Submitted URL: http://app.dialoginsight.com/T/OFC4/L2S/8935/B22520/fWIH/9137/151297/4Ic0Rs/3/247485/Hb79w4PV/I/9131/Crd61b.html?h=f_FL5DyW6u...
Effective URL: https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedou...
Submission: On June 18 via api from BE

Summary

This website contacted 30 IPs in 7 countries across 26 domains to perform 82 HTTP transactions. The main IP is 2606:4700::6810:1433, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.peterhahn.be.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on May 17th 2020. Valid for: 5 months.
This is the only time www.peterhahn.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 208.91.248.7 46095 (RSI-HQ)
1 18 143.204.202.13 16509 (AMAZON-02)
1 13.226.154.44 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:218... 16509 (AMAZON-02)
1 13.226.154.19 16509 (AMAZON-02)
2 3 34.95.109.120 15169 (GOOGLE)
1 13.226.154.81 16509 (AMAZON-02)
1 1 63.33.85.46 16509 (AMAZON-02)
13 2606:4700::68... 13335 (CLOUDFLAR...)
1 188.165.150.178 16276 (OVH)
2 34.96.102.137 15169 (GOOGLE)
11 67.27.157.250 3356 (LEVEL3)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 8.238.39.45 3356 (LEVEL3)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a04:4e42:1b:... 54113 (FASTLY)
2 2a00:1798:3:c... 8426 (CLARANET-...)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 34.254.39.11 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 172.217.22.66 15169 (GOOGLE)
1 2a02:2638:1::3 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 178.250.2.151 44788 (ASN-CRITE...)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 178.250.2.150 44788 (ASN-CRITE...)
82 30
Domain Requested by
18 www.bonusway.be 1 redirects www.bonusway.be
13 www.peterhahn.be clk.tradedoubler.com
www.peterhahn.be
ajax.cloudflare.com
cdn.jsdelivr.net
11 media.peterhahn.com www.peterhahn.be
5 fonts.googleapis.com www.bonusway.be
www.peterhahn.be
4 www.google-analytics.com 1 redirects www.googletagmanager.com
www.bonusway.be
3 clk.tradedoubler.com 2 redirects www.bonusway.be
3 fonts.gstatic.com www.bonusway.be
2 www.facebook.com connect.facebook.net
2 connect.facebook.net www.bonusway.be
connect.facebook.net
2 www.google.de
2 www.google.com 1 redirects
2 www.econda-monitor.de www.peterhahn.be
2 dev.visualwebsiteoptimizer.com www.peterhahn.be
2 stats.g.doubleclick.net 1 redirects www.bonusway.be
2 www.googletagmanager.com www.bonusway.be
1 csm.nl.eu.criteo.net
1 sslwidget.criteo.com static.criteo.net
1 googleads.g.doubleclick.net www.googleadservices.com
1 static.criteo.net www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 rum-collector-2.pingdom.net rum-static.pingdom.net
1 cdn.jsdelivr.net ajax.cloudflare.com
1 rum-static.pingdom.net ajax.cloudflare.com
1 peterhahn.a.bigcontent.io www.peterhahn.be
1 ajax.cloudflare.com www.peterhahn.be
1 analytics.tradedoubler.com vht.tradedoubler.com
1 redir.tradedoubler.com 1 redirects
1 vht.tradedoubler.com clk.tradedoubler.com
1 api.bonusway.com www.bonusway.be
1 d289b99uqa0t82.cloudfront.net www.bonusway.be
1 sdk.amazonaws.com www.bonusway.be
1 app.dialoginsight.com 1 redirects
82 32

