: no-cache
allow: POST
x-frame-options: SAMEORIGIN
etag: W/"4-K+iMpCQsduglOsYkdIUQZQMtaDM"
x-download-options: noopen
vary: Accept
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-amz-cf-id: A8RK-fwphaMzDCHW-l71ypU_YeVCQFfcwK3KkA81DP-zSY8tb9DfMA==
expires: 0

GET
H2 200 WHNHSAJGBJHXPFQBSD6EUEYZ2U.png
www.lalibre.be/resizer/VOUdWOinOkXnkVgy_pd16NGwNGE=/arc-photo-ipmgroup/eu-central-1-prod/public/ 10 KB
10 KB 178ms
52ms Image
image/png 2a02:26f0:6c00::210:ba22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lalibre.be/resizer/VOUdWOinOkXnkVgy_pd16NGwNGE=/arc-photo-ipmgroup/eu-central-1-prod/public/WHNHSAJGBJHXPFQBSD6EUEYZ2U.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba22 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

9d56e2a1079cf7d22401499333a043be54e4908f1222ce844be5d0c6a04b5a72

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:58 GMT
x-check-cacheable: YES
x-serial: 1091
x-akamai-pragma-client-ip: 10.67.91.137, 64.158.222.231
etag: "0e7b0870f3bda51624317c04f2cb812368dee76b"
content-type: image/png
cache-control: private, no-transform, max-age=21197953
last-modified: Fri, 24 Dec 2021 13:28:59 GMT
content-security-policy: upgrade-insecure-requests
content-length: 10198
server: Akamai Image Manager
expires: Sat, 24 Dec 2022 13:26:11 GMT

GET
H2 200 xgemius.js Show response
gabe.hit.gemius.pl/ 44 KB
12 KB 175ms
58ms Script
application/x-javascript 146.59.29.0
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gabe.hit.gemius.pl/xgemius.js
Requested by: Host: o0.ldh.be
URL: https://o0.ldh.be/js/script-22c744726567.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.29.0 , France, ASN16276 (OVH, FR),
Reverse DNS: ip0.ip-146-59-29.eu
Software: GHC /
Resource Hash: cb8ed4688c7f796b35323f50c6f75948b54854b403abd94e1a67e28e7b5edf34

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:58 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 06:09:03 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 11890
expires: Sat, 23 Apr 2022 17:06:58 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 123ms
40ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 23 Apr 2022 06:06:53 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/992318238/ 3 KB
2 KB 143ms
54ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/992318238/?random=1650690418307&cv=9&fst=1650690418307&num=1&label=ZvdVCPL21AQQnqaW2QM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4k0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.dhnet.be%2Factu%2Fbelgique%2Fune-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66&tiba=Une%20tentative%20de%20phishing%20touche%20les%20utilisateurs%20de%20titres-services%20Sodexo%20-%20DH%20Les%20Sports%2B&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab3532c1111c576b2357bb997d1b2cb062cf181597e849078a0bd358e0425151

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Apr 2022 05:06:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
443 B 109ms
36ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-36648242-1&cid=1270390160.1650690418&jid=683840747&gjid=768649754&_gid=1462809447.1650690418&_u=aGBAiEALRAAAAE~&z=568674122

Requested by

Host: data-api.lavenir.net
URL: https://data-api.lavenir.net/pixel/ipmpix.min.js?t=1650758400000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dhnet.be/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 23 Apr 2022 05:06:58 GMT
content-type: text/plain
access-control-allow-origin: https://www.dhnet.be
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 103ms
41ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=142542122&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dhnet.be%2Factu%2Fbelgique%2Fune-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66&ul=en-us&de=UTF-8&dt=Une%20tentative%20de%20phishing%20touche%20les%20utilisateurs%20de%20titres-services%20Sodexo%20-%20DH%20Les%20Sports%2B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiEALR~&jid=683840747&gjid=768649754&cid=1270390160.1650690418&tid=UA-36648242-1&_gid=1462809447.1650690418&gtm=2wg4k0WPVNNM&cd1=Article&cd2=Free&cd4=Article&cd6=Anonymous&cd9=&cd11=Belga%20%20&cd13=541&cd16=0&cd17=1&cd18=6263175e9978e23b8f737e66&cd20=2022-04-22T23%3A00%3A44.000Z&cm1=0&cm2=1&cm4=0&cm5=0&cm6=0&cm7=0&z=1515952625

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 08:19:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 74841
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track Show response
site-azp.slgnt.eu/frontend/api/ 8 KB
4 KB 232ms
119ms Fetch
application/json 2606:4700::6811:7a12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://site-azp.slgnt.eu/frontend/api/track
Requested by: Host: targetemsecure.blob.core.windows.net
URL: https://targetemsecure.blob.core.windows.net/48f39e1e-5f22-458f-bbea-2e5fd9f383ca/48f39e1e5f22458fbbea2e5fd9f383ca_2_1650623829.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7a12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f850625618d5f89c8d8040f64253921b808414dfbd3ef52f9016b7b8400c21df

Request headers

Referer: https://www.dhnet.be/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
content-type: application/json

Response headers

date: Sat, 23 Apr 2022 05:06:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.dhnet.be
access-control-allow-credentials: true
connectionclose: true
cf-ray: 700412acb9fb0208-ZRH
content-type: application/json; charset=utf-8
request-context: appId=cid-v1:30f94791-3880-4dbc-82ba-664d97470ce8

OPTIONS
H2 200 track
site-azp.slgnt.eu/frontend/api/ Frame 0
0 184ms
86ms Preflight 2606:4700::6811:7a12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://site-azp.slgnt.eu/frontend/api/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7a12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.dhnet.be
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.dhnet.be
cf-cache-status: DYNAMIC
cf-ray: 700412ab6d1a2355-ZRH
content-length: 0
date: Sat, 23 Apr 2022 05:06:58 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
request-context: appId=cid-v1:30f94791-3880-4dbc-82ba-664d97470ce8
server: cloudflare

GET
H/1.1 200
OK segment Show response
api.cxense.com/profile/user/ 77 B
694 B 107ms
36ms Script
text/javascript 147.75.85.120
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/profile/user/segment?callback=cXJsonpCBl2begecmddiff3qi&persisted=46efd84c014ea48dcd4f8af246eaf890bb0b1703&json=%7B%22identities%22%3A%5B%7B%22id%22%3A%22l2bege9tvs0c7u8c%22%2C%22type%22%3A%22cx%22%7D%5D%7D

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

9851803a687e632477a832f07bea6d20ddbe01457d2f0df2c5f0fee5163a76fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Apr 2022 05:06:58 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 77
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK segment Show response
api.cxense.com/profile/user/ 123 B
741 B 169ms
63ms Script
text/javascript 147.75.85.120
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/profile/user/segment?callback=cXJsonpCBl2begecn5f84twfr&persisted=5a69daf3234c0d9a48fcb98edde199ce892308e7&json=%7B%22identities%22%3A%5B%7B%22id%22%3A%22l2bege9tvs0c7u8c%22%2C%22type%22%3A%22cx%22%7D%5D%7D

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

4bbe157950f58697be2274bc2622ed63b3ecde6ccefd7a9549535858f9a2770e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Apr 2022 05:06:58 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 123
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 smart.js Show response
www.ultimedia.com/js/common/ 40 KB
8 KB 136ms
38ms Script
application/javascript 51.210.116.132
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ultimedia.com/js/common/smart.js?_=1650690416665

Requested by

Host: o0.ldh.be
URL: https://o0.ldh.be/js/script-22c744726567.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.210.116.132 , France, ASN16276 (OVH, FR),

Reverse DNS

dtk-lb-gra08.dginfra.net

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

b394ea8edffcaa643791a6d6ae840f701975acead68e3a8a627f0c0122034a63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:58 GMT
content-encoding: gzip
last-modified: Fri, 22 Apr 2022 09:59:16 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"62627c74-a129"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2678400
strict-transport-security: max-age=31536000; includeSubDomains
expires: Tue, 24 May 2022 05:06:58 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 148ms
53ms XHR
application/json 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

Requested by

Host: data-api.lavenir.net
URL: https://data-api.lavenir.net/pixel/ipmpix.min.js?t=1650758400000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69c6b47baa1daadfc97140dea91dacacf6c72257fe173671fc1ddb8a1b193203

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dhnet.be/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Apr 2022 05:06:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7560
x-jsd-version: 1.0.1319
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19178-FRA, cache-iad-kiad7000087-IAD
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"66b-yomIYqzyFDCcdab5c1xxoDDCRHE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fib9c6K%2Fz8jERipdZ8DhoH5GD4Z46JE%2BXPy%2FPkIVgOL99ALxYJMm4Cp6SSIryy3e4v1ihBTlh0YQIZArgS55z%2BNygMcF%2B7jpvqlcq2rElSrmQj9o22s3BB1CYA1%2F3KF4Kza7PeFB%2F7Bi7FDcie4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 700412ab6a8a23f7-ZRH
access-control-expose-headers: *

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 68ms
47ms Ping
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-SN0WVX8DBQ&gtm=2oe4k0&_p=142542122&_z=ccd.NbB&cid=1270390160.1650690418&ul=en-us&sr=1600x1200&_s=1&sid=1650690418&sct=1&seg=0&dl=https%3A%2F%2Fwww.dhnet.be%2Factu%2Fbelgique%2Fune-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66&dt=Une%20tentative%20de%20phishing%20touche%20les%20utilisateurs%20de%20titres-services%20Sodexo%20-%20DH%20Les%20Sports%2B&en=page_view&_fv=1&_ss=1&ep.article_id=6263175e9978e23b8f737e66&ep.publish_date_string=2022-04-22T23%3A00%3A44.000Z&ep.page_securetype=Free&epn.is_free_article=1&ep.page_type=Article&ep.page_section=Article&up.account_id=Anonymous
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SN0WVX8DBQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Apr 2022 05:06:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dhnet.be
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 90ms
47ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1074425032615672&ev=PageView&dl=https%3A%2F%2Fwww.dhnet.be%2Factu%2Fbelgique%2Fune-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66&rl=&if=false&ts=1650690418395&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1650690418394.15778520&it=1650690418234&coo=false&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Sat, 23 Apr 2022 05:06:58 GMT

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame CD9B 64 KB
22 KB 54ms
54ms Script
application/x-javascript 2a02:26f0:6c00:2a7::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b4058bf3400bbf6d6e83470de4f5a097187f7f299a513abf127d59dfdf13a2dc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sat, 23 Apr 2022 05:06:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Apr 2022 05:44:23 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21991
Expires: Sat, 23 Apr 2022 06:06:58 GMT

GET
H3 200 pubads_impl_2022042001.js Show response
securepubads.g.doubleclick.net/gpt/ 362 KB
123 KB 133ms
43ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042001.js?cb=31067210

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

e38188d7aeeab09989954d42e1eac3f97f6320a4e6d51cc2dde4ac391289bf08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 23:14:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21128
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126015
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 22 Apr 2023 23:14:50 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 156 B
133 B 141ms
51ms XHR
application/json 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.dhnet.be

Requested by

Host: data-api.lavenir.net
URL: https://data-api.lavenir.net/pixel/ipmpix.min.js?t=1650758400000

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

56fbfd6291b8fbfbf6465056dc2df023a0fc19b43aaa59191e5827b1254676ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Apr 2022 05:06:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108
x-xss-protection: 0
expires: Sat, 23 Apr 2022 05:06:58 GMT

