campagne.safeonweb.be Open in urlscan Pro
2606:4700:3033::ac43:ae50  Public Scan

15 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request phishing Show response campagne.safeonweb.be/fr/	13 KB 4 KB	835ms 781ms	Document text/html	2606:4700:3033::ac43:ae50 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://campagne.safeonweb.be/fr/phishing Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:ae50 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 55fd710cae43e5eb774b05ddcc78c5459204b1f9e78969aacf39cce43903cb63 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Sun, 12 Dec 2021 14:30:15 GMT content-type text/html; charset=UTF-8 cache-control max-age=300, public x-frame-options deny x-xss-protection 1; mode=block x-content-type-options nosniff vary Accept-Encoding cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2FouYfVS%2Fi1oU7P8r9yxO3R7Vqitg1%2BhcCpFTKku2QWWbQ5wmgnakm7J7udd2pq2RrNdg25vF%2FHWeBeUTnd8Xw2IcfikJux4I7bgOcMdaA5zWaHClBv7ljybkMAnXYNcZhSkAcCwNgz9S%2BEjRFQ2Paxr%2BB4%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6bc7a6490f8342d5-FRA content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	bundle.css campagne.safeonweb.be/	77 KB 14 KB	27ms 26ms	Stylesheet text/css	2606:4700:3033::ac43:ae50 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://campagne.safeonweb.be/bundle.css?1635416355 Requested by Host: campagne.safeonweb.be URL: https://campagne.safeonweb.be/fr/phishing Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:ae50 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3f307039bd7abc011e9c6f3a4dbcf61fde6100576020ccea748b273407c39bf5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://campagne.safeonweb.be/fr/phishing User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 14:30:16 GMT content-encoding br cf-cache-status HIT last-modified Thu, 28 Oct 2021 10:19:15 GMT server cloudflare age 6433 etag W/"13580-5cf670aed30ad-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tgt1N2MOVzJYJ%2FOHGxcLNJKIsfxVEku%2FXnuIiDbZoMHohQP7smbe6%2FOsjIcd7zlpmtmHAcg7a0PwUscFV9tF60KxdMe9GtelYXeWiyGxTiBNxFaXK1bW9bcrrvGdyu4CI5NHj9ph6XMHKAh%2FRV7Z%2BW5VWE%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=7200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6bc7a64e0d2d42d5-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	polyfill.min.js Show response polyfill.io/v3/	101 B 596 B	45ms 8ms	Script text/javascript	2a04:4e42:200::282 FASTLY
General Check archive.org Show headers Download Go to Full URL https://polyfill.io/v3/polyfill.min.js?features=default%2CArray.prototype.find%2CArray.prototype.forEach%2CNodeList.prototype.forEach%2CWeakMap%2CWeakSet Requested by Host: campagne.safeonweb.be URL: https://campagne.safeonweb.be/fr/phishing Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 93b6d06fbda857acd518012a13319cecfab1cce720fb9437d294a4111f6e1c3a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://campagne.safeonweb.be/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains; preload content-encoding br x-content-type-options nosniff content-type text/javascript; charset=utf-8 age 1636573 detected-user-agent Chrome/96.0.4664 server-timing HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=2 content-length 101 referrer-policy origin-when-cross-origin last-modified Mon, 22 Nov 2021 15:57:05 GMT date Sun, 12 Dec 2021 14:30:16 GMT vary User-Agent, Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS normalized-user-agent chrome/96.0.0 access-control-allow-origin * cache-control public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800 accept-ranges bytes timing-allow-origin *
GET H2	200	bundle.js Show response campagne.safeonweb.be/	432 KB 80 KB	29ms 29ms	Script application/javascript	2606:4700:3033::ac43:ae50 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://campagne.safeonweb.be/bundle.js?1635416355 Requested by Host: campagne.safeonweb.be URL: https://campagne.safeonweb.be/fr/phishing Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:ae50 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c0647ac87f8b1330ce4aaac416e9a6be3c119ba4c1b5c8e1b0ccbad1669d105 Request headers Accept-Language de-DE,de;q=0.9 Referer https://campagne.safeonweb.be/fr/phishing User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 14:30:16 GMT content-encoding br cf-cache-status HIT last-modified Thu, 28 Oct 2021 10:19:15 GMT server cloudflare age 6433 etag W/"6bfea-5cf670aed30ad" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0oOEa2xKIMq53zdToeWsbLbOT26Uu8aYmPyfzzX1CMnHR9KvGxQ9RPR0uvT2Ehlu%2BB3bkd9GxLrq9mSWhhBB3Ut9%2FZx5jYaMXI13usNo9LzRizMokTfNaHy2ctzea9laSZZWiFCQ3uqVm2YmZ9jxy02ftJk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=7200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6bc7a64e0d3042d5-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	