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
Subject Issuer Validity Valid
www.bonusway.be
Sectigo RSA Domain Validation Secure Server CA
2020-02-19 -
2022-02-18
2 years crt.sh
sdk.amazonaws.com
Amazon
2019-09-25 -
2020-10-25
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2020-05-26 -
2020-08-18
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2020-05-26 -
2020-08-18
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-05-26 -
2020-08-18
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-05-26 -
2020-08-18
3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2
2020-05-26 -
2021-04-21
a year crt.sh
api.bonusway.com
COMODO RSA Extended Validation Secure Server CA
2019-01-03 -
2021-04-02
2 years crt.sh
*.tradedoubler.com
GlobalSign Domain Validation CA - SHA256 - G2
2018-12-10 -
2021-01-27
2 years crt.sh
peterhahn.be
CloudFlare Inc ECC CA-2
2020-05-17 -
2020-10-09
5 months crt.sh
analytics.tradedoubler.com
COMODO RSA Domain Validation Secure Server CA
2018-02-02 -
2021-02-01
3 years crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2
2017-06-30 -
2020-07-06
3 years crt.sh
i8.amplience.net
DigiCert SHA2 Secure Server CA
2020-05-27 -
2021-02-17
9 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2
2020-01-07 -
2020-10-09
9 months crt.sh
*.bigcontent.io
GeoTrust RSA CA 2018
2020-03-24 -
2021-03-29
a year crt.sh
*.pingdom.net
DigiCert SHA2 High Assurance Server CA
2019-11-08 -
2021-01-19
a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-06-08 -
2021-04-17
10 months crt.sh
*.econda-monitor.de
Thawte TLS RSA CA G1
2020-03-18 -
2022-06-17
2 years crt.sh
www.google.de
GTS CA 1O1
2020-05-26 -
2020-08-18
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-05-14 -
2020-08-05
3 months crt.sh
www.googleadservices.com
GTS CA 1O1
2020-05-26 -
2020-08-18
3 months crt.sh
*.criteo.net
DigiCert ECC Secure Server CA
2020-03-30 -
2020-06-28
3 months crt.sh
*.criteo.com
DigiCert ECC Secure Server CA
2020-03-30 -
2020-06-28
3 months crt.sh
www.google.com
GTS CA 1O1
2020-05-26 -
2020-08-18
3 months crt.sh
*.nl.eu.criteo.net
DigiCert ECC Secure Server CA
2020-06-07 -
2020-09-05
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
Frame ID: ABA455B354242C322C60904952ECEC92
Requests: 82 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://app.dialoginsight.com/T/OFC4/L2S/8935/B22520/fWIH/9137/151297/4Ic0Rs/3/247485/Hb79w4PV/I/9131/Crd6... HTTP 302
    https://www.bonusway.be/waiting/offer/7693647/48571/262457?type=7&utm_source=trigger&utm_medium=id HTTP 301
    https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457 Page URL
  2. http://clk.tradedoubler.com/click?p=241105&a=1988076&g=0&EPI=7693647KA48571KL12 HTTP 302
    https://clk.tradedoubler.com/click?p=241105&a=1988076&g=0&EPI=7693647KA48571KL12 Page URL
  3. https://clk.tradedoubler.com/click?p=241105&a=1988076&g=0&EPI=7693647KA48571KL12 HTTP 302
    https://redir.tradedoubler.com/projectr/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e*_td_*KEEP_NEWEST&pmk=ITRAAF... HTTP 302
    https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaig... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
  • headers server /^AmazonS3$/i