GET
H/1.1 404
Not Found ipm_init.js
code3.adtlgc.com/js/ 0
0 175ms
45ms Script
text/html 104.111.245.50
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://code3.adtlgc.com/js/ipm_init.js
Requested by: Host: www.dhnet.be
URL: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.245.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-245-50.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 59FA 16 KB
16 KB 132ms
40ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ipm.emsecure.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 14:02:01 GMT
x-content-type-options: nosniff
age: 313497
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 19 Apr 2023 14:02:01 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 48ms
47ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=142542122&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.dhnet.be%2Factu%2Fbelgique%2Fune-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66&ul=en-us&de=UTF-8&dt=Une%20tentative%20de%20phishing%20touche%20les%20utilisateurs%20de%20titres-services%20Sodexo%20-%20DH%20Les%20Sports%2B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce&ea=promoView&_u=aGDAiEALRAAAAE~&jid=&gjid=&cid=1270390160.1650690418&tid=UA-36648242-1&_gid=1462809447.1650690418&gtm=2wg4k0WPVNNM&cd1=Article&cd2=Free&cd4=Article&cd6=Anonymous&cd9=&cd11=Belga%20%20&cd13=541&cd16=0&cd17=1&cd18=6263175e9978e23b8f737e66&cd20=2022-04-22T23%3A00%3A44.000Z&cm1=0&cm2=1&cm4=0&cm5=0&cm6=0&cm7=0&promo1id=button&promo1nm=Abonnez-vous&promo1cr=&promo1ps=top&z=1941439262

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 08:19:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 74841
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 49ms
48ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=142542122&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.dhnet.be%2Factu%2Fbelgique%2Fune-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66&ul=en-us&de=UTF-8&dt=Une%20tentative%20de%20phishing%20touche%20les%20utilisateurs%20de%20titres-services%20Sodexo%20-%20DH%20Les%20Sports%2B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Factu%2Fbelgique%2Fune-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66&el=1%25&_u=aGDAiEALRAAAAE~&jid=&gjid=&cid=1270390160.1650690418&tid=UA-36648242-1&_gid=1462809447.1650690418&gtm=2wg4k0WPVNNM&cd1=Article&cd2=Free&cd4=Article&cd6=Anonymous&cd9=&cd11=Belga%20%20&cd13=541&cd16=0&cd17=1&cd18=6263175e9978e23b8f737e66&cd20=2022-04-22T23%3A00%3A44.000Z&cm1=0&cm2=1&cm3=0&cm4=0&cm5=0&cm6=0&cm7=0&promo1id=button&promo1nm=Abonnez-vous&promo1cr=&promo1ps=top&z=747970881

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 08:19:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 74841
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 49ms
49ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=142542122&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.dhnet.be%2Factu%2Fbelgique%2Fune-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66&ul=en-us&de=UTF-8&dt=Une%20tentative%20de%20phishing%20touche%20les%20utilisateurs%20de%20titres-services%20Sodexo%20-%20DH%20Les%20Sports%2B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Factu%2Fbelgique%2Fune-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66&el=25%25&_u=aGDAiEALRAAAAE~&jid=&gjid=&cid=1270390160.1650690418&tid=UA-36648242-1&_gid=1462809447.1650690418&gtm=2wg4k0WPVNNM&cd1=Article&cd2=Free&cd4=Article&cd6=Anonymous&cd9=&cd11=Belga%20%20&cd13=541&cd16=0&cd17=1&cd18=6263175e9978e23b8f737e66&cd20=2022-04-22T23%3A00%3A44.000Z&cm1=0&cm2=1&cm3=0&cm4=25&cm5=1&cm6=0&cm7=0&promo1id=button&promo1nm=Abonnez-vous&promo1cr=&promo1ps=top&z=479826026

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 08:19:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 74841
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 144ms
50ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-36648242-1&cid=1270390160.1650690418&jid=683840747&_u=aGBAiEALRAAAAE~&z=875578224

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Apr 2022 05:06:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 146ms
53ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-36648242-1&cid=1270390160.1650690418&jid=683840747&_u=aGBAiEALRAAAAE~&z=875578224

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Apr 2022 05:06:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/992318238/ 42 B
154 B 133ms
52ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/992318238/?random=1650690418307&cv=9&fst=1650690000000&num=1&label=ZvdVCPL21AQQnqaW2QM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4k0&sendb=1&frm=0&url=https%3A%2F%2Fwww.dhnet.be%2Factu%2Fbelgique%2Fune-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66&tiba=Une%20tentative%20de%20phishing%20touche%20les%20utilisateurs%20de%20titres-services%20Sodexo%20-%20DH%20Les%20Sports%2B&async=1&fmt=3&is_vtc=1&random=203312311&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Apr 2022 05:06:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/992318238/ 42 B
154 B 134ms
53ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/992318238/?random=1650690418307&cv=9&fst=1650690000000&num=1&label=ZvdVCPL21AQQnqaW2QM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4k0&sendb=1&frm=0&url=https%3A%2F%2Fwww.dhnet.be%2Factu%2Fbelgique%2Fune-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66&tiba=Une%20tentative%20de%20phishing%20touche%20les%20utilisateurs%20de%20titres-services%20Sodexo%20-%20DH%20Les%20Sports%2B&async=1&fmt=3&is_vtc=1&random=203312311&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Apr 2022 05:06:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK p1.js Show response
p1cluster.cxense.com/ Frame CD9B 47 B
638 B 110ms
36ms Script
text/javascript 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://p1cluster.cxense.com/p1.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 0267a74f884090a5b03d14027ebf95f607b5b1d605dd8876c6d1c8751d8be42f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:58 GMT
last-modified: Sat, 23 Oct 2021 05:06:58 GMT
server: Jetty(9.4.28.v20200408)
etag: 3u5dyc2iczb1d2x7nl0t8c15mo
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: private, proxy-revalidate
content-type: text/javascript;charset=utf-8
content-length: 47
expires: Sun, 23 Apr 2023 05:06:58 GMT

GET
H2 200 2 Show response
www.ultimedia.com/api/widget/getwidget/mdtk/01585661/zone/ 135 B
333 B 125ms
53ms XHR
application/json 51.210.116.132
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ultimedia.com/api/widget/getwidget/mdtk/01585661/zone/2?url=https%3A%2F%2Fwww.dhnet.be%2Factu%2Fbelgique%2Fune-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66&meta_breadcrumb=&meta_tag=

Requested by

Host: data-api.lavenir.net
URL: https://data-api.lavenir.net/pixel/ipmpix.min.js?t=1650758400000

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.210.116.132 , France, ASN16276 (OVH, FR),

Reverse DNS

dtk-lb-gra08.dginfra.net

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

c1ac5517b52d5efda8599733d8c98b6659c761d6b6b4eaeb8b46b3cfe0330f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 23 Apr 2022 05:06:58 GMT
server: nginx/1.14.0 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json

GET
H2 200 visible_player.js Show response
www.ultimedia.com/js/common/ 40 KB
13 KB 37ms
36ms Script
application/javascript 51.210.116.132
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ultimedia.com/js/common/visible_player.js?v=1650672000000

Requested by

Host: www.ultimedia.com
URL: https://www.ultimedia.com/js/common/smart.js?_=1650690416665

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.210.116.132 , France, ASN16276 (OVH, FR),

Reverse DNS

dtk-lb-gra08.dginfra.net

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

f7e1b8b07693b7272ce0499a4522112a56ac0f424aee51b7f1b15be869510baa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:58 GMT
content-encoding: gzip
last-modified: Fri, 22 Apr 2022 09:59:16 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"62627c74-a088"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2678400
strict-transport-security: max-age=31536000; includeSubDomains
expires: Tue, 24 May 2022 05:06:58 GMT

GET
H2 200 notification.js Show response
www.ultimedia.com/js/common/ 5 KB
2 KB 37ms
36ms Script
application/javascript 51.210.116.132
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ultimedia.com/js/common/notification.js?v=1650672000000

Requested by

Host: www.ultimedia.com
URL: https://www.ultimedia.com/js/common/smart.js?_=1650690416665

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.210.116.132 , France, ASN16276 (OVH, FR),

Reverse DNS

dtk-lb-gra08.dginfra.net

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

780396b361c35383795d3d1fb3e71e8c1e57e717973f3a4599ec4f11ba75f84e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:58 GMT
content-encoding: gzip
last-modified: Fri, 22 Apr 2022 09:59:16 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"62627c74-129f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2678400
strict-transport-security: max-age=31536000; includeSubDomains
expires: Tue, 24 May 2022 05:06:58 GMT

GET
H2 200 visibilityStat.js Show response
www.ultimedia.com/js/common/ 2 KB
1 KB 37ms
37ms Script
application/javascript 51.210.116.132
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ultimedia.com/js/common/visibilityStat.js?v=1650672000000

Requested by

Host: www.ultimedia.com
URL: https://www.ultimedia.com/js/common/smart.js?_=1650690416665

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.210.116.132 , France, ASN16276 (OVH, FR),

Reverse DNS

dtk-lb-gra08.dginfra.net

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

675ab0a24f0160c73eaa7dde430b9f5ee68a54dc0c0c8d7d2bd0a811f30f6fd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:58 GMT
content-encoding: gzip
last-modified: Fri, 22 Apr 2022 09:59:16 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"62627c74-701"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2678400
strict-transport-security: max-age=31536000; includeSubDomains
expires: Tue, 24 May 2022 05:06:58 GMT

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ Frame CD9B 43 B
465 B 106ms
37ms Image
image/gif 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=2.3.4&typ=pgv&rnd=l2bege8pr4v8qr6u&sid=1144067785159202749&loc=https%3A%2F%2Fwww.dhnet.be%2Factu%2Fbelgique%2Fune-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66&new=1&arf=0&ltm=1650690418201&ref=&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=l2bege9sfrxz1ijw&ckp=l2bege9tvs0c7u8c&glb=&amo=1650668475&cp_payingStatus=Free&cp_articleId=6263175e9978e23b8f737e66&cst=3u5dyc2iczb1d2x7nl0t8c15mo
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:58 GMT
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 114 B
687 B 107ms
37ms Script
text/javascript 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22l2bege9tvs0c7u8c%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%223u5dyc2iczb1d2x7nl0t8c15mo%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%223u5dyc2iczb1d2x7nl0t8c15mo%22%7D%5D%2C%22siteId%22%3A%221144067785159202749%22%2C%22location%22%3A%22https%3A%2F%2Fwww.dhnet.be%2Factu%2Fbelgique%2Fune-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66%22%7D&callback=cXJsonpCBl2begej2dmol07qf

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

1ce292455fdd3e453b34d018d1e33f746f159f279597282552696fba308bf2d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Apr 2022 05:06:58 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 114
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK cx.cce.js Show response
cdn.cxense.com/ 22 KB
6 KB 47ms
46ms Script
application/x-javascript 2a02:26f0:6c00:2a7::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.cce.js
Requested by: Host: www.dhnet.be
URL: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 53223cc800efd65753dec3ab9c1099a86c6eb0f37a044c45e64b4cd8469a5181

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sat, 23 Apr 2022 05:06:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Feb 2022 15:01:18 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5939
Expires: Sat, 23 Apr 2022 06:06:58 GMT