gtm.js Show response www.googletagmanager.com/	107 KB 41 KB	42ms 20ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WTG4PZM Requested by Host: campagne.safeonweb.be URL: https://campagne.safeonweb.be/fr/phishing Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 33d86aef28f20d2d8f96c37a52c0475aa4b90a64210322e912d2a14a6b8b3e41 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://campagne.safeonweb.be/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 14:30:16 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 41175 x-xss-protection 0 last-modified Sun, 12 Dec 2021 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 12 Dec 2021 14:30:16 GMT
GET H2	200	v2 Show response safeonweb-be.prismic.io/api/	1 KB 849 B	378ms 142ms	Fetch application/json	34.226.73.194 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://safeonweb-be.prismic.io/api/v2 Requested by Host: campagne.safeonweb.be URL: https://campagne.safeonweb.be/bundle.js?1635416355 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.226.73.194 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-226-73-194.compute-1.amazonaws.com Software / Resource Hash 3ae500a0dd1ccfb9c84b167aaeae3b19f4a62636b9d2629e21e755bceb8e42c1 Request headers Accept application/json Referer https://campagne.safeonweb.be/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Sun, 12 Dec 2021 14:30:16 GMT content-encoding gzip x-amzn-requestid af938c2b-c518-465d-a750-7535fcc36bf8 content-type application/json access-control-allow-origin * cache-control max-age=0, no-store x-amzn-trace-id Root=1-61b60778-5be6e3687558e66170060c62 x-amz-apigw-id KPYa1GL3oAMFvtg= x-local-cache MISS
GET H2	200	search Show response safeonweb-be.cdn.prismic.io/api/v2/documents/	288 KB 69 KB	79ms 13ms	Fetch application/json	2600:9000:214f:e400:6:ea06:d140:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://safeonweb-be.cdn.prismic.io/api/v2/documents/search?page=1&pageSize=100&lang=*&ref=YaejXRIAACEAVi5n Requested by Host: campagne.safeonweb.be URL: https://campagne.safeonweb.be/bundle.js?1635416355 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:e400:6:ea06:d140:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 5407cdf66847537dc586d14033266b63d7a88bb26a6444c3faf8758a31ed3509 Request headers Accept application/json Referer https://campagne.safeonweb.be/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 01 Dec 2021 16:31:33 GMT content-encoding gzip age 943123 x-amzn-requestid 0f5937bd-b1e8-45cd-8a1f-284b62eaab50 x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=315360000 x-amzn-trace-id Root=1-61a7a364-3efa12f720f2f6d748d6aefb x-amz-cf-pop FRA53-C1 x-robots-tag noindex, noarchive, nosnippet x-amz-apigw-id JrZ3yFZMIAMFkFw= x-local-cache MISS via 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront) x-amz-cf-id tINnGlkT22eagwwl4qUbg9ywSfN6G-FjZs1kWvU-atWG8zmcqGufog==
GET H3	200	bg.png campagne.safeonweb.be/assets/images/	45 KB 45 KB	22ms 21ms	Image image/png	2606:4700:3033::ac43:ae50 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://campagne.safeonweb.be/assets/images/bg.png Requested by Host: campagne.safeonweb.be URL: https://campagne.safeonweb.be/bundle.css?1635416355 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:ae50 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f68ba129fb1e62d6cceb1de6c4eef3b01784144b32525c61fa1dfd705abe516 Request headers Accept-Language de-DE,de;q=0.9 Referer https://campagne.safeonweb.be/bundle.css?1635416355 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 14:30:16 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6031 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 45664 last-modified Thu, 28 Oct 2021 10:19:15 GMT server cloudflare etag "b260-5cf670aed404d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zC2IV3gax2Y5p9LVIxphOhk91A07QXqxjmS2gKtcRyl%2BjXBcoO%2BvQKqLk1y78zBfrz6uFyGAyPmYJja5UfIQoCtVZ%2FLIywS3snTLi81BDpjx5AYPJrWk%2BNEaxP1joFw9RfvJ6VIMaUVuGOBeNsZiOpk9UNU%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=7200 accept-ranges bytes cf-ray 6bc7a65199f56927-FRA