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i

Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

82
Requests

100 %
HTTPS

53 %
IPv6

26
Domains

32
Subdomains

30
IPs

7
Countries

2570 kB
Transfer

11899 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app.dialoginsight.com/T/OFC4/L2S/8935/B22520/fWIH/9137/151297/4Ic0Rs/3/247485/Hb79w4PV/I/9131/Crd61b.html?h=f_FL5DyW6uOc8abBJ5qbadHDIfZ3stpkPkGqVIc-Bd0&p1=7693647 HTTP 302
    https://www.bonusway.be/waiting/offer/7693647/48571/262457?type=7&utm_source=trigger&utm_medium=id HTTP 301
    https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457 Page URL
  2. http://clk.tradedoubler.com/click?p=241105&a=1988076&g=0&EPI=7693647KA48571KL12 HTTP 302
    https://clk.tradedoubler.com/click?p=241105&a=1988076&g=0&EPI=7693647KA48571KL12 Page URL
  3. https://clk.tradedoubler.com/click?p=241105&a=1988076&g=0&EPI=7693647KA48571KL12 HTTP 302
    https://redir.tradedoubler.com/projectr/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e*_td_*KEEP_NEWEST&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076*_td_*KEEP_NEWEST&_td_deeplink=https://www.peterhahn.be HTTP 302
    https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://app.dialoginsight.com/T/OFC4/L2S/8935/B22520/fWIH/9137/151297/4Ic0Rs/3/247485/Hb79w4PV/I/9131/Crd61b.html?h=f_FL5DyW6uOc8abBJ5qbadHDIfZ3stpkPkGqVIc-Bd0&p1=7693647 HTTP 302
  • https://www.bonusway.be/waiting/offer/7693647/48571/262457?type=7&utm_source=trigger&utm_medium=id HTTP 301
  • https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
Request Chain 30
  • http://clk.tradedoubler.com/click?p=241105&a=1988076&g=0&EPI=7693647KA48571KL12 HTTP 302
  • https://clk.tradedoubler.com/click?p=241105&a=1988076&g=0&EPI=7693647KA48571KL12
Request Chain 68
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&aip=1&a=1061454500&t=pageview&_s=1&dl=https%3A%2F%2Fwww.peterhahn.be%2F%3Ftduid%3Dbd5f99f1dace3a8b555b0efd8a8de43e%26pmk%3DITRAAFF130819-03%3B1988076%26campaign%3Daffiliate%2Ftradedoubler%2F1988076&dr=https%3A%2F%2Fclk.tradedoubler.com%2F&ul=en-us&de=UTF-8&dt=Mode%20en%20merken%3A%20Online%20shoppen%20bij%20Peter%20Hahn&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1600678869&gjid=28427203&cid=372977092.1592450175&tid=UA-36826831-7&_gid=80254103.1592450175&_r=1&z=1795041664 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-36826831-7&cid=372977092.1592450175&jid=1600678869&_gid=80254103.1592450175&gjid=28427203&_v=j83&z=1795041664 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-36826831-7&cid=372977092.1592450175&jid=1600678869&_v=j83&z=1795041664 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-36826831-7&cid=372977092.1592450175&jid=1600678869&_v=j83&z=1795041664&slf_rd=1&random=4003155437

82 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
wachtend
www.bonusway.be/
Redirect Chain
  • http://app.dialoginsight.com/T/OFC4/L2S/8935/B22520/fWIH/9137/151297/4Ic0Rs/3/247485/Hb79w4PV/I/9131/Crd61b.html?h=f_FL5DyW6uOc8abBJ5qbadHDIfZ3stpkPkGqVIc-Bd0&p1=7693647
  • https://www.bonusway.be/waiting/offer/7693647/48571/262457?type=7&utm_source=trigger&utm_medium=id
  • https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
2 KB
1 KB
Document
General
Full URL
https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-13.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
de07748e3baa211e5c67b7c3a3600a5aca1a88fa4918f9952a812454a958ca72

Request headers

:method
GET
:authority
www.bonusway.be
:scheme
https
:path
/wachtend?userid=7693647&campaignid=48571&offerid=262457
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
content-type
text/html;charset=utf-8
date
Thu, 18 Jun 2020 03:11:34 GMT
cache-control
max-age=3600,public
last-modified
Tue, 19 May 2020 13:36:32 GMT
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Error from cloudfront
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
5AcE8_2_hHSJaobatTqmCxfyVeAs-thVJv2nxjdPU6DQIP5AHFJv3A==
age
277