GET
H2 200 smart Show response
www.ultimedia.com/api/widget/ 70 KB
10 KB 809ms
809ms Script
application/javascript 51.210.116.132
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ultimedia.com/api/widget/smart?j=new&t=1650690418516&exclude=&meta_description=Sodexo%20avertit%20vendredi%20dans%20un%20e-mail%20les%20utilisateurs%20de%20titres-services%20qu%27une%20tentative%20de%20hame%C3%A7onnage%20pouvant%20mener%20%C3%A0%20une%20fraude%20bancaire%20circule%20par%20mail.&meta_articledatemodified=2022-04-22T23%3A01%3A15.000Z&meta_twittertitle=Une%20tentative%20de%20phishing%20touche%20les%20utilisateurs%20de%20titres-services%20Sodexo&meta_twitterdescription=Sodexo%20avertit%20vendredi%20dans%20un%20e-mail%20les%20utilisateurs%20de%20titres-services%20qu%27une%20tentative%20de%20hame%C3%A7onnage%20pouvant%20mener%20%C3%A0%20une%20fraude%20bancaire%20circule%20par%20mail.&meta_ogdescription=Sodexo%20avertit%20vendredi%20dans%20un%20e-mail%20les%20utilisateurs%20de%20titres-services%20qu%27une%20tentative%20de%20hame%C3%A7onnage%20pouvant%20mener%20%C3%A0%20une%20fraude%20bancaire%20circule%20par%20mail.&meta_ogtitle=Une%20tentative%20de%20phishing%20touche%20les%20utilisateurs%20de%20titres-services%20Sodexo&meta_title=Une%20tentative%20de%20phishing%20touche%20les%20utilisateurs%20de%20titres-services%20Sodexo%20-%20DH%20Les%20Sports%2B&meta_h1=Une%20tentative%20de%20phishing%20touche%20les%20utilisateurs%20de%20titres-services%20Sodexo&meta_h2=Sodexo%20avertit%20vendredi%20dans%20un%20e-mail%20les%20utilisateurs%20de%20titres-services%20qu%27une%20tentative%20de%20hame%C3%A7onnage%20pouvant%20mener%20%C3%A0%20une%20fraude%20bancaire%20circule%20par%20mail.&meta_datetime=2022-04-22T23%3A01%3A15%2B02%3A00&url=https%3A%2F%2Fwww.dhnet.be%2Factu%2Fbelgique%2Fune-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66&mdtk=01585661&zone=2&layout=&tagparam=CxSegments%3D%26video_section%3Ddhnet.be%2Cactu%2Cbelgique&sspParam=%7B%22spotxipm%22%3A%7B%22cxsegment%22%3A%5B%5D%2C%22digitype%22%3A%5B%22smartplayer%22%5D%2C%22video_section%22%3A%5B%22dhnet.be%22%2C%22actu%22%2C%22belgique%22%5D%7D%2C%22spotxipmd%22%3A%7B%22cxdavid%22%3A%5B%5D%2C%22Format%22%3A%5B%22Instream%22%5D%2C%22Network%22%3A%5B%22ipm%22%5D%2C%22Language%22%3A%5B%22FR%22%5D%7D%7D&otherplayer=0&target=Smart_Container

Requested by

Host: www.ultimedia.com
URL: https://www.ultimedia.com/js/common/smart.js?_=1650690416665

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.210.116.132 , France, ASN16276 (OVH, FR),

Reverse DNS

dtk-lb-gra08.dginfra.net

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

ba4b5b111130762ae452d5634bcc8aac95c58257da3073b7cac81cd97b5de422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:59 GMT
content-encoding: gzip
vary: Accept-Encoding
server: nginx/1.14.0 (Ubuntu)
content-length: 9646
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset="utf-8"

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 64 KB
22 KB 55ms
55ms Script
application/x-javascript 2a02:26f0:6c00:2a7::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b4058bf3400bbf6d6e83470de4f5a097187f7f299a513abf127d59dfdf13a2dc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sat, 23 Apr 2022 05:06:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Apr 2022 05:44:23 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21991
Expires: Sat, 23 Apr 2022 06:06:58 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 198 KB
69 KB 852ms
729ms Script
application/x-javascript 2.20.86.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.dhnet.be
URL: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.86.44 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2da1ae39af1d0694a1a444b1d3d929917882247fbd4a0d6b844b0fbc0b289b39

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:59 GMT
content-encoding: gzip
last-modified: Mon, 18 Apr 2022 11:27:59 GMT
etag: "16-4FuTGXFx5LiW3i0JkpGJeSZGpNY"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah-stg
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: cd1bca0909d6cfc31f4b59a0de8256a9
timing-allow-origin: *, *

GET
H2 200 cookie.html Show response
offer.slgnt.eu/static/ Frame 8C1F 639 B
669 B 38ms
37ms Document
text/html 35.233.20.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://offer.slgnt.eu/static/cookie.html

Requested by

Host: offer.slgnt.eu
URL: https://offer.slgnt.eu/static/th.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.233.20.168 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

168.20.233.35.bc.googleusercontent.com

Software

Resource Hash

4b9d634e72b129717cdb60f03d28ee3a5957fd7dac32988fa7db8d0fa655b4e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dhnet.be/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=2592000 public
content-encoding: gzip
content-type: text/html
date: Sat, 23 Apr 2022 05:06:58 GMT
etag: W/"5ff32354-27f"
expires: Mon, 23 May 2022 05:06:58 GMT
last-modified: Mon, 04 Jan 2021 14:16:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 200 / Show response
www.facebook.com/tr/ Frame A861 0
15 B 42ms
42ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.dhnet.be
Referer: https://www.dhnet.be/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.dhnet.be
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sat, 23 Apr 2022 05:06:58 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

apn.png
csyn.cxense.com/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fcsyn.cxense.com%2Fapn.png%3Fcxsite%3D1144067785159202749%26uid%3D%24UID%26cxckp%3Dcx%253Aodxtzrhndsuxvyk3dd4ze6co%253Av6ja14wvtbl
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcsyn.cxense.com%252Fapn.png%253Fcxsite%253D1144067785159202749%2526uid%253D%2524UID%2526cxckp%253Dcx%25253Aodxtzrhndsuxvyk3dd4ze6co%2...
https://csyn.cxense.com/apn.png?cxsite=1144067785159202749&uid=3413553083430360983&cxckp=cx%3Aodxtzrhndsuxvyk3dd4ze6co%3Av6ja14wvtbl

42 B
207 B

115ms
36ms

Image
image/gif

147.75.85.120
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csyn.cxense.com/apn.png?cxsite=1144067785159202749&uid=3413553083430360983&cxckp=cx%3Aodxtzrhndsuxvyk3dd4ze6co%3Av6ja14wvtbl
Protocol: HTTP/1.1
Server: 147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:59 GMT
cache-control: max-age=604800
server: Jetty(9.4.28.v20200408)
content-length: 42
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Sat, 23 Apr 2022 05:06:59 GMT
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7e4ab757-c19c-4835-8dd0-c48dd70e1b9f
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://csyn.cxense.com/apn.png?cxsite=1144067785159202749&uid=3413553083430360983&cxckp=cx%3Aodxtzrhndsuxvyk3dd4ze6co%3Av6ja14wvtbl
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 responsivev3.js Show response
www.ultimedia.com/widgets/js/ 108 KB
43 KB 39ms
39ms Script
application/javascript 51.210.116.132
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ultimedia.com/widgets/js/responsivev3.js?v=2.0.2.7537

Requested by

Host: www.ultimedia.com
URL: https://www.ultimedia.com/api/widget/smart?j=new&t=1650690418516&exclude=&meta_description=Sodexo%20avertit%20vendredi%20dans%20un%20e-mail%20les%20utilisateurs%20de%20titres-services%20qu%27une%20tentative%20de%20hame%C3%A7onnage%20pouvant%20mener%20%C3%A0%20une%20fraude%20bancaire%20circule%20par%20mail.&meta_articledatemodified=2022-04-22T23%3A01%3A15.000Z&meta_twittertitle=Une%20tentative%20de%20phishing%20touche%20les%20utilisateurs%20de%20titres-services%20Sodexo&meta_twitterdescription=Sodexo%20avertit%20vendredi%20dans%20un%20e-mail%20les%20utilisateurs%20de%20titres-services%20qu%27une%20tentative%20de%20hame%C3%A7onnage%20pouvant%20mener%20%C3%A0%20une%20fraude%20bancaire%20circule%20par%20mail.&meta_ogdescription=Sodexo%20avertit%20vendredi%20dans%20un%20e-mail%20les%20utilisateurs%20de%20titres-services%20qu%27une%20tentative%20de%20hame%C3%A7onnage%20pouvant%20mener%20%C3%A0%20une%20fraude%20bancaire%20circule%20par%20mail.&meta_ogtitle=Une%20tentative%20de%20phishing%20touche%20les%20utilisateurs%20de%20titres-services%20Sodexo&meta_title=Une%20tentative%20de%20phishing%20touche%20les%20utilisateurs%20de%20titres-services%20Sodexo%20-%20DH%20Les%20Sports%2B&meta_h1=Une%20tentative%20de%20phishing%20touche%20les%20utilisateurs%20de%20titres-services%20Sodexo&meta_h2=Sodexo%20avertit%20vendredi%20dans%20un%20e-mail%20les%20utilisateurs%20de%20titres-services%20qu%27une%20tentative%20de%20hame%C3%A7onnage%20pouvant%20mener%20%C3%A0%20une%20fraude%20bancaire%20circule%20par%20mail.&meta_datetime=2022-04-22T23%3A01%3A15%2B02%3A00&url=https%3A%2F%2Fwww.dhnet.be%2Factu%2Fbelgique%2Fune-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66&mdtk=01585661&zone=2&layout=&tagparam=CxSegments%3D%26video_section%3Ddhnet.be%2Cactu%2Cbelgique&sspParam=%7B%22spotxipm%22%3A%7B%22cxsegment%22%3A%5B%5D%2C%22digitype%22%3A%5B%22smartplayer%22%5D%2C%22video_section%22%3A%5B%22dhnet.be%22%2C%22actu%22%2C%22belgique%22%5D%7D%2C%22spotxipmd%22%3A%7B%22cxdavid%22%3A%5B%5D%2C%22Format%22%3A%5B%22Instream%22%5D%2C%22Network%22%3A%5B%22ipm%22%5D%2C%22Language%22%3A%5B%22FR%22%5D%7D%7D&otherplayer=0&target=Smart_Container

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.210.116.132 , France, ASN16276 (OVH, FR),

Reverse DNS

dtk-lb-gra08.dginfra.net

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

99e39599d9a8292c712094b6114233d19961923037fc0e2d9441c773f654b98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:59 GMT
content-encoding: gzip
last-modified: Fri, 22 Apr 2022 09:59:16 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"62627c74-1ae39"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2678400
strict-transport-security: max-age=31536000; includeSubDomains
expires: Tue, 24 May 2022 05:06:59 GMT

GET
H2 200 responsivev3.js Show response
www.ultimedia.com/widgets/js/ 108 KB
43 KB 38ms
38ms Script
application/javascript 51.210.116.132
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ultimedia.com/widgets/js/responsivev3.js?v=2.0.2.7537

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.210.116.132 , France, ASN16276 (OVH, FR),

Reverse DNS

dtk-lb-gra08.dginfra.net

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

99e39599d9a8292c712094b6114233d19961923037fc0e2d9441c773f654b98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:59 GMT
content-encoding: gzip
last-modified: Fri, 22 Apr 2022 09:59:16 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"62627c74-1ae39"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2678400
strict-transport-security: max-age=31536000; includeSubDomains
expires: Tue, 24 May 2022 05:06:59 GMT