GET H3	200	hero-curves.svg campagne.safeonweb.be/assets/images/	3 KB 1 KB	38ms 38ms	Image image/svg+xml	2606:4700:3033::ac43:ae50 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://campagne.safeonweb.be/assets/images/hero-curves.svg Requested by Host: campagne.safeonweb.be URL: https://campagne.safeonweb.be/bundle.css?1635416355 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:ae50 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e5764e3d769f77975357f8297a81d6ddfc6bf05cd8b07dda198da6e38ab14dad Request headers Accept-Language de-DE,de;q=0.9 Referer https://campagne.safeonweb.be/bundle.css?1635416355 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 14:30:16 GMT content-encoding br cf-cache-status HIT last-modified Thu, 28 Oct 2021 10:19:15 GMT server cloudflare age 6031 etag W/"c6f-5cf670aed404d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6kk4BhO0X2LEDoRCs3NtrU7yqjsIP74RBwvOZP6sY3vsxF%2FT5S8iDq2rlWq4ZI2zaSk3eks93lnxeamaSonnJuJjsnMiTvpv%2FOSifTFDBC4W0xbfp0IJ6BGET8R2qHtKJ9pp%2FdkkKErsP%2BQk64suuLTiQys%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=7200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6bc7a65199fc6927-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	hero-after.svg campagne.safeonweb.be/assets/images/	905 B 1 KB	38ms 38ms	Image image/svg+xml	2606:4700:3033::ac43:ae50 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://campagne.safeonweb.be/assets/images/hero-after.svg Requested by Host: campagne.safeonweb.be URL: https://campagne.safeonweb.be/bundle.css?1635416355 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:ae50 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa7720e3b668c42ceca59f347eff463f78c2874ceabb9cee1873fe53c93c2b0f Request headers Accept-Language de-DE,de;q=0.9 Referer https://campagne.safeonweb.be/bundle.css?1635416355 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 14:30:16 GMT content-encoding br cf-cache-status HIT last-modified Thu, 28 Oct 2021 10:19:15 GMT server cloudflare age 1360 etag W/"389-5cf670aed4fed" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mz1kzIzPZgodo38RveHIbVpJ%2Fz%2BYhPnangUGYZd3RgU%2BIEhpC5eTrhWa%2FGndXAztDIup8EJSL16eChD6GZ1iVsUmcy0YfexKl5XWHXx3ykckQ0dQhpOLgxyayb6oTT%2BcZGIqnnWzVyU1YDA9lZxF1tw3hUA%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=7200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6bc7a6519a006927-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	sddefault.jpg img.youtube.com/vi/p04ahX11Y-M/	24 KB 25 KB	79ms 8ms	Image image/jpeg	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://img.youtube.com/vi/p04ahX11Y-M/sddefault.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bc5bfb7dbd2373c8cd6fdc5bff699f5783ad853f078ba7100b150e8f0c6e55d0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://campagne.safeonweb.be/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 14:09:05 GMT x-content-type-options nosniff age 1271 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24793 x-xss-protection 0 server sffe etag "1637104061" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/jpeg cache-control public, max-age=7200 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sun, 12 Dec 2021 16:09:05 GMT
GET H3	200	campton-light-webfont.woff2 campagne.safeonweb.be/assets/fonts/	12 KB 12 KB	28ms 28ms	Font application/octet-stream	2606:4700:3033::ac43:ae50 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://campagne.safeonweb.be/assets/fonts/campton-light-webfont.woff2 Requested by Host: campagne.safeonweb.be URL: https://campagne.safeonweb.be/bundle.css?1635416355 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:ae50 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2bb424914cc368884b668d23a038bcc8227a0060997ed38bff8c56375a0bc4ca Request headers Referer https://campagne.safeonweb.be/bundle.css?1635416355 Origin https://campagne.safeonweb.be Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 14:30:16 GMT cf-cache-status HIT last-modified Thu, 28 Oct 2021 10:19:15 GMT server cloudflare age 2124 etag "2f04-5cf670aed404d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wa0OFHU1gPH2Vz16oyPpWL1axXOCT3LHDD9QCJTOtVDgLwAcmvh19w2tfnef34SHr96Cb7wBp66JbK8ByLer14JH1Ozs8m7MX5vhuvwXPuUMhXapl3q8%2FSmMTUsHlGXSUGby0%2BWXeSBQhLcEe24XxQ10KhI%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=7200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6bc7a6519a026927-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 12036
GET DATA	200 OK	truncated /	1 KB 1 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2c9fb7ccbe0a48c9c82f8b069cdad882857acfe43f41d43263e9e5b0597b1e89 Request headers Referer Origin https://campagne.safeonweb.be Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type application/x-font-woff;charset=utf-8