Redirect headers

status
301
content-length
0
location
https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
server
CloudFront
date
Thu, 18 Jun 2020 03:14:17 GMT
x-cache
Hit from cloudfront
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
dbDroxMptX21WHE6QZ5d8rSwZbS8B9MBa5OkEDF-Czt6kfvUNxfmWQ==
age
112
material.css
www.bonusway.be/assets/css/
48 KB
6 KB
Stylesheet
General
Full URL
https://www.bonusway.be/assets/css/material.css
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-13.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a047ff7ee43975e57dc39d0812407b6c31f30fb5f6c6781af250ba4b418e6e1

Request headers

Referer
https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:14:18 GMT
content-encoding
gzip
last-modified
Tue, 19 May 2020 13:36:31 GMT
server
AmazonS3
age
112
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
cache-control
max-age=86400,public
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
eMiZmyTZnO6QDapiSNKuQR-lcKT_02lzqB7MVwahZ3UuJmrMVToZeg==
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
styles.739020ba4a0ef09b11c2.js
www.bonusway.be/
540 KB
81 KB
Script
General
Full URL
https://www.bonusway.be/styles.739020ba4a0ef09b11c2.js
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-13.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
95a97863a95700781128192d4b1ff2a1bc71f66d83c10c9c8267bc53646e1228

Request headers

Referer
https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:14:18 GMT
content-encoding
gzip
last-modified
Tue, 19 May 2020 13:36:28 GMT
server
AmazonS3
age
112
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
max-age=86400,public
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
j8zaPe6KchdOHY--8ntsl8r7z65i-lwodNdxwFcfU8qAMN5Ew4UI3A==
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
aws-sdk-2.283.1.min.js
sdk.amazonaws.com/js/
2 MB
233 KB
Script
General
Full URL
https://sdk.amazonaws.com/js/aws-sdk-2.283.1.min.js
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.154.44 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-154-44.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
adcc82d3181ad467c6e1153bf4bf1c7458b835565b51abdddd791a8cbd21d2e2

Request headers

Referer
https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 03:15:16 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Jul 2018 20:53:29 GMT
Server
AmazonS3
Age
54
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-C1
X-Amz-Cf-Id
vwzLrzRifyXrKRSoafCQu9TbyQIsmPJTDn90EgwbVvCdi1FTTa_HfA==
runtime.f3b94d139415db3ecea0.js
www.bonusway.be/
3 KB
2 KB
Script
General
Full URL
https://www.bonusway.be/runtime.f3b94d139415db3ecea0.js
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-13.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64cb5e99243c8b9a0d71e64d9ad335bce15b608622e04dc7ebc459719024ed6e

Request headers

Referer
https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:14:18 GMT
content-encoding
gzip
last-modified
Tue, 19 May 2020 13:36:28 GMT
server
AmazonS3
age
112
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
max-age=86400,public
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
hoytf0LSFdZw_t2pr2RN9UE8TzJC5mLr5ISROw3LScetgZuOzb8elQ==
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
polyfills.7e8bd2e8f4b4d6e2f8ac.js
www.bonusway.be/
145 KB
48 KB
Script
General
Full URL
https://www.bonusway.be/polyfills.7e8bd2e8f4b4d6e2f8ac.js
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-13.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4054e0e08281cafe72746e44584aad43cc2fae4327e003a53f52558cb722e3f4

Request headers

Referer
https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:14:18 GMT
content-encoding
gzip
last-modified
Tue, 19 May 2020 13:36:28 GMT
server
AmazonS3
age
112
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
max-age=86400,public
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
OryMwryJDznoMk6W_LIZ-JdMLSjTBepdoAxaqVUcuIyj_1dkTuH6tw==
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
main.c52b4419fdf83c1a4f9f.js
www.bonusway.be/
2 MB
466 KB
Script
General
Full URL
https://www.bonusway.be/main.c52b4419fdf83c1a4f9f.js
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-13.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a9636f7107e19d190302530d8d5bbb0b6f6999352260fa1bd38b56c2ea490af