GET
H2 200 iframe Show response
www.ultimedia.com/deliver/generic/ Frame 04DA 148 KB
17 KB 506ms
505ms Document
text/html 51.210.116.132
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ultimedia.com/deliver/generic/iframe?mdtk=01585661&zone=2&type_player=0&sendstats=0&src=q3rk83u&width=1060&height=596&urlfacebook=https%3A%2F%2Fwww.dhnet.be%2F&ad=1&autoplay=yes&fstart=1&title=Le+R%C3%A9cap%27+-+Pr%C3%A9sidentielle+fran%C3%A7aise+%3A+semaine+du+18+avril+2022&endMessage=um_Smart_Container_ultimediaEndRoll&widgetPrefix=um_Smart_Container_&tagparam=CxSegments%3D%26video_section%3Ddhnet.be%2Cactu%2Cbelgique&tagparamdecoded=&sspParam=%7B%22spotxipm%22%3A%7B%22cxsegment%22%3A%5B%5D%2C%22digitype%22%3A%5B%22smartplayer%22%5D%2C%22video_section%22%3A%5B%22dhnet.be%22%2C%22actu%22%2C%22belgique%22%5D%7D%2C%22spotxipmd%22%3A%7B%22cxdavid%22%3A%5B%5D%2C%22Format%22%3A%5B%22Instream%22%5D%2C%22Network%22%3A%5B%22ipm%22%5D%2C%22Language%22%3A%5B%22FR%22%5D%7D%7D&visible=&gdprconsentstring=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.210.116.132 , France, ASN16276 (OVH, FR),

Reverse DNS

dtk-lb-gra08.dginfra.net

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

fbbb280a09861fe04bbd8780811269fbb6a60f9c9e780d90efa94376b0cdca29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, must-revalidate
content-encoding: gzip
content-length: 16612
content-type: text/html; charset=UTF-8
date: Sat, 23 Apr 2022 05:07:00 GMT
expires: -1
pragma: no-cache
server: nginx/1.14.0 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 sprit_10.png
www.ultimedia.com/img/widget/ 3 KB
3 KB 37ms
36ms Image
image/png 51.210.116.132
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ultimedia.com/img/widget/sprit_10.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.210.116.132 , France, ASN16276 (OVH, FR),

Reverse DNS

dtk-lb-gra08.dginfra.net

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

232e2107e9ebb4adaae34e5aa7f8eba38b819ed4a735bac8f26d41106635c97c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:59 GMT
last-modified: Fri, 22 Apr 2022 09:59:16 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "62627c74-b9d"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 2973
expires: Tue, 24 May 2022 05:06:59 GMT

GET
H2 200 sprit_6.png
www.ultimedia.com/img/widget/ 3 KB
3 KB 37ms
37ms Image
image/png 51.210.116.132
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ultimedia.com/img/widget/sprit_6.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.210.116.132 , France, ASN16276 (OVH, FR),

Reverse DNS

dtk-lb-gra08.dginfra.net

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

43fc744dc9f9bdd26ba499a6e1840b548740e7ce2b63e7c986d997d2bcae496e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:59 GMT
last-modified: Fri, 22 Apr 2022 09:59:16 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "62627c74-d0e"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 3342
expires: Tue, 24 May 2022 05:06:59 GMT

GET
H2 200 crop_title.png
www.ultimedia.com/img/widget/ 167 B
399 B 36ms
36ms Image
image/png 51.210.116.132
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ultimedia.com/img/widget/crop_title.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.210.116.132 , France, ASN16276 (OVH, FR),

Reverse DNS

dtk-lb-gra08.dginfra.net

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

c08dcc5c4b12e82dc7260f3e52c6ff34ece455e19f26f3cd7f8eab339f705582

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:59 GMT
last-modified: Fri, 22 Apr 2022 09:59:16 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "62627c74-a7"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 167
expires: Tue, 24 May 2022 05:06:59 GMT

GET /
www.ultimedia.com/deliver/statistiques/widgetdisplay/ 0
0

GET
H2 200 q3rk83u-X.jpg
medialb.ultimedia.com/multi/38kuz/ 5 KB
5 KB 81ms
38ms Image
image/jpeg 51.210.116.132
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medialb.ultimedia.com/multi/38kuz/q3rk83u-X.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.210.116.132 , France, ASN16276 (OVH, FR),
Reverse DNS: dtk-lb-gra08.dginfra.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f3fb74bbb3f689192318a130d86ffcb4b474345d6d2d83e174a9b4cb257085ac

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: public
date: Sat, 23 Apr 2022 05:06:59 GMT
last-modified: Fri, 22 Apr 2022 20:09:08 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "62630b64-1292"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
content-length: 4754
expires: 7d

GET
H2 200 q3rkukr-X.jpg
medialb.ultimedia.com/multi/38kuz/ 6 KB
6 KB 80ms
38ms Image
image/jpeg 51.210.116.132
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medialb.ultimedia.com/multi/38kuz/q3rkukr-X.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.210.116.132 , France, ASN16276 (OVH, FR),
Reverse DNS: dtk-lb-gra08.dginfra.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0baf402b74fa1d61cbec6b3ca2f18e1eb84c791f0ab40c260c81af71e6cdff93

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: public
date: Sat, 23 Apr 2022 05:06:59 GMT
last-modified: Fri, 22 Apr 2022 19:29:03 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "626301ff-18ba"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
content-length: 6330
expires: 7d

GET
H2 200 q3rks5r-X.jpg
medialb.ultimedia.com/multi/38kuz/ 5 KB
5 KB 79ms
37ms Image
image/jpeg 51.210.116.132
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medialb.ultimedia.com/multi/38kuz/q3rks5r-X.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.210.116.132 , France, ASN16276 (OVH, FR),
Reverse DNS: dtk-lb-gra08.dginfra.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3869b384c4e1fb74a47092023b57084619a65ae8de4316a6ceb10c17b9c1b7e0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: public
date: Sat, 23 Apr 2022 05:06:59 GMT
last-modified: Fri, 22 Apr 2022 16:54:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6262ddad-1496"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
content-length: 5270
expires: 7d

GET
H2 200 q3rkxlz-X.jpg
medialb.ultimedia.com/multi/38kuz/ 9 KB
9 KB 79ms
37ms Image
image/jpeg 51.210.116.132
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medialb.ultimedia.com/multi/38kuz/q3rkxlz-X.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.210.116.132 , France, ASN16276 (OVH, FR),
Reverse DNS: dtk-lb-gra08.dginfra.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 473df606ab8e515ec442dcb11c56051d8ac11752790b4f8ae91c835af02fa906

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: public
date: Sat, 23 Apr 2022 05:06:59 GMT
last-modified: Fri, 22 Apr 2022 16:10:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6262d35d-2328"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
content-length: 9000
expires: 7d

GET
H2 200 q3rkxxk-X.jpg
medialb.ultimedia.com/multi/38kuz/ 7 KB
7 KB 79ms
38ms Image
image/jpeg 51.210.116.132
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medialb.ultimedia.com/multi/38kuz/q3rkxxk-X.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.210.116.132 , France, ASN16276 (OVH, FR),
Reverse DNS: dtk-lb-gra08.dginfra.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 488a335334cbcfca8b6f1c86204bd8f1f9656bac34aa83ed2af9329c62bdb4ab

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: public
date: Sat, 23 Apr 2022 05:06:59 GMT
last-modified: Fri, 22 Apr 2022 16:02:48 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6262d1a8-1bfb"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
content-length: 7163
expires: 7d

GET
H2 200 q3rvrxk-X.jpg
medialb.ultimedia.com/multi/38kuv/ 10 KB
10 KB 79ms
38ms Image
image/jpeg 51.210.116.132
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medialb.ultimedia.com/multi/38kuv/q3rvrxk-X.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.210.116.132 , France, ASN16276 (OVH, FR),
Reverse DNS: dtk-lb-gra08.dginfra.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fc88ff376b29edb86fce5a0935534f74bb489c37fea83fd6408cfab60746d7ec

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: public
date: Sat, 23 Apr 2022 05:06:59 GMT
last-modified: Fri, 22 Apr 2022 11:42:31 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "626294a7-269c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
content-length: 9884
expires: 7d

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 84ms
52ms Image
image/gif 2.20.86.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.86.44 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-44.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:06:59 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Mon, 23 May 2022 05:06:59 GMT

GET
H2 200 aHR0cHM6Ly93d3cuZGhuZXQuYmUvYWN0dS9iZWxnaXF1ZS91bmUtdGVudGF0aXZlLWRlLXBoaXNoaW5nLXRvdWNoZS1sZXMtdXRpbGlzYXRldXJzLWRlLXRpdHJlcy1zZXJ2aWNlcy1zb2RleG8tNjI2MzE3NWU5OTc4ZTIzYjhmNzM3ZTY2 Show response
offer.slgnt.eu/api/781223446343484fa1bfc4239f26927f/iv/ 42 B
499 B 46ms
46ms XHR
application/json 35.233.20.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://offer.slgnt.eu/api/781223446343484fa1bfc4239f26927f/iv/aHR0cHM6Ly93d3cuZGhuZXQuYmUvYWN0dS9iZWxnaXF1ZS91bmUtdGVudGF0aXZlLWRlLXBoaXNoaW5nLXRvdWNoZS1sZXMtdXRpbGlzYXRldXJzLWRlLXRpdHJlcy1zZXJ2aWNlcy1zb2RleG8tNjI2MzE3NWU5OTc4ZTIzYjhmNzM3ZTY2?sid=fe256232-ac45-4c15-849e-1534f2d8c422

Requested by

Host: data-api.lavenir.net
URL: https://data-api.lavenir.net/pixel/ipmpix.min.js?t=1650758400000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.233.20.168 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

168.20.233.35.bc.googleusercontent.com

Software

Resource Hash

6d628b397ab2d71e35805bb9797e6ae86dc39d7fe47a8e3b7a62804753663812

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dhnet.be/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 23 Apr 2022 05:06:59 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.dhnet.be
access-control-allow-credentials: true
content-length: 42
x-xss-protection: 1; mode=block
x-user-id: UzNqflIjZW9CK0FxbHRsdH5FVnI=

GET
H2 200 get Show response
odb.outbrain.com/utils/ 33 KB
11 KB 453ms
344ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.dhnet.be%2Factu%2Fbelgique%2Fune-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66&idx=0&rand=62524&key=NANOWDGT01&widgetJSId=AR_1&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=270&py=1649&vpd=449&cw=515&activeTab=true&darkMode=false&settings=true&recs=true&version=2000678&sig=KSDDyFRB&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cnsntv2=CPX4I8APX4I8AAHABBENCLCgAAAAAH_AAAAAAAARTAJMNS8gC7EscGTaNIoUQIwrCQ6gUAFFAMLRFYQOrgp2VwE-oIWACAVARgRAgxBRgwCAAQCAJCIgJADwQCIAiAQAAgAVAIQAEbAILACwMAgAFANCxAigCECQgyKCI5TAgIkSignsrEEoO9jTCEMssAKBR_RUICJQAgWBkJCwcxwBICXCyQLMUL5ACMAA.YAAAD_gAAAAA&cmpStat=1&ccpaStat=0&lsl=1&ogn=https%3A%2F%2Fwww.dhnet.be%2Factu%2Fbelgique%2Fune-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4256d0294cf166650bf740d53c8ed9f80cf128a341638d568b97c07631b9562f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:07:00 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: CHIDC2, MDW, FRA, Europe2
x-timer: S1650690420.069194,VS0,VE304
accept-ranges: bytes
x-served-by: cache-mdw17331-MDW, cache-fra19175-FRA
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: ee4f2b4789949bc04acf9a12205915e2
content-encoding: gzip
content-length: 11063
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 vans-adapter-google-ima.js Show response
static.adsafeprotected.com/ Frame 04DA 19 KB
7 KB 143ms
44ms Script
application/javascript 2600:9000:223f:2000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/vans-adapter-google-ima.js
Requested by: Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=01585661&zone=2&type_player=0&sendstats=0&src=q3rk83u&width=1060&height=596&urlfacebook=https%3A%2F%2Fwww.dhnet.be%2F&ad=1&autoplay=yes&fstart=1&title=Le+R%C3%A9cap%27+-+Pr%C3%A9sidentielle+fran%C3%A7aise+%3A+semaine+du+18+avril+2022&endMessage=um_Smart_Container_ultimediaEndRoll&widgetPrefix=um_Smart_Container_&tagparam=CxSegments%3D%26video_section%3Ddhnet.be%2Cactu%2Cbelgique&tagparamdecoded=&sspParam=%7B%22spotxipm%22%3A%7B%22cxsegment%22%3A%5B%5D%2C%22digitype%22%3A%5B%22smartplayer%22%5D%2C%22video_section%22%3A%5B%22dhnet.be%22%2C%22actu%22%2C%22belgique%22%5D%7D%2C%22spotxipmd%22%3A%7B%22cxdavid%22%3A%5B%5D%2C%22Format%22%3A%5B%22Instream%22%5D%2C%22Network%22%3A%5B%22ipm%22%5D%2C%22Language%22%3A%5B%22FR%22%5D%7D%7D&visible=&gdprconsentstring=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:2000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ultimedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-version-id: 4UvdbwUsN2CunQyNARaRw4ABpoiv.VmX
content-encoding: gzip
etag: W/"8ec0c211dda60907ae57f46e621bc794"
age: 531132
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 08 Jul 2021 19:25:58 GMT
server: AmazonS3
date: Sun, 17 Apr 2022 01:34:49 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: -VIuSeWPALyIH_ft9o-EyJQ_dKscGVW0XA7zffQaA0ZZOYZ83GhGLw==