GET H3	200	campton-medium-webfont.woff2 campagne.safeonweb.be/assets/fonts/	12 KB 12 KB	38ms 37ms	Font application/octet-stream	2606:4700:3033::ac43:ae50 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://campagne.safeonweb.be/assets/fonts/campton-medium-webfont.woff2 Requested by Host: campagne.safeonweb.be URL: https://campagne.safeonweb.be/bundle.css?1635416355 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:ae50 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2e88d11d0975d2820fd7c79b6a2c4d9da18e7d6d02d51f5ca405d36e5ebfd016 Request headers Referer https://campagne.safeonweb.be/bundle.css?1635416355 Origin https://campagne.safeonweb.be Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 14:30:16 GMT cf-cache-status HIT last-modified Thu, 28 Oct 2021 10:19:15 GMT server cloudflare age 2124 etag "2f80-5cf670aed404d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SNGZfTvaftoeWQi8qEbuxC4HFD8DkQ39PFq5WEfFK7STiLCThYurcezOvgla6p3b%2B8ffjoN6iV78rZesg9QysHUdmKxf9KQZcMPPlYzybUrQIQCQIymcz3VnMky1s5DEdqgBgOojiQ4Mt21uwUPT1jQu0ms%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=7200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6bc7a6519a046927-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 12160
GET H3	200	campton-semibold-webfont.woff2 campagne.safeonweb.be/assets/fonts/	12 KB 13 KB	26ms 26ms	Font application/octet-stream	2606:4700:3033::ac43:ae50 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://campagne.safeonweb.be/assets/fonts/campton-semibold-webfont.woff2 Requested by Host: campagne.safeonweb.be URL: https://campagne.safeonweb.be/bundle.css?1635416355 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:ae50 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b61fec69032088446b3d98d178e8fb2f3e678e1090a4475cb38ca988f1869e74 Request headers Referer https://campagne.safeonweb.be/bundle.css?1635416355 Origin https://campagne.safeonweb.be Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 14:30:16 GMT cf-cache-status HIT last-modified Thu, 28 Oct 2021 10:19:15 GMT server cloudflare age 2124 etag "301c-5cf670aed404d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rj%2BdqwRFa0uhI2BgfoIV%2BcsNi1VxodaXVMEe8QzvrRLSMZxeIjHjwNPcZzTflwIyYtSWcvpqNfZvTBsGjhHoXT2Xbz0cWELuDmVd1vocdVmpYaJ%2B%2BRq0n1DrTF6cvD83wIHNytP0DK1o6sZGvTEGMWOHcUk%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=7200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6bc7a6519a066927-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 12316
GET H3	200	campton-book-webfont.woff2 campagne.safeonweb.be/assets/fonts/	12 KB 12 KB	26ms 26ms	Font application/octet-stream	2606:4700:3033::ac43:ae50 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://campagne.safeonweb.be/assets/fonts/campton-book-webfont.woff2 Requested by Host: campagne.safeonweb.be URL: https://campagne.safeonweb.be/bundle.css?1635416355 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:ae50 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d64a598b5c35ad47153d602c4dc2f39111ef05f3f21e8528b273e4c3f1871efa Request headers Referer https://campagne.safeonweb.be/bundle.css?1635416355 Origin https://campagne.safeonweb.be Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 14:30:16 GMT cf-cache-status HIT last-modified Thu, 28 Oct 2021 10:19:15 GMT server cloudflare age 2124 etag "2e70-5cf670aed404d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PnTVWAulW2hLIl5azqWG2WPcSNsQUehnkh6PObifZXoM1yOhlO3%2BuGoNIVtPdXw7jTXAi3nv1xRCxWGT8E1STSJcTBW8ZkwE6XmtAw5GSp85DOOBwLbveplW37%2FgcRdJJ9n%2Fnjg0cE3zgCESEKtLc5pSC4Y%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=7200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6bc7a6519a0b6927-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 11888
GET H3	200	campton-bold-webfont.woff2 campagne.safeonweb.be/assets/fonts/	12 KB 12 KB	43ms 43ms	Font application/octet-stream	2606:4700:3033::ac43:ae50 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://campagne.safeonweb.be/assets/fonts/campton-bold-webfont.woff2 Requested by Host: campagne.safeonweb.be URL: https://campagne.safeonweb.be/bundle.css?1635416355 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:ae50 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b2ede34406115901d63d68b9888264f3a4fbf9b5cc7bcb31fc4095a249c6dd6 Request headers Referer https://campagne.safeonweb.be/bundle.css?1635416355 Origin https://campagne.safeonweb.be Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 14:30:16 GMT cf-cache-status HIT last-modified Thu, 28 Oct 2021 10:19:15 GMT server cloudflare age 2124 etag "2f34-5cf670aed404d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8dX36G1UFhhEEvNQWBJopY5CDrBOkRgZv52zBbKiNi6vahCAe413f8o8ciqBSttMRdng50brZdAGzL65GruVvfBhM8uewvZ84n1ukx74LoZSdQSNPzAaNK3BU1cShjYRkKaMu3WSrYOXjviv%2BhCOqMRrRg%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=7200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6bc7a6519a0e6927-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 12084
