urlscan.io logo urlscan.io
SecurityTrails logo

www.flair.be Open in urlscan Pro
108.138.36.35  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://flair.be/
Effective URL: https://www.flair.be/
Submission: On March 28 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 4 domains to perform 7 HTTP transactions. The main IP is 108.138.36.35, located in United States and belongs to AMAZON-02, US. The main domain is www.flair.be. The Cisco Umbrella rank of the primary domain is 286988.
TLS certificate: Issued by Amazon on September 29th 2021. Valid for: a year.
This is the only time www.flair.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 217.19.237.54 34762 (COMBELL-AS)
1 108.138.36.35 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 4 146.59.29.4 16276 (OVH)
1 146.59.30.100 16276 (OVH)
7 5
1    217.19.237.54 (Belgium)

ASN34762 (COMBELL-AS, BE)
PTR: 217.19.237.54.static.hosted.by.combell.com
flair.be
1    108.138.36.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-35.muc50.r.cloudfront.net
www.flair.be
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    146.59.29.4 (France)

ASN16276 (OVH, FR)
PTR: ip4.ip-146-59-29.eu
gabe.hit.gemius.pl
1    146.59.30.100 (France)

ASN16276 (OVH, FR)
PTR: ip100.ip-146-59-30.eu
ls.hit.gemius.pl
Apex Domain
Subdomains		 Transfer
5 gemius.pl
gabe.hit.gemius.pl — Cisco Umbrella Rank: 35007
ls.hit.gemius.pl — Cisco Umbrella Rank: 9266
15 KB
2 flair.be
flair.be — Cisco Umbrella Rank: 282037
www.flair.be — Cisco Umbrella Rank: 286988
5 KB
1 gstatic.com
fonts.gstatic.com
12 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 107
875 B
7 4
Domain Requested by
4 gabe.hit.gemius.pl 1 redirects www.flair.be
gabe.hit.gemius.pl
1 ls.hit.gemius.pl gabe.hit.gemius.pl
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com www.flair.be
1 www.flair.be
1 flair.be 1 redirects
7 6

This site contains no links.

Subject Issuer Validity Valid
*.flair.be
Amazon		 2021-09-29 -
2022-10-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2021-09-08 -
2022-09-25		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.flair.be/
Frame ID: 98D9EFF4A8E007CF058F3E899078DC5B
Requests: 6 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 3CFE622315A0B2788DC7C27002DB66E1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://flair.be/ HTTP 301
    https://www.flair.be/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

7
Requests

86 %
HTTPS

33 %
IPv6

4
Domains

6
Subdomains

5
IPs

4
Countries

32 kB
Transfer

68 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://flair.be/ HTTP 301
    https://www.flair.be/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://gabe.hit.gemius.pl/_1648492253012/rexdot.js?l=100&id=nXqV9jNvbcICSbVFAj6uf3XW.fMBwe9I8J_E9dZkH87.17&et=view&hsrc=1&initsonar=1&extra=lan%3DNL&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.flair.be%2F&ref=&mtp=0&screen=1600x1200r1000&col=24&window=1600x1200&ltime=222&lsdata=G.Ir9i_b1aaD3_7vilPAzSs8Ufni4hrEIWzmV9gEpTL.47XumWb5W6HRpdZdxjf7EHIY7prNZLjR92luEkYhbcXp0CM./f1h1YaIXZvcqe/&fpdata=SNQgqVmBEZVE5qthJBQ1IGJUGLi.OtzTEpvhtmtHdYb.57&vis=1&fpcap= HTTP 301
  • https://gabe.hit.gemius.pl/__/_1648492253012/rexdot.js?l=100&id=nXqV9jNvbcICSbVFAj6uf3XW.fMBwe9I8J_E9dZkH87.17&et=view&hsrc=1&initsonar=1&extra=lan%3DNL&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.flair.be%2F&ref=&mtp=0&screen=1600x1200r1000&col=24&window=1600x1200&ltime=222&lsdata=G.Ir9i_b1aaD3_7vilPAzSs8Ufni4hrEIWzmV9gEpTL.47XumWb5W6HRpdZdxjf7EHIY7prNZLjR92luEkYhbcXp0CM./f1h1YaIXZvcqe/&fpdata=SNQgqVmBEZVE5qthJBQ1IGJUGLi.OtzTEpvhtmtHdYb.57&vis=1&fpcap=

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.flair.be/
Redirect Chain
  • http://flair.be/
  • https://www.flair.be/
10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.flair.be/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-35.muc50.r.cloudfront.net
Software
/
Resource Hash
f643dee96453e284b89174b15c7076054ebdb6410358a533a774cabbe895c937
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 28 Mar 2022 18:29:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
x-xss-protection
1; mode=block
content-encoding
gzip
x-cache
Hit from cloudfront
via
1.1 91220e34cbdd95f669dbfd83e711fee6.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
x-amz-cf-id
z3niR5RCuwOEYMRkRyoqpLwaPybIrSD2XQtMTYeZViRofNfvHG_KfA==
age
56

Redirect headers

Date
Mon, 28 Mar 2022 18:30:51 GMT
Server
Apache
Location
https://www.flair.be/
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
20
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
css
fonts.googleapis.com/ 		705 B
875 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Karla
Requested by
Host: www.flair.be
URL: https://www.flair.be/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
93c1dabdf18fa98c575e4a9ef11c92ea78627891289d6a2d4e1d7c0e92a77edf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.flair.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 16:32:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 28 Mar 2022 18:30:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Mar 2022 18:30:52 GMT
qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2
fonts.gstatic.com/s/karla/v21/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/karla/v21/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a968f482a73e8e8faf0032ad6e172d458b89725e88e5f0b7b16eb8cac332c308
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.flair.be
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 19:32:47 GMT
x-content-type-options
nosniff
age
341885
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11164
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:29:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Mar 2023 19:32:47 GMT
xgemius.js
gabe.hit.gemius.pl/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gabe.hit.gemius.pl/xgemius.js
Requested by
Host: www.flair.be
URL: https://www.flair.be/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.29.4 , France, ASN16276 (OVH, FR),
Reverse DNS
ip4.ip-146-59-29.eu
Software
GHC /
Resource Hash
c0ab0fe4c803e3c52d057b9b46f058caff2be21a8934300f7693d30509127999