GET
H2 200 video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/7.7.5/ Frame 04DA 39 KB
10 KB 149ms
52ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/7.7.5/video-js.min.css

Requested by

Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=01585661&zone=2&type_player=0&sendstats=0&src=q3rk83u&width=1060&height=596&urlfacebook=https%3A%2F%2Fwww.dhnet.be%2F&ad=1&autoplay=yes&fstart=1&title=Le+R%C3%A9cap%27+-+Pr%C3%A9sidentielle+fran%C3%A7aise+%3A+semaine+du+18+avril+2022&endMessage=um_Smart_Container_ultimediaEndRoll&widgetPrefix=um_Smart_Container_&tagparam=CxSegments%3D%26video_section%3Ddhnet.be%2Cactu%2Cbelgique&tagparamdecoded=&sspParam=%7B%22spotxipm%22%3A%7B%22cxsegment%22%3A%5B%5D%2C%22digitype%22%3A%5B%22smartplayer%22%5D%2C%22video_section%22%3A%5B%22dhnet.be%22%2C%22actu%22%2C%22belgique%22%5D%7D%2C%22spotxipmd%22%3A%7B%22cxdavid%22%3A%5B%5D%2C%22Format%22%3A%5B%22Instream%22%5D%2C%22Network%22%3A%5B%22ipm%22%5D%2C%22Language%22%3A%5B%22FR%22%5D%7D%7D&visible=&gdprconsentstring=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91f94a3c7e05d1c1afd01260e88ebea5be6720ed3514c7a82bba96a33d4d6b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ultimedia.com/
Origin: https://www.ultimedia.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4424568
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9046
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04020-9c5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IG0hMZoc8S%2FSJ5h4Gl8FXazkKmOMrNuPskbJJ%2B4Bl%2F4xn219ydf4kLZOMQiGYKfYDtWe3h0D4x6vnKy5yOCIcZJrnRZwutIkC3E0zGOWGu%2F0Idd8w42%2FfeD6nqfZZEdrX1rg2mJKQLhacSe9s9jqalj4"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 700412b65ed0cc4e-ZRH
expires: Thu, 13 Apr 2023 05:07:00 GMT

GET
H3 200 videojs-errors.css
cdn.jsdelivr.net/npm/videojs-errors@4.2.0/dist/ Frame 04DA 2 KB
1 KB 101ms
52ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/videojs-errors@4.2.0/dist/videojs-errors.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f77a5637f21ed2fd3ec40fdabed99089c7e9483b26601ada71eb546cf959930

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ultimedia.com/
Origin: https://www.ultimedia.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2835914
x-jsd-version: 4.2.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19155-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"8d9-oOpTv9XkgTzGVYCB2N0KDJ9fp1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=szzEmvaKeZ8T04T7BN44LjQpTRMO2wvLzwjpxsve5tqdBVls4kpj2ZljOMRHZQ56kjqrHaXIiRtBQqY2aBXaIfY3LGGufKTWiVdMGzRUe9yttUX%2Fnm39k0I9hkyupMWash%2FXWEiF9muYDQwzfT4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 700412b618d20215-ZRH

GET
H2

200

quality-selector.css
unpkg.com/@silvermine/videojs-quality-selector@1.2.5/dist/css/ Frame 04DA
Redirect Chain

https://unpkg.com/@silvermine/videojs-quality-selector/dist/css/quality-selector.css
https://unpkg.com/@silvermine/videojs-quality-selector@1.2.5/dist/css/quality-selector.css

431 B
337 B

74ms
74ms

Stylesheet
text/css

2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@silvermine/videojs-quality-selector@1.2.5/dist/css/quality-selector.css

Requested by

Protocol

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaa2c811c57c6b7d0d1dc088a9642b932d0a4039e582bb8f75ad3d250a180317

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ultimedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:07:00 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 29730548
fly-request-id: 01F5MBSCMZZ7YQP6WV2JY68SY8
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1af-rhfrbitbUubLnWKxbEiUUD00k/8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 700412b6be4b0211-ZRH

Redirect headers

date: Sat, 23 Apr 2022 05:07:00 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01G1ACVZ4RC9432PDDR84M7636-fra
server: cloudflare
age: 226
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /@silvermine/videojs-quality-selector@1.2.5/dist/css/quality-selector.css
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 700412b65dd70211-ZRH
access-control-allow-origin: *

GET
H2 200 dtkplayer-vjs.css
cdn.digiteka.com/dtkplayer/build/ Frame 04DA 166 KB
35 KB 300ms
43ms Stylesheet
text/css 8.248.131.244
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.digiteka.com/dtkplayer/build/dtkplayer-vjs.css?v=5.12.3
Requested by: Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=01585661&zone=2&type_player=0&sendstats=0&src=q3rk83u&width=1060&height=596&urlfacebook=https%3A%2F%2Fwww.dhnet.be%2F&ad=1&autoplay=yes&fstart=1&title=Le+R%C3%A9cap%27+-+Pr%C3%A9sidentielle+fran%C3%A7aise+%3A+semaine+du+18+avril+2022&endMessage=um_Smart_Container_ultimediaEndRoll&widgetPrefix=um_Smart_Container_&tagparam=CxSegments%3D%26video_section%3Ddhnet.be%2Cactu%2Cbelgique&tagparamdecoded=&sspParam=%7B%22spotxipm%22%3A%7B%22cxsegment%22%3A%5B%5D%2C%22digitype%22%3A%5B%22smartplayer%22%5D%2C%22video_section%22%3A%5B%22dhnet.be%22%2C%22actu%22%2C%22belgique%22%5D%7D%2C%22spotxipmd%22%3A%7B%22cxdavid%22%3A%5B%5D%2C%22Format%22%3A%5B%22Instream%22%5D%2C%22Network%22%3A%5B%22ipm%22%5D%2C%22Language%22%3A%5B%22FR%22%5D%7D%7D&visible=&gdprconsentstring=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.131.244 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 41d481eade1dda69289697fec21c2634ad7f548ef2e4dfac98279161b8be196b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ultimedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:07:00 GMT
content-encoding: gzip
etag: W/"bd3d62bc0ffc1d68b6ab19c73fcd9514"
last-modified: Thu, 21 Apr 2022 10:02:52 GMT
server: AmazonS3
age: 152949
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
cache-control: public, max-age=604800, s-maxage=2
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 35875
x-amz-cf-id: mOUYlW9F5YXdSbwBAeDdZjFoTIH1luNPehsvZldALTib85XEyNKPJw==

GET
H2 200 advertisement.js Show response
ads.videoadex.com/jw/ Frame 04DA 20 B
238 B 217ms
35ms Script
application/javascript 51.210.116.132
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.videoadex.com/jw/advertisement.js?v=20220423070700
Requested by: Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=01585661&zone=2&type_player=0&sendstats=0&src=q3rk83u&width=1060&height=596&urlfacebook=https%3A%2F%2Fwww.dhnet.be%2F&ad=1&autoplay=yes&fstart=1&title=Le+R%C3%A9cap%27+-+Pr%C3%A9sidentielle+fran%C3%A7aise+%3A+semaine+du+18+avril+2022&endMessage=um_Smart_Container_ultimediaEndRoll&widgetPrefix=um_Smart_Container_&tagparam=CxSegments%3D%26video_section%3Ddhnet.be%2Cactu%2Cbelgique&tagparamdecoded=&sspParam=%7B%22spotxipm%22%3A%7B%22cxsegment%22%3A%5B%5D%2C%22digitype%22%3A%5B%22smartplayer%22%5D%2C%22video_section%22%3A%5B%22dhnet.be%22%2C%22actu%22%2C%22belgique%22%5D%7D%2C%22spotxipmd%22%3A%7B%22cxdavid%22%3A%5B%5D%2C%22Format%22%3A%5B%22Instream%22%5D%2C%22Network%22%3A%5B%22ipm%22%5D%2C%22Language%22%3A%5B%22FR%22%5D%7D%7D&visible=&gdprconsentstring=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.210.116.132 , France, ASN16276 (OVH, FR),
Reverse DNS: dtk-lb-gra08.dginfra.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 76b7bfe1c73966516f95f039734ac728c843a664e8fb860820b75c08bdf7be07

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ultimedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:07:00 GMT
last-modified: Fri, 22 Apr 2022 09:59:16 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "62627c74-14"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 20
expires: Tue, 24 May 2022 05:07:00 GMT

GET
H2 200 video.min.js Show response
cdnjs.cloudflare.com/ajax/libs/video.js/7.7.5/ Frame 04DA 458 KB
103 KB 148ms
53ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/7.7.5/video.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90bf6452264f553da2a967eb617aeb61a5fd7e18fbe6b61db1716a8de702d832

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ultimedia.com/
Origin: https://www.ultimedia.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4064721
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 104849
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04020-72609"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cowmrEwue23NFUI5Hdd3wwooUGMrYaIqPCSbDIMYX7FsGf59pU%2Bk9m2%2BfcL6VM3l9G0nvCVuYhfvSdxoWKHv8f3zy%2BfMSkyTPVp8ogMfPxY0uyoOdtL7V1iBVpEJ7gdNNAZHIgASzJQiwwNMVsP7ZPsf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 700412b65ed3cc4e-ZRH
expires: Thu, 13 Apr 2023 05:07:00 GMT

GET
H3 200 videojs-errors.min.js Show response
cdn.jsdelivr.net/npm/videojs-errors@4.2.0/dist/ Frame 04DA 5 KB
3 KB 101ms
53ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/videojs-errors@4.2.0/dist/videojs-errors.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa0911dcc4faf8c1af34373c4ef2646f429c5d322344e0e94034c1b8a5fb72bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ultimedia.com/
Origin: https://www.ultimedia.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2835914
x-jsd-version: 4.2.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19144-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"1385-b89cn7GaYu0rIUWSPimsEUMn468"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2iltXK1mOpELp8NDCeoq1%2BmqlEoAXAxkSWVLVnZ6E3KVZjNq8wI9DX9hgrYO7FeVm2KzxHEFe%2BQiAsllRG2XpjfhU8bvgIvV9bUbem%2Bgm2A1msRpsddtP4CMg1rWe%2B2K%2BQmhBtaJpKabLGTo7w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 700412b618d30215-ZRH