GET H2	200	5e48cadadd2fba46370b64f5bdee9935b89d98b5_layer-15.png images.prismic.io/safeonweb-be/	12 KB 12 KB	54ms 8ms	Image image/avif	2a04:4e42:1b::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.prismic.io/safeonweb-be/5e48cadadd2fba46370b64f5bdee9935b89d98b5_layer-15.png?auto=compress,format Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software imgix / Resource Hash 15f051ee6590d3f64c5cc64a373555664b0ef9a6c3f2b00bff7d905b36e9b7f9 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://campagne.safeonweb.be/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 14:30:16 GMT x-content-type-options nosniff last-modified Fri, 10 Dec 2021 23:00:23 GMT server imgix age 142194 vary Accept, User-Agent x-cache HIT, HIT content-type image/avif access-control-allow-origin * cache-control public, max-age=315360000 x-imgix-id 68c0379e8bccc4f456d526275a4090acf7c0d749 accept-ranges bytes content-length 11896 cross-origin-resource-policy cross-origin x-served-by cache-sjc10069-SJC, cache-hhn4077-HHN
GET H2	200	4ebd4faa41e4d7aefc88539a04bc4606e0a2b427_layer-21.png images.prismic.io/safeonweb-be/	8 KB 9 KB	55ms 9ms	Image image/avif	2a04:4e42:1b::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.prismic.io/safeonweb-be/4ebd4faa41e4d7aefc88539a04bc4606e0a2b427_layer-21.png?auto=compress,format Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software imgix / Resource Hash 34113ddac1195bb2a346d9c6479e9311b8aa48b28a02f7024fcc1e53d4b29da7 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://campagne.safeonweb.be/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 14:30:16 GMT x-content-type-options nosniff last-modified Thu, 09 Dec 2021 23:04:23 GMT server imgix age 228354 vary Accept, User-Agent x-cache HIT, HIT content-type image/avif access-control-allow-origin * cache-control public, max-age=315360000 x-imgix-id 573a4f1eadc060ea4c1bc7fe14fbdbce7d2e5c8f accept-ranges bytes content-length 8693 cross-origin-resource-policy cross-origin x-served-by cache-sjc10025-SJC, cache-hhn4077-HHN
GET H2	200	c1f83082299ff93c63feb18fcd19c6f05776a9b4_layer-14.png images.prismic.io/safeonweb-be/	5 KB 5 KB	57ms 11ms	Image image/avif	2a04:4e42:1b::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.prismic.io/safeonweb-be/c1f83082299ff93c63feb18fcd19c6f05776a9b4_layer-14.png?auto=compress,format Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software imgix / Resource Hash 202579573b8505a04cfa94b3e4250fea0ba3994621d71b6bbfebde7cd22d5ccf Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://campagne.safeonweb.be/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 14:30:16 GMT x-content-type-options nosniff last-modified Fri, 10 Dec 2021 23:00:23 GMT server imgix age 142194 vary Accept, User-Agent x-cache HIT, HIT content-type image/avif access-control-allow-origin * cache-control public, max-age=315360000 x-imgix-id fec1741c9ef41da7be57ed7e61cbdc373188abdb accept-ranges bytes content-length 5267 cross-origin-resource-policy cross-origin x-served-by cache-sjc10064-SJC, cache-hhn4077-HHN
GET H2	200	3bfb25e96cd4af541ac65f5a01a5e78350c41187_layer-19.png images.prismic.io/safeonweb-be/	11 KB 11 KB	57ms 12ms	Image image/avif	2a04:4e42:1b::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.prismic.io/safeonweb-be/3bfb25e96cd4af541ac65f5a01a5e78350c41187_layer-19.png?auto=compress,format Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software imgix / Resource Hash 823ef73c61d3a7dcd326ae97ae1990db8fba0f9d6bafd3e0b0637e71151763de Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://campagne.safeonweb.be/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 14:30:16 GMT x-content-type-options nosniff last-modified Fri, 10 Dec 2021 17:09:34 GMT server imgix age 163242 vary Accept, User-Agent x-cache HIT, HIT content-type image/avif access-control-allow-origin * cache-control public, max-age=315360000 x-imgix-id 0bb551ff13b06a5ed56999cc7113a31ba594f8d7 accept-ranges bytes content-length 11499 cross-origin-resource-policy cross-origin x-served-by cache-sjc10044-SJC, cache-hhn4077-HHN