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.flair.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 18:30:52 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 07:51:19 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
11009
expires
Tue, 29 Mar 2022 06:30:52 GMT
fpdata.js
gabe.hit.gemius.pl/ 		277 B
391 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gabe.hit.gemius.pl/fpdata.js?href=www.flair.be
Requested by
Host: gabe.hit.gemius.pl
URL: https://gabe.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.29.4 , France, ASN16276 (OVH, FR),
Reverse DNS
ip4.ip-146-59-29.eu
Software
GHC /
Resource Hash
8cdac53ed9fab2bef18018c31b3466fca0de8bc40c3cf80c2f1ae37b525fef66

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.flair.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 18:30:52 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
277
expires
Wed, 27 Apr 2022 18:30:52 GMT
lsget.html
ls.hit.gemius.pl/ Frame 3CFE 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gabe.hit.gemius.pl
URL: https://gabe.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.100 , France, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-146-59-30.eu
Software
GHC /
Resource Hash
bf145e968e2cc6cfc51a1685aa96fbb1521c60657be415d93979cfebc07612d7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.flair.be/

Response headers

date
Mon, 28 Mar 2022 18:30:52 GMT
expires
Wed, 27 Apr 2022 18:30:52 GMT
server
GHC
accept-ranges
none
cache-control
private, max-age=2592000
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
etag
PRIVATE7520710249
vary
Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy
cross-origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
text/html;charset=utf-8
content-length
2715
content-encoding
gzip
rexdot.js
gabe.hit.gemius.pl/__/_1648492253012/
Redirect Chain
  • https://gabe.hit.gemius.pl/_1648492253012/rexdot.js?l=100&id=nXqV9jNvbcICSbVFAj6uf3XW.fMBwe9I8J_E9dZkH87.17&et=view&hsrc=1&initsonar=1&extra=lan%3DNL&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww...
  • https://gabe.hit.gemius.pl/__/_1648492253012/rexdot.js?l=100&id=nXqV9jNvbcICSbVFAj6uf3XW.fMBwe9I8J_E9dZkH87.17&et=view&hsrc=1&initsonar=1&extra=lan%3DNL&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F...
173 B
428 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gabe.hit.gemius.pl/__/_1648492253012/rexdot.js?l=100&id=nXqV9jNvbcICSbVFAj6uf3XW.fMBwe9I8J_E9dZkH87.17&et=view&hsrc=1&initsonar=1&extra=lan%3DNL&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.flair.be%2F&ref=&mtp=0&screen=1600x1200r1000&col=24&window=1600x1200&ltime=222&lsdata=G.Ir9i_b1aaD3_7vilPAzSs8Ufni4hrEIWzmV9gEpTL.47XumWb5W6HRpdZdxjf7EHIY7prNZLjR92luEkYhbcXp0CM./f1h1YaIXZvcqe/&fpdata=SNQgqVmBEZVE5qthJBQ1IGJUGLi.OtzTEpvhtmtHdYb.57&vis=1&fpcap=
Requested by
Host: www.flair.be
URL: https://www.flair.be/
Protocol
H2
Server
146.59.29.4 , France, ASN16276 (OVH, FR),
Reverse DNS
ip4.ip-146-59-29.eu
Software
GHC /
Resource Hash
21beaaf4eb235893957e727fbbe6ebcbffc6c143c4271ab9eba2b29019524b51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.flair.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 18:30:53 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
173
expires
Sun, 27 Mar 2022 18:30:53 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Mar 2022 18:30:53 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1648492253012/rexdot.js?l=100&id=nXqV9jNvbcICSbVFAj6uf3XW.fMBwe9I8J_E9dZkH87.17&et=view&hsrc=1&initsonar=1&extra=lan%3DNL&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.flair.be%2F&ref=&mtp=0&screen=1600x1200r1000&col=24&window=1600x1200&ltime=222&lsdata=G.Ir9i_b1aaD3_7vilPAzSs8Ufni4hrEIWzmV9gEpTL.47XumWb5W6HRpdZdxjf7EHIY7prNZLjR92luEkYhbcXp0CM./f1h1YaIXZvcqe/&fpdata=SNQgqVmBEZVE5qthJBQ1IGJUGLi.OtzTEpvhtmtHdYb.57&vis=1&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Sun, 27 Mar 2022 18:30:53 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| setCookie function| getCookie string| userlang string| baseUrl string| ua undefined| $link string| pp_gemius_identifier object| pp_gemius_extraparameters object| gemius_cmpclient object| gemius_hcconn function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event number| pp_gemius_cnt boolean| gemius_hcref

3 Cookies

Domain/Path Name / Value
.flair.be/ Name: __gfp_64b
Value: SNQgqVmBEZVE5qthJBQ1IGJUGLi.OtzTEpvhtmtHdYb.57|1648492252
.hit.gemius.pl/ Name: Gtest
Value: KlSCZRGGQMQGjv71-jYArcsissGMXP8c25nSGoEef-hnuv1isG..
.hit.gemius.pl/ Name: Gdyn
Value: KlSI3MXGQMQGjv71-jYArcsissGMXP8c25nSGoEef-hnuvMiGsRPIQlGvGQp8fg8SLL8RLcGsy8Pge9iaQG.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block