GET
H2

200

silvermine-videojs-quality-selector.min.js Show response
unpkg.com/@silvermine/videojs-quality-selector@1.2.5/dist/js/ Frame 04DA
Redirect Chain

https://unpkg.com/@silvermine/videojs-quality-selector/dist/js/silvermine-videojs-quality-selector.min.js
https://unpkg.com/@silvermine/videojs-quality-selector@1.2.5/dist/js/silvermine-videojs-quality-selector.min.js

24 KB
9 KB

69ms
68ms

Script
application/javascript

2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@silvermine/videojs-quality-selector@1.2.5/dist/js/silvermine-videojs-quality-selector.min.js

Requested by

Protocol

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f548bc7676dd25abb9901005467dc9e3c7df5de142e003293bdb2409378a310

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ultimedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:07:00 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 29730482
fly-request-id: 01F5MBVD5VZN7JED4RP89FPKGY
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"5fdf-Z6Mzp8fgD5ABilacq9b9JRiiRL4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 700412b6be3c0211-ZRH

Redirect headers

date: Sat, 23 Apr 2022 05:07:00 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01G1ACVDX6W7ZPQT6NJ39FZ448-fra
server: cloudflare
age: 211
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /@silvermine/videojs-quality-selector@1.2.5/dist/js/silvermine-videojs-quality-selector.min.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 700412b65dd90211-ZRH
access-control-allow-origin: *

GET
H2 200 pbLibrary.js Show response
cdn.digiteka.com/player/ Frame 04DA 442 KB
130 KB 306ms
49ms Script
application/javascript 8.248.131.244
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.digiteka.com/player/pbLibrary.js?v=6.15.1
Requested by: Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=01585661&zone=2&type_player=0&sendstats=0&src=q3rk83u&width=1060&height=596&urlfacebook=https%3A%2F%2Fwww.dhnet.be%2F&ad=1&autoplay=yes&fstart=1&title=Le+R%C3%A9cap%27+-+Pr%C3%A9sidentielle+fran%C3%A7aise+%3A+semaine+du+18+avril+2022&endMessage=um_Smart_Container_ultimediaEndRoll&widgetPrefix=um_Smart_Container_&tagparam=CxSegments%3D%26video_section%3Ddhnet.be%2Cactu%2Cbelgique&tagparamdecoded=&sspParam=%7B%22spotxipm%22%3A%7B%22cxsegment%22%3A%5B%5D%2C%22digitype%22%3A%5B%22smartplayer%22%5D%2C%22video_section%22%3A%5B%22dhnet.be%22%2C%22actu%22%2C%22belgique%22%5D%7D%2C%22spotxipmd%22%3A%7B%22cxdavid%22%3A%5B%5D%2C%22Format%22%3A%5B%22Instream%22%5D%2C%22Network%22%3A%5B%22ipm%22%5D%2C%22Language%22%3A%5B%22FR%22%5D%7D%7D&visible=&gdprconsentstring=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.131.244 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: befc97dde4fb74cb2416437f2ca8dc58f0bc0e8bdf499c4520adf84523c503bb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ultimedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:07:00 GMT
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 16:11:14 GMT
server: AmazonS3
age: 372113
etag: W/"83589f0b06905bdbef20146b81af9794"
x-cache: RefreshHit from cloudfront
x-amz-version-id: J7qrFWqb9AYvMneh_peBgxZjytIMkN6j
cache-control: max-age=604800
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 132152
x-amz-cf-id: az6ICaOiiDfUNrTkhGlSWMFzw14c3cG7gWEpmBAqbG-eAZGCuZN_yw==

GET
H2 200 dtkplayer-vjs.js Show response
cdn.digiteka.com/dtkplayer/build/ Frame 04DA 566 KB
119 KB 306ms
49ms Script
application/javascript 8.248.131.244
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.digiteka.com/dtkplayer/build/dtkplayer-vjs.js?v=5.12.3
Requested by: Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=01585661&zone=2&type_player=0&sendstats=0&src=q3rk83u&width=1060&height=596&urlfacebook=https%3A%2F%2Fwww.dhnet.be%2F&ad=1&autoplay=yes&fstart=1&title=Le+R%C3%A9cap%27+-+Pr%C3%A9sidentielle+fran%C3%A7aise+%3A+semaine+du+18+avril+2022&endMessage=um_Smart_Container_ultimediaEndRoll&widgetPrefix=um_Smart_Container_&tagparam=CxSegments%3D%26video_section%3Ddhnet.be%2Cactu%2Cbelgique&tagparamdecoded=&sspParam=%7B%22spotxipm%22%3A%7B%22cxsegment%22%3A%5B%5D%2C%22digitype%22%3A%5B%22smartplayer%22%5D%2C%22video_section%22%3A%5B%22dhnet.be%22%2C%22actu%22%2C%22belgique%22%5D%7D%2C%22spotxipmd%22%3A%7B%22cxdavid%22%3A%5B%5D%2C%22Format%22%3A%5B%22Instream%22%5D%2C%22Network%22%3A%5B%22ipm%22%5D%2C%22Language%22%3A%5B%22FR%22%5D%7D%7D&visible=&gdprconsentstring=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.131.244 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 265d7d25715967c124bf3cd47ee58c012831134a0d360fed1be532470dae4072

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ultimedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:07:00 GMT
content-encoding: gzip
etag: W/"a4535baa0ce7c21a0220ebc3d4de1180"
last-modified: Thu, 21 Apr 2022 10:02:52 GMT
server: AmazonS3
age: 152948
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=604800, s-maxage=2
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 120911
x-amz-cf-id: DXGyfatGC5XDNM23wh-UDL8iiDWqfLtUB3_GowxzN0PF_qxW6qntQQ==

GET
H3 200 css
fonts.googleapis.com/ 2 KB
428 B 138ms
56ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f78f75320dd57ed94f05a30758a5044fe7ccdfef38669edc228f972414834f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 23 Apr 2022 03:41:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 23 Apr 2022 05:07:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Apr 2022 05:07:00 GMT

GET
H2 200 ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ 13 KB
14 KB 56ms
55ms Image
image/svg+xml 2.20.86.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.86.44 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-44.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:07:00 GMT
last-modified: Sun, 10 Apr 2022 10:23:26 GMT
server: AkamaiNetStorage
etag: "af7be0711fb1cf2f41bb793256c8f148:1649587004.788684"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 13687
expires: Mon, 23 May 2022 05:07:00 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 59ms
58ms Image
image/svg+xml 2.20.86.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.86.44 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-44.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:07:00 GMT
last-modified: Sun, 10 Apr 2022 10:23:26 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1649586986.745808"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Mon, 23 May 2022 05:07:00 GMT

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
292 B 485ms
122ms Fetch
text/plain 50.31.142.127

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=38ee1adbeeeccb1ce2d068c2c7dc5e2f_38164_1650690420308&tm=759&eT=0&widgetWidth=515&widgetHeight=488&widgetX=270&widgetY=1649&wRV=2000678&pVis=1&lsd=-1&eIdx=&cnsntV2=CPX4I8APX4I8AAHABBENCLCgAAAAAH_AAAAAAAARTAJMNS8gC7EscGTaNIoUQIwrCQ6gUAFFAMLRFYQOrgp2VwE-oIWACAVARgRAgxBRgwCAAQCAJCIgJADwQCIAiAQAAgAVAIQAEbAILACwMAgAFANCxAigCECQgyKCI5TAgIkSignsrEEoO9jTCEMssAKBR_RUICJQAgWBkJCwcxwBICXCyQLMUL5ACMAA.YAAAD_gAAAAA&cheq=0&rtt=459&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.31.142.127 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sat, 23 Apr 2022 05:07:00 GMT
content-encoding: gzip
X-TraceId: 3fd536fd95636365e41cc8f48dfec274
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 monitor.html Show response
widgets.outbrain.com/widgetMonitor/ Frame E1C0 4 KB
2 KB 52ms
52ms Document
text/html 2.20.86.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.86.44 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-44.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e74aad7eedeb94eab0fbb3d4435ff67c95dee259361fd21effd45bcd64424c24

Request headers

Referer: https://www.dhnet.be/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 1602
content-type: text/html
date: Sat, 23 Apr 2022 05:07:00 GMT
etag: "9e7d58ad34c85761770fc947d9bee792:1617096471.391057"
expires: Sat, 30 Apr 2022 05:07:00 GMT
last-modified: Tue, 30 Mar 2021 09:27:46 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 eyJpdSI6IjgzZDBlYjI3MWU0ODViZDg1MmY4ZTE3NTQ5N2NkNTNlY2E2OWYwMTIwMDhhNzgwNjQyNTk0Njk0OGI4ZWY0MTAiLCJ3Ijo1MjUsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 43 KB
43 KB 222ms
83ms Image
image/webp 23.35.229.181

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjgzZDBlYjI3MWU0ODViZDg1MmY4ZTE3NTQ5N2NkNTNlY2E2OWYwMTIwMDhhNzgwNjQyNTk0Njk0OGI4ZWY0MTAiLCJ3Ijo1MjUsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a010fc816db90d37fd9912e6c274a5075370baa5945eb9218c072608980be81

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:07:00 GMT
cache-control: max-age=2229583
last-modified: Mon, 04 Apr 2022 09:48:54 GMT
x-traceid: 78510072a47c90557a703ef5cf53b5fe
timing-allow-origin: *
content-length: 43524
content-type: image/webp

GET
H2 200 eyJpdSI6IjNiNWU3YzRlOTgzMWYwMjEwOTE4NWE3MzdhODNmM2IyNzM1NGI2ZGFiYWRkNmQ1OWUzMGZmZjQ5MDk5NzRkY2MiLCJ3Ijo1MjUsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 46 KB
46 KB 181ms
42ms Image
image/webp 23.35.229.181

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjNiNWU3YzRlOTgzMWYwMjEwOTE4NWE3MzdhODNmM2IyNzM1NGI2ZGFiYWRkNmQ1OWUzMGZmZjQ5MDk5NzRkY2MiLCJ3Ijo1MjUsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92966b66105e34e3d173eb2e9876fbcdc232784af93dc014cbcf5e6556e9b52a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:07:00 GMT
cache-control: max-age=2148354
last-modified: Sun, 17 Apr 2022 06:21:07 GMT
x-traceid: 0e138cbe8b9ad152d26362ec56a782e6
timing-allow-origin: *
content-length: 46830
content-type: image/webp

GET
H2 200 eyJpdSI6IjkwMTFlOWU2MmY3NDJjYmFjNmJiMmFhMDRiOWY0NjAxY2ExNzg5MTZhZjFiM2MyNWQ4Mzk0MDEzMzk1NjU0NTAiLCJ3Ijo1MjUsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 59 KB
60 KB 287ms
148ms Image
image/webp 23.35.229.181

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjkwMTFlOWU2MmY3NDJjYmFjNmJiMmFhMDRiOWY0NjAxY2ExNzg5MTZhZjFiM2MyNWQ4Mzk0MDEzMzk1NjU0NTAiLCJ3Ijo1MjUsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1a2ab10eec866b6be4e55d86ba7244e74196385dc12927684c50011413ecfbc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.dhnet.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 05:07:00 GMT
cache-control: max-age=913020
last-modified: Thu, 17 Mar 2022 09:23:58 GMT
x-traceid: 1cfcde69d7a2d09ea2ec5e6efdbcb183
timing-allow-origin: *
content-length: 60788
content-type: image/webp

GET
H3 200 css2
fonts.googleapis.com/ Frame 04DA 17 KB
1001 B 102ms
49ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300&display=swap