GET H2	200	eb13c29beac603ae024b8ed5166ba3c60277a089_layer-20.png images.prismic.io/safeonweb-be/	12 KB 12 KB	58ms 13ms	Image image/avif	2a04:4e42:1b::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.prismic.io/safeonweb-be/eb13c29beac603ae024b8ed5166ba3c60277a089_layer-20.png?auto=compress,format Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software imgix / Resource Hash 109ede414b98f22ea22bf1cc023dff5e6993591bf74be88107f2c481c7650a88 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://campagne.safeonweb.be/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 14:30:16 GMT x-content-type-options nosniff last-modified Sat, 11 Dec 2021 05:24:35 GMT server imgix age 119141 vary Accept, User-Agent x-cache HIT, HIT content-type image/avif access-control-allow-origin * cache-control public, max-age=315360000 x-imgix-id 5fef67f6a0bfeba4c4c514948698890810e10c38 accept-ranges bytes content-length 12075 cross-origin-resource-policy cross-origin x-served-by cache-sjc10049-SJC, cache-hhn4077-HHN
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	33ms 6ms	Script text/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTG4PZM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://campagne.safeonweb.be/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 3319 date Sun, 12 Dec 2021 13:34:57 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Sun, 12 Dec 2021 15:34:57 GMT
GET H3	200	be.svg campagne.safeonweb.be/assets/images/	964 B 1 KB	23ms 23ms	Image image/svg+xml	2606:4700:3033::ac43:ae50 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://campagne.safeonweb.be/assets/images/be.svg Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:ae50 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0a28887754f12d9b3f54e1cdc11428da1d3a04b3073fe42b824069d5be77cc93 Request headers Accept-Language de-DE,de;q=0.9 Referer https://campagne.safeonweb.be/fr/phishing User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 14:30:16 GMT content-encoding br cf-cache-status HIT last-modified Thu, 28 Oct 2021 10:19:15 GMT server cloudflare age 6031 etag W/"3c4-5cf670aed4fed" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKRpPeZZs7ck%2FEZv01Do76whi5LbtXc5liAe8gKcdZ9CX0k%2BEANl8qYaG5gd4GKZfjxtji2z6fr9XKqw5A1VqcaN%2BqbBSIAvrgzgFeycYgXhdkHFQMjT79Dla%2BLu53i41XHFZmPJhXiTd6LYFfXLNr8scao%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=7200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6bc7a651dafa6927-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	safeonweb_FR.svg campagne.safeonweb.be/assets/images/	38 KB 8 KB	40ms 40ms	Image image/svg+xml	2606:4700:3033::ac43:ae50 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://campagne.safeonweb.be/assets/images/safeonweb_FR.svg Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:ae50 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f16a67dab2f56278c8d00b1a8d10d8845558e2a47dd549cb1fbc08ec13c2a82d Request headers Accept-Language de-DE,de;q=0.9 Referer https://campagne.safeonweb.be/fr/phishing User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 14:30:16 GMT content-encoding br cf-cache-status HIT last-modified Thu, 28 Oct 2021 10:19:15 GMT server cloudflare age 6031 etag W/"970a-5cf670aed4fed" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9zkF8IUWbbpB2jVHbPsRpcPTgYNLGdlox2KIK4mSsRsMFLDnUBnUnDOkyyATjYyEcnR9UpWAC9kshP9ZavkHmJnPdmibZTApX3ngT%2BffAiOx0od0yNOILZCFflWbvKKIuSP3qS6aX7gOX96NNj4xE3qV8Q%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=7200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6bc7a651db046927-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	e4a5d7e6-ea56-46a9-b703-f297be8343ac_koning.svg images.prismic.io/safeonweb-be/	2 MB 946 KB	52ms 12ms	Image image/svg+xml	2a04:4e42:1b::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.prismic.io/safeonweb-be/e4a5d7e6-ea56-46a9-b703-f297be8343ac_koning.svg?auto=compress,format Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software imgix / Resource Hash 2052141a33ceb66a08088c343e5b194417e72782e2c40c1dba354cb6c695b12c Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://campagne.safeonweb.be/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 14:30:16 GMT content-encoding gzip x-content-type-options nosniff age 227845 x-cache HIT, HIT x-imgix-id d05c66a1da4beffe3e75ba3854467d939dba5980 content-length 968226 x-served-by cache-sjc10072-SJC, cache-hhn4077-HHN last-modified Wed, 01 Dec 2021 16:30:06 GMT server imgix vary Accept-Encoding, Accept, User-Agent content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=315360000 accept-ranges bytes cross-origin-resource-policy cross-origin
GET H2	200	d6ea8ecb-3be7-4081-b26f-6e5a010239f9_safeonweb-mobile-app.png images.prismic.io/safeonweb-be/	7 KB 8 KB	23ms 8ms	Image image/avif	2a04:4e42:1b::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.prismic.io/safeonweb-be/d6ea8ecb-3be7-4081-b26f-6e5a010239f9_safeonweb-mobile-app.png?auto=compress,format Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software imgix / Resource Hash 950d5f57a4849f4eeee11b092552d34a52148e8189e437e9fa4a199ed8e3cd0c Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://campagne.safeonweb.be/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 14:30:16 GMT x-content-type-options nosniff last-modified Fri, 10 Dec 2021 18:53:36 GMT server imgix age 157000 vary Accept, User-Agent x-cache HIT, HIT content-type image/avif access-control-allow-origin * cache-control public, max-age=315360000 x-imgix-id 8bf78bdb18f374d6a633c7c644d005f0ea7f3434 accept-ranges bytes content-length 7615 cross-origin-resource-policy cross-origin x-served-by cache-sjc10076-SJC, cache-hhn4077-HHN
GET H2	200	31e6f98d-d6a5-46a1-a544-9e1229ba24a6_button-google_playFR.png images.prismic.io/safeonweb-be/	4 KB 4 KB	11ms 11ms	Image image/avif	2a04:4e42:1b::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.prismic.io/safeonweb-be/31e6f98d-d6a5-46a1-a544-9e1229ba24a6_button-google_playFR.png?auto=compress,format&rect=0,0,398,116&w=398&h=116 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software imgix / Resource Hash 470b5b595eae17dfb449a4d84dbadf3568de4a62e1e2f2f6be7bb28dcac56444 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://campagne.safeonweb.be/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 14:30:16 GMT x-content-type-options nosniff last-modified Fri, 10 Dec 2021 17:11:39 GMT server imgix age 163118 vary Accept, User-Agent x-cache HIT, HIT content-type image/avif access-control-allow-origin * cache-control public, max-age=315360000 x-imgix-id 4f5c339829b0fb0d5d48e095e1094f16b8691688 accept-ranges bytes content-length 4265 cross-origin-resource-policy cross-origin x-served-by cache-sjc10054-SJC, cache-hhn4077-HHN
GET H2	200	ad772ef6-1be7-42c9-818b-18f36f14f9c8_button-apple_appstoreFR.png images.prismic.io/safeonweb-be/	5 KB 5 KB	21ms 21ms	Image image/avif	2a04:4e42:1b::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.prismic.io/safeonweb-be/ad772ef6-1be7-42c9-818b-18f36f14f9c8_button-apple_appstoreFR.png?auto=compress,format&rect=0,0,398,116&w=398&h=116 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software imgix / Resource Hash 972d9551edef39cd8698be1fd92cf0fb2e4f38c29cb2ffb625ac113852741377 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://campagne.safeonweb.be/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 14:30:16 GMT x-content-type-options nosniff last-modified Fri, 10 Dec 2021 03:31:06 GMT server imgix age 212350 vary Accept, User-Agent x-cache HIT, HIT content-type image/avif access-control-allow-origin * cache-control public, max-age=315360000 x-imgix-id ead1396d3c7bc3df51fa9c988c6b4804cf195d5c accept-ranges bytes content-length 4819 cross-origin-resource-policy cross-origin x-served-by cache-sjc10064-SJC, cache-hhn4077-HHN
GET H3	200	ccb-logo.png campagne.safeonweb.be/assets/images/	27 KB 28 KB	22ms 22ms	Image image/png	2606:4700:3033::ac43:ae50 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://campagne.safeonweb.be/assets/images/ccb-logo.png Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:ae50 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 624acfd35517259b64f9275b3cdb3efb211ddc5c541be174e217f8bf2d9a4705 Request headers Accept-Language de-DE,de;q=0.9 Referer https://campagne.safeonweb.be/fr/phishing User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 14:30:16 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6031 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 27691 last-modified Thu, 28 Oct 2021 10:19:15 GMT server cloudflare etag "6c2b-5cf670aed4fed" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8l6NUcJ4F%2F0XOmnr82voLfFQKZHpyuJXIF52JMCvIsIRbj5idZ81CmAkskcDRkdAO4qJASvNWVou1SaoWe5uskfykeTMIaZu89AIWieh2dx0HOl3h3qn9meqEMTP%2Fj8ZLfHWIYTcgm1%2BLXnfHjgIFYhjMIA%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=7200 accept-ranges bytes cf-ray 6bc7a651db086927-FRA
GET H2	200	69bbb74696f18a7323282d22414433511ecf661e_layer-17.png images.prismic.io/safeonweb-be/	21 KB 21 KB	22ms 21ms	Image image/avif	2a04:4e42:1b::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.prismic.io/safeonweb-be/69bbb74696f18a7323282d22414433511ecf661e_layer-17.png?auto=compress,format Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software imgix / Resource Hash 55962c9778b56b8192d7b57ed00316573c1b7a2c6e833e1b0e93aa51febbadbc Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://campagne.safeonweb.be/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 14:30:16 GMT x-content-type-options nosniff last-modified Thu, 09 Dec 2021 23:04:23 GMT server imgix age 228353 vary Accept, User-Agent x-cache HIT, HIT content-type image/avif access-control-allow-origin * cache-control public, max-age=315360000 x-imgix-id 9b0e832d940f072020b15acb6cb9360c2c758a6f accept-ranges bytes content-length 21292 cross-origin-resource-policy cross-origin x-served-by cache-sjc10079-SJC, cache-hhn4077-HHN