Requested by

Host: cdn.digiteka.com
URL: https://cdn.digiteka.com/dtkplayer/build/dtkplayer-vjs.css?v=5.12.3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

874b47924757ddc8f502159c837e0264f54f5d24afb35c599e43b48da7abfea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.digiteka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 23 Apr 2022 03:32:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 23 Apr 2022 05:07:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Apr 2022 05:07:00 GMT

GET
BLOB 200
OK acb1603c-09ca-4d54-a3a5-bfa366605449
https://www.ultimedia.com/ Frame 04DA 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ultimedia.com/acb1603c-09ca-4d54-a3a5-bfa366605449
Requested by: Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=01585661&zone=2&type_player=0&sendstats=0&src=q3rk83u&width=1060&height=596&urlfacebook=https%3A%2F%2Fwww.dhnet.be%2F&ad=1&autoplay=yes&fstart=1&title=Le+R%C3%A9cap%27+-+Pr%C3%A9sidentielle+fran%C3%A7aise+%3A+semaine+du+18+avril+2022&endMessage=um_Smart_Container_ultimediaEndRoll&widgetPrefix=um_Smart_Container_&tagparam=CxSegments%3D%26video_section%3Ddhnet.be%2Cactu%2Cbelgique&tagparamdecoded=&sspParam=%7B%22spotxipm%22%3A%7B%22cxsegment%22%3A%5B%5D%2C%22digitype%22%3A%5B%22smartplayer%22%5D%2C%22video_section%22%3A%5B%22dhnet.be%22%2C%22actu%22%2C%22belgique%22%5D%7D%2C%22spotxipmd%22%3A%7B%22cxdavid%22%3A%5B%5D%2C%22Format%22%3A%5B%22Instream%22%5D%2C%22Network%22%3A%5B%22ipm%22%5D%2C%22Language%22%3A%5B%22FR%22%5D%7D%7D&visible=&gdprconsentstring=
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/statistiques/widgetdisplay/?mdtk=01585661&zone=2&url=https%3A%2F%2Fwww.dhnet.be%2Factu%2Fbelgique%2Fune-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66&autoplay=1&widget_type=last&result=1&params=%7B%22index%22%3A%22news%22%2C%22search%22%3A%22%22%2C%22limit%22%3Afalse%2C%22nb_videos%22%3A6%2C%22videos_results%22%3A%22%22%2C%22first_video_id%22%3A6782652%2C%22first_video_id_content%22%3A21%2C%22click_to_play%22%3A0%7D

Verdicts & Comments Add Verdict or Comment

304 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.dhnet.be/	1970-01-20 12:00:18	Name: __atuvc Value: 1%7C16
www.dhnet.be/	1970-01-20 02:31:32	Name: __atuvs Value: 6263897078f97b3f000
.addthis.com/	1970-01-20 12:00:18	Name: uvc Value: 1%7C16
.addthis.com/	1970-01-20 12:00:18	Name: loc Value: MDAwMDBFVUdCMDAyMzE0MTc4NzA0NTAwMDBDSA==
.dhnet.be/	1970-01-20 11:17:06	Name: ownpage_fp2 Value: 649d05a954d0e0c8
.dhnet.be/	1970-01-20 04:41:06	Name: _gcl_au Value: 1.1.1850090382.1650690418
.dhnet.be/	1970-01-20 11:18:32	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMTgwNTRkMGUtNWJjMS02NzVmLTlkOWYtNzA1ZmZhYzI4MTEwIiwiY3JlYXRlZCI6IjIwMjItMDQtMjNUMDU6MDY6NTguMTQwWiIsInVwZGF0ZWQiOiIyMDIyLTA0LTIzVDA1OjA2OjU4LjE0MFoiLCJ2ZXJzaW9uIjpudWxsfQ==
www.dhnet.be/	1969-12-31 23:59:59	Name: __ipmpix_sid Value: 1-wxrajzu2-l2bege9d
.dhnet.be/	1969-12-31 23:59:59	Name: cX_partner Value: appnexus%3D1
.dhnet.be/	1969-12-31 23:59:59	Name: cX_S Value: l2bege9sfrxz1ijw
.dhnet.be/	1970-01-20 11:17:06	Name: cX_P Value: l2bege9tvs0c7u8c
.dhnet.be/	1970-01-20 02:32:56	Name: _gid Value: GA1.2.1462809447.1650690418
.dhnet.be/	1970-01-20 02:31:30	Name: _dc_gtm_UA-36648242-1 Value: 1
.dhnet.be/	1970-01-20 20:02:42	Name: _ga_SN0WVX8DBQ Value: GS1.1.1650690418.1.0.1650690418.0
.dhnet.be/	1970-01-20 04:41:06	Name: _fbp Value: fb.1.1650690418394.15778520
.dhnet.be/	1970-01-20 20:02:42	Name: _ga Value: GA1.2.1270390160.1650690418
.doubleclick.net/	1970-01-20 02:31:31	Name: test_cookie Value: CheckForPermission
www.lalibre.be/	1970-01-25 20:31:23	Name: akaas_AS_ipmgroup_lalibre_prod Value: 2147483647~rv=9~id=cd4d54908d735805e386e61b4132c4ae
.facebook.com/	1970-01-20 04:41:06	Name: fr Value: 05LyA9wl95AbL0D9A..BiY4ly...1.0.BiY4ly.
.cxense.com/	1970-01-20 11:17:06	Name: gckp Value: 3rv17gbarlv0z1huhm9cef2jqi
.dhnet.be/	1970-01-20 11:17:06	Name: cX_G Value: cx%3Aodxtzrhndsuxvyk3dd4ze6co%3Av6ja14wvtbl
site-azp.slgnt.eu/	1970-01-20 11:17:06	Name: sbss_48f39e1e-5f22-458f-bbea-2e5fd9f383ca Value: fe256232-ac45-4c15-849e-1534f2d8c422
.dhnet.be/	1970-01-20 11:17:06	Name: sbt_i Value: 7N2JlMjUwYzUtZjU2NC00OGQ0LWJkYTItNWI5ZGMwOGQ0NjNiOzZmUyNTYyMzItYWM0NS00YzE1LTg0OWUtMTUzNGYyZDhjNDIyOzsE=
.dhnet.be/	1970-01-20 11:17:06	Name: sbt_p Value: H4sIAAAAAAAAAwHuAhH9/////x+LCAAAAAAAAAPtll1r01AYx9Oue1EniF4MQRCk4I2RLk36YgUJbSpzdh21TruJJW9to22ibYrsQqj7BIJfQbxQv4HXei2CXnktXuon0MT1tFlOsv2F7ULJH9KcnPM7z/k/55D0ucgkWzonZLg0x8oqL7C8uiywOT6vs8tCmm9xWk7lOS6ZGosN+CFa+v6xPooxDLkfIJfwT/FP9UY5MX6WT9N8jJlepO+U1mnKqj1sKnq3bTwe6gwzuvZXANHCTUuVbcMy99jyr0cU1zoQl3DX3pck9wWvwd3LM+0ZuB8LWsfU7csKlWboANFiyerJhrlhDAx7gDn2hqQcK6DjeeeAWn2d8hXWTzS3Lm8bZvtQTovcE2RBKpv7YDaz7inKfs/BvUQnxb5tqF1dHNodqw8ZnQaknAqg0znN6Ouq7TcV0j3xWq+J5fJK8Vb1dq0oQV49ESmzGdBs/JHqdxTQRXS8JG2sFKV6Yx1zOA5FucuGuJsE9CroWzhfk8pSTapRjNvIg7nPDGTqOIL6iI6VxEa1fEeSVqHkSSgq+yugvzO63O9uN3tW33Tex2ZKaKayfm8IM/G/Ltbq1bKTBeQ/LDSVTwHMZ8nZkCbgF+WIFivVirRWB46GaPdoDnMPrh7538hcqVoRV9Yg2+F/IGRWMqs4hUtKFdiWkOFZPqfxrKLJHCsoeU1NOY+ZtBIU2m8rqObY88bGtvw9/4xIbkecAVkmKtGiEi0q0Q40GpVoUYkWlWhRifY/l2gM8/X8pyff/rRG58YhWlvT4UkCQfXX8+sguHMXBH+g4E8UHDRAcGYTBGdRsCWDYBsFX6PgWxR83wHBDyjYMEDwJQomH4DgJRh8CIIsCn7uguAXFEz0QHAHBQsmCN5DwYwFgiICBilsmHzuXhX2n7+XfqdP22/OMsyLp9Nnt+0vQIL0y1FQf3wc58aFcA+rIWP7+fbvErJrE3m+7iRnsmvuXriX2yZ7QcX+DW8fWkB5GAAAJ7icyO4CAABLShXYlpDhWT6n8ayiyRwrKHlNTTmPmbQSFNpvK6jm2PPGxrb8Pf+MSG5HnAFZJirRohItKtEONBqVaFGJFpVoUYn2P5doDPP1/Kcn3/60RufGIVpb0+FJAkH11/PrILhzFwR/oOBPFBw0QHBmEwRnUbAlg2AbBV+j4FsUfN8BwQ8o2DBA8CUKJh+A4CUYfAiCLAp+7oLgFxRM9EBwBwULJgjeQ8GMBYIiAgYpbJh87l4V9p+/l36nT9tvzjLMi6fTZ7ftL0CC9MtRUH98HOfGhXAPqyFj+/n27xKyaxN5vu4kZ7Jr7l64l9sme0HF/g1vH1pAeRgAACe4nA==
.adnxs.com/	1970-01-20 04:41:06	Name: uuid2 Value: 3413553083430360983
offer.slgnt.eu/	1970-01-20 11:17:06	Name: th_u Value: S3j~R%23eoB%2BAqltlt~EVr
www.dhnet.be/	1970-01-20 11:17:28	Name: th_u Value: S3j~R%23eoB%2BAqltlt~EVr