GET H3	200	js Show response www.google-analytics.com/gtm/	91 KB 35 KB	36ms 20ms	Script application/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/js?id=OPT-M2KNZ46&t=gtm7&cid=1044757956.1639319417&aip=true Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ad3b11fc0e68c955a442fa9fc6b5b7819e89ddd95aa26c45ac53103735cc78b4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://campagne.safeonweb.be/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 14:30:16 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36181 x-xss-protection 0 expires Sun, 12 Dec 2021 14:30:16 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	14ms 14ms	XHR text/plain	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=742248186&t=pageview&_s=1&dl=https%3A%2F%2Fcampagne.safeonweb.be%2Ffr%2Fphishing&dp=%2Ffr%2Fphishing&ul=en-us&de=UTF-8&dt=Phishing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=1217735267&gjid=449964391&cid=1044757956.1639319417&tid=UA-39062694-2&_gid=1867588628.1639319417&_r=1&gtm=2wgc10WTG4PZM&z=471912221 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://campagne.safeonweb.be/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 12 Dec 2021 14:30:17 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://campagne.safeonweb.be cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| dataLayer string| __GTM_TRACKING__ object| __INITIAL_STATE__ function| setImmediate function| clearImmediate object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| google_optimize

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.safeonweb.be/	1970-01-20 16:53:11	Name: _ga Value: GA1.2.1044757956.1639319417
			.safeonweb.be/	1970-01-19 23:23:25	Name: _gid Value: GA1.2.1867588628.1639319417
			.safeonweb.be/	1970-01-19 23:21:59	Name: _gat_UA-39062694-2 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

campagne.safeonweb.be
images.prismic.io
img.youtube.com
polyfill.io
safeonweb-be.cdn.prismic.io
safeonweb-be.prismic.io
www.google-analytics.com
www.googletagmanager.com
2600:9000:214f:e400:6:ea06:d140:93a1
2606:4700:3033::ac43:ae50
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200e
2a04:4e42:1b::720
2a04:4e42:200::282
34.226.73.194
0a28887754f12d9b3f54e1cdc11428da1d3a04b3073fe42b824069d5be77cc93
109ede414b98f22ea22bf1cc023dff5e6993591bf74be88107f2c481c7650a88
15f051ee6590d3f64c5cc64a373555664b0ef9a6c3f2b00bff7d905b36e9b7f9
202579573b8505a04cfa94b3e4250fea0ba3994621d71b6bbfebde7cd22d5ccf
2052141a33ceb66a08088c343e5b194417e72782e2c40c1dba354cb6c695b12c
2bb424914cc368884b668d23a038bcc8227a0060997ed38bff8c56375a0bc4ca
2c0647ac87f8b1330ce4aaac416e9a6be3c119ba4c1b5c8e1b0ccbad1669d105
2c9fb7ccbe0a48c9c82f8b069cdad882857acfe43f41d43263e9e5b0597b1e89
2e88d11d0975d2820fd7c79b6a2c4d9da18e7d6d02d51f5ca405d36e5ebfd016
33d86aef28f20d2d8f96c37a52c0475aa4b90a64210322e912d2a14a6b8b3e41
34113ddac1195bb2a346d9c6479e9311b8aa48b28a02f7024fcc1e53d4b29da7
3ae500a0dd1ccfb9c84b167aaeae3b19f4a62636b9d2629e21e755bceb8e42c1
3b2ede34406115901d63d68b9888264f3a4fbf9b5cc7bcb31fc4095a249c6dd6
3f307039bd7abc011e9c6f3a4dbcf61fde6100576020ccea748b273407c39bf5
470b5b595eae17dfb449a4d84dbadf3568de4a62e1e2f2f6be7bb28dcac56444
5407cdf66847537dc586d14033266b63d7a88bb26a6444c3faf8758a31ed3509
55962c9778b56b8192d7b57ed00316573c1b7a2c6e833e1b0e93aa51febbadbc
55fd710cae43e5eb774b05ddcc78c5459204b1f9e78969aacf39cce43903cb63
5f68ba129fb1e62d6cceb1de6c4eef3b01784144b32525c61fa1dfd705abe516
624acfd35517259b64f9275b3cdb3efb211ddc5c541be174e217f8bf2d9a4705
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
823ef73c61d3a7dcd326ae97ae1990db8fba0f9d6bafd3e0b0637e71151763de
93b6d06fbda857acd518012a13319cecfab1cce720fb9437d294a4111f6e1c3a
950d5f57a4849f4eeee11b092552d34a52148e8189e437e9fa4a199ed8e3cd0c
972d9551edef39cd8698be1fd92cf0fb2e4f38c29cb2ffb625ac113852741377
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aa7720e3b668c42ceca59f347eff463f78c2874ceabb9cee1873fe53c93c2b0f
ad3b11fc0e68c955a442fa9fc6b5b7819e89ddd95aa26c45ac53103735cc78b4
b61fec69032088446b3d98d178e8fb2f3e678e1090a4475cb38ca988f1869e74
bc5bfb7dbd2373c8cd6fdc5bff699f5783ad853f078ba7100b150e8f0c6e55d0
d64a598b5c35ad47153d602c4dc2f39111ef05f3f21e8528b273e4c3f1871efa
e5764e3d769f77975357f8297a81d6ddfc6bf05cd8b07dda198da6e38ab14dad
f16a67dab2f56278c8d00b1a8d10d8845558e2a47dd549cb1fbc08ec13c2a82d