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network	error	URL: https://code3.adtlgc.com/js/ipm_init.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	warning	URL: https://www.dhnet.be/actu/belgique/une-tentative-de-phishing-touche-les-utilisateurs-de-titres-services-sodexo-6263175e9978e23b8f737e66 Message: The resource https://o0.ldh.be/fonts/hknova/HKNova-Heavy-b89734129419.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.videoadex.com
api-public.addthis.com
api.cxense.com
api.dmcdn.net
api.ownpage.fr
api.privacy-center.org
c.pebblemedia.be
cdn.cxense.com
cdn.digiteka.com
cdn.jsdelivr.net
cdn.polyfill.io
cdnjs.cloudflare.com
code3.adtlgc.com
comcluster.cxense.com
connect.facebook.net
csyn.cxense.com
data-api.lavenir.net
fonts.googleapis.com
fonts.gstatic.com
gabe.hit.gemius.pl
googleads.g.doubleclick.net
id.cxense.com
images.outbrainimg.com
ipm.emsecure.net
m.addthis.com
mcdp-chidc2.outbrain.com
medialb.ultimedia.com
o0.ldh.be
odb.outbrain.com
offer.slgnt.eu
p1cluster.cxense.com
s7.addthis.com
script.ownpage.fr
sdk.privacy-center.org
secure.adnxs.com
securepubads.g.doubleclick.net
site-azp.slgnt.eu
static.adsafeprotected.com
stats.g.doubleclick.net
t1.ldh.be
t2.ldh.be
targetemsecure.blob.core.windows.net
unpkg.com
v1.addthisedge.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.dhnet.be
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.lalibre.be
www.ultimedia.com
z.moatads.com
s7.addthis.com
www.ultimedia.com
104.111.245.50
104.75.88.126
13.32.99.19
13.32.99.70
142.250.181.226
146.59.29.0
147.75.83.64
147.75.85.120
151.101.14.132
172.217.18.98
178.79.242.16
185.33.221.87
194.213.114.133
2.20.86.44
23.206.209.55
23.35.229.181
23.35.237.151
2600:9000:223f:2000:8:48e:53c0:93a1
2600:9000:223f:2a00:5:b7cc:d3c0:93a1
2600:9000:2260:2800:d:2044:5c40:93a1
2606:4700::6810:5614
2606:4700::6810:7caf
2606:4700::6811:190e
2606:4700::6811:7a12
2a00:1450:4001:801::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2004
2a00:1450:4001:810::2008
2a00:1450:4001:812::200a
2a00:1450:4001:829::2003
2a00:1450:4001:830::2002
2a00:1450:400c:c06::9c
2a02:26f0:6c00:2a7::268b
2a02:26f0:6c00::210:ba22
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42::282
34.120.251.88
35.233.20.168
50.31.142.127
51.210.116.132
52.19.126.55
52.239.242.148
8.248.131.244
81.246.65.145
01c840ec351900aa89af7d71692d07db6e1b41347fcf3698fd70af56599a936d
0267a74f884090a5b03d14027ebf95f607b5b1d605dd8876c6d1c8751d8be42f
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
09cd64f90723633695ca4bff5e3b8cf13104725dc60626d58c4f12af07618cb8
0a010fc816db90d37fd9912e6c274a5075370baa5945eb9218c072608980be81
0a3dc3cb39a25d8bd524198a72cf9e40f3227b1fe7f7b5d4e2803721102bf8fc
0b5413d248154678613186ef20ab47d4de0abfee15c2a6a5c9de83e899efa46b
0baf402b74fa1d61cbec6b3ca2f18e1eb84c791f0ab40c260c81af71e6cdff93
0f78f75320dd57ed94f05a30758a5044fe7ccdfef38669edc228f972414834f1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16c28e89f974c1f10312af596be9f6cd90c839895f1fa3265158c7ce7de505d7
1a19ea567edb90af91e7af0521b54d6c4a277280b0efc3e0d26baead50ebefca
1ce292455fdd3e453b34d018d1e33f746f159f279597282552696fba308bf2d5
200e2e78796d67fd36e80a9b89fbb19ddcc0e1ddd7850f33ab53e8c1456e531c
232e2107e9ebb4adaae34e5aa7f8eba38b819ed4a735bac8f26d41106635c97c
240b98cb4ea76bc74308ad7a68193ec59dd4014ffe0eea91be591b8fe77abb06
265d7d25715967c124bf3cd47ee58c012831134a0d360fed1be532470dae4072
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26d661261c6e458ca29f1b127d4033183ab7318a8d917c1cdc23ee95e1c4f07d
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2d0e398d4f9db02ea500121cac634d860741dccba6868e746e3eb6dabcdecb8f
2da1ae39af1d0694a1a444b1d3d929917882247fbd4a0d6b844b0fbc0b289b39
2f548bc7676dd25abb9901005467dc9e3c7df5de142e003293bdb2409378a310
3293295a418ba890ec9519ec0e0aeda6a2e7a260033fc012001b1e3d6a3577ff
36b31e752b1d59640e3d14f716e5b5f3bc081720a8ff16371a5af4f9fa482163
3869b384c4e1fb74a47092023b57084619a65ae8de4316a6ceb10c17b9c1b7e0
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3e5413bc2f86314be41266aade8bd67f6fc97de28f36f5e1a26b95493585674f
41d481eade1dda69289697fec21c2634ad7f548ef2e4dfac98279161b8be196b
4256d0294cf166650bf740d53c8ed9f80cf128a341638d568b97c07631b9562f
42a96f0cf20709f6bf045ff3e3297d937a63f09e23129a95fc8e9c32c8b18bfe
43fc744dc9f9bdd26ba499a6e1840b548740e7ce2b63e7c986d997d2bcae496e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
473df606ab8e515ec442dcb11c56051d8ac11752790b4f8ae91c835af02fa906
47dcc5ccddda02ae4a968f0d40073bcd4c1fff886815b0ea5064c6f2d96b535a
488a335334cbcfca8b6f1c86204bd8f1f9656bac34aa83ed2af9329c62bdb4ab
49566600bfa0cd1a7804582e0cb5da0f8abaad1c19cba621fb698d5536f0d4ca
4b9d634e72b129717cdb60f03d28ee3a5957fd7dac32988fa7db8d0fa655b4e1
4bbe157950f58697be2274bc2622ed63b3ecde6ccefd7a9549535858f9a2770e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53223cc800efd65753dec3ab9c1099a86c6eb0f37a044c45e64b4cd8469a5181
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
543e601fcf05fe12bfdd1787e64cadb0a033e2708849fe075312fd935c30125f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56a5a661809e8f50bdac000c2d078929fd2a636bc2d941ad7242773c909e8bfc
56fbfd6291b8fbfbf6465056dc2df023a0fc19b43aaa59191e5827b1254676ec
5a623997f79453cba050fc927d02543563d665e190fa627bce4fdecdfbebc531
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
66a85b535dba1e1e5702efe8fb48de0eacdc4f6ca0ac94d55c9f02fb612ecdf2
675ab0a24f0160c73eaa7dde430b9f5ee68a54dc0c0c8d7d2bd0a811f30f6fd5
69c6b47baa1daadfc97140dea91dacacf6c72257fe173671fc1ddb8a1b193203
6d628b397ab2d71e35805bb9797e6ae86dc39d7fe47a8e3b7a62804753663812
738e2ec45148de2e0ec5ec4048451975a9912318db57694af70e99f2ef1c5c87
76b7bfe1c73966516f95f039734ac728c843a664e8fb860820b75c08bdf7be07
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
773da69a87f5aa86a8e530165b1ba535dce8b8042b43332fe907c0c4a187f6a9
780396b361c35383795d3d1fb3e71e8c1e57e717973f3a4599ec4f11ba75f84e
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7c5d5b8df4a105141d112b5a429e3f98faf283577e100be0e60367b6a446afce
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834630fc6facfdffddbd975cc5668fd9e39e2f77f9b0fb12e40c4fffafcbf436
85b3df5351416c2fb03b74eb0491180924f5f5daeddebd65e68eac7908d600fb
87452a45fa95d7b04d3f8fe1e222f0ecf5cf455ac1d0a395b3507611c2f8d901
874b47924757ddc8f502159c837e0264f54f5d24afb35c599e43b48da7abfea9
8f77a5637f21ed2fd3ec40fdabed99089c7e9483b26601ada71eb546cf959930
90bf6452264f553da2a967eb617aeb61a5fd7e18fbe6b61db1716a8de702d832
91134acdbcaa117f5507fa00a9a4550b6492854b095a2df55ed268f33abfdaa2
91f94a3c7e05d1c1afd01260e88ebea5be6720ed3514c7a82bba96a33d4d6b21
92966b66105e34e3d173eb2e9876fbcdc232784af93dc014cbcf5e6556e9b52a
9851803a687e632477a832f07bea6d20ddbe01457d2f0df2c5f0fee5163a76fe
99e39599d9a8292c712094b6114233d19961923037fc0e2d9441c773f654b98a
9d56e2a1079cf7d22401499333a043be54e4908f1222ce844be5d0c6a04b5a72
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a362f69b2d3a4c7524c423ce51bcee34a234354552e150be760bd91be2f0084b
aaa2c811c57c6b7d0d1dc088a9642b932d0a4039e582bb8f75ad3d250a180317
ab3532c1111c576b2357bb997d1b2cb062cf181597e849078a0bd358e0425151
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b394ea8edffcaa643791a6d6ae840f701975acead68e3a8a627f0c0122034a63
b4058bf3400bbf6d6e83470de4f5a097187f7f299a513abf127d59dfdf13a2dc
b9ac948dfd7ba62399cbd2446770c952946d17d9b5a47c94a5f14420f10f4d57
b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6
ba4b5b111130762ae452d5634bcc8aac95c58257da3073b7cac81cd97b5de422
bac644a00f3d78174ac4697352f5187000147682bd9b425012f77f4a7ce70213
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
befc97dde4fb74cb2416437f2ca8dc58f0bc0e8bdf499c4520adf84523c503bb
bfa5f048a81ae20fd6174f23a17a0a5557f8c2a3a3d5ec4a37b3216e6239a49a
c03243abc518c9870de0eb327e7b9b864b644241a34efac94bfa0f346ade2162
c08dcc5c4b12e82dc7260f3e52c6ff34ece455e19f26f3cd7f8eab339f705582
c1ac5517b52d5efda8599733d8c98b6659c761d6b6b4eaeb8b46b3cfe0330f9d
c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf
c3f6af5c32c664fd08c458a844c4271c2c7b8aab5fe00bbe74bb72bbc55f90c7
c6f02ea61b580dd0d3d5fd8b473d8584ab32e741a5a969704928df2d2753a44e
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
cb8ed4688c7f796b35323f50c6f75948b54854b403abd94e1a67e28e7b5edf34
ce9aae2e1f800022f1df65437f84aa4b17adb820fcbff926114e4e211baf50aa
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0ebb90b8bbe3efc8dde8d51fa4372b82fd608b3975cc920e21a44377bb8123b
d500aac24dfd839e0e1fe2b7fa85c2da423784025034444e82d351bb6ef7f9b2
d5c7d2b05a55f87b7e0758799c42ef069841769a279eea94ff9e7cdc842d58c2
d6257685f5cd2201c1550411a818eabbb451062712bfb690bef18485f795b03a
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
e2d4ac7c9300d48c6aae4856ef2802e97d05b2b5bf978ac3999dd7079d73a427
e38188d7aeeab09989954d42e1eac3f97f6320a4e6d51cc2dde4ac391289bf08
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74aad7eedeb94eab0fbb3d4435ff67c95dee259361fd21effd45bcd64424c24
eea95f08081abedd133b378464e0d9c3d2d7bfbd7a289d4e2019ec2ada12f2d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a2ab10eec866b6be4e55d86ba7244e74196385dc12927684c50011413ecfbc
f20973e2ba365ab9abcfd7cd7cd7ddd33f448a26e1bd0e42f159daad07b0979c
f3fb74bbb3f689192318a130d86ffcb4b474345d6d2d83e174a9b4cb257085ac
f7e1b8b07693b7272ce0499a4522112a56ac0f424aee51b7f1b15be869510baa
f850625618d5f89c8d8040f64253921b808414dfbd3ef52f9016b7b8400c21df
f9193db640616df6c3585e013abfc8c42a0a083b092a8d8001205f05e03027d4
fa0911dcc4faf8c1af34373c4ef2646f429c5d322344e0e94034c1b8a5fb72bb
fbbb280a09861fe04bbd8780811269fbb6a60f9c9e780d90efa94376b0cdca29
fc88ff376b29edb86fce5a0935534f74bb489c37fea83fd6408cfab60746d7ec

www.dhnet.be Open in urlscan Pro 81.246.65.145 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

140 Requests

96 %HTTPS

44 %IPv6

38 Domains

56 Subdomains

45 IPs

7 Countries

3266 kBTransfer

8048 kBSize

27 Cookies

42 Outgoing links

Redirected requests

140 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.dhnet.be Open in urlscan Pro
81.246.65.145 Public Scan

Screenshot
Live screenshot

Full Image

140
Requests

96 %
HTTPS

44 %
IPv6

38
Domains

56
Subdomains

45
IPs

7
Countries

3266 kB
Transfer

8048 kB
Size

27
Cookies

140 HTTP transactions
2 data transactions