Request headers

Referer
https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:14:18 GMT
content-encoding
gzip
last-modified
Tue, 19 May 2020 13:36:28 GMT
server
AmazonS3
age
112
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
max-age=86400,public
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
jD6Nacx8ogQtqT-RosmCmgtKJOkJ6hCMZqRetMECaNntlUJ8dH6sqw==
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
gtm.js
www.googletagmanager.com/
90 KB
31 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MXB8J5M
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
96b2a8727314dc37aa534061e3357c27513b2c53daf5a183d35a52c194431b71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:16:10 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31371
x-xss-protection
0
last-modified
Thu, 18 Jun 2020 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 18 Jun 2020 03:16:10 GMT
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MXB8J5M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
1191
date
Thu, 18 Jun 2020 02:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Thu, 18 Jun 2020 04:56:19 GMT
css
fonts.googleapis.com/
5 KB
761 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 18 Jun 2020 02:19:28 GMT
server
ESF
date
Thu, 18 Jun 2020 03:16:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Jun 2020 03:16:10 GMT
styles.739020ba4a0ef09b11c2.js
www.bonusway.be/
540 KB
81 KB
Stylesheet
General
Full URL
https://www.bonusway.be/styles.739020ba4a0ef09b11c2.js
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-13.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
95a97863a95700781128192d4b1ff2a1bc71f66d83c10c9c8267bc53646e1228

Request headers

Referer
https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:14:18 GMT
content-encoding
gzip
last-modified
Tue, 19 May 2020 13:36:28 GMT
server
AmazonS3
age
112
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
max-age=86400,public
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
1iZPkNSUvcjQ8cq4n6ZNENwTICE2HQgidpUsnSl-PccjS72qUuJ-fQ==
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
css
fonts.googleapis.com/
11 KB
928 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i,900,900i
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/styles.739020ba4a0ef09b11c2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ff0cf5022dd57c13099cde26c91de999ff3e6004e595999a775c7a90af8e0ab9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 18 Jun 2020 03:14:17 GMT
server
ESF
date
Thu, 18 Jun 2020 03:16:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Jun 2020 03:16:10 GMT
css
fonts.googleapis.com/
10 KB
932 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/styles.739020ba4a0ef09b11c2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8b67ffa5bcc69b72e1fd971de44ff6e71b379f039adc48eec47bb678bb619d15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 18 Jun 2020 03:16:10 GMT
server
ESF
date
Thu, 18 Jun 2020 03:16:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Jun 2020 03:16:10 GMT
css
fonts.googleapis.com/
8 KB
802 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:300,400,600,700&display=swap
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/styles.739020ba4a0ef09b11c2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
781f984879e738f5a9eeea553216a1828a96b286d586575482d243a2928e271f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 18 Jun 2020 02:53:21 GMT
server
ESF
date
Thu, 18 Jun 2020 03:16:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Jun 2020 03:16:10 GMT
icomoon.8a0e7af5506c3ed178d2.ttf
www.bonusway.be/
51 KB
28 KB
Font
General
Full URL
https://www.bonusway.be/icomoon.8a0e7af5506c3ed178d2.ttf?5lfkg1
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-13.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b73c7391f692794e2f05903eb8d9bbe04f00a2657343eef48c3a6f205a013054

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bonusway.be/
Origin
https://www.bonusway.be

Response headers

date
Thu, 18 Jun 2020 03:11:34 GMT
content-encoding
gzip
vary
Accept-Encoding
age
276
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Tue, 19 May 2020 13:36:26 GMT
server
AmazonS3
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/ttf
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
cache-control
max-age=86400,public
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
k2sulmfOqAWHYCbUgk0k4a392vVoDN_G0ZzPV8EateTtn6ebMAsafQ==
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bonusway.be/
Origin
https://www.bonusway.be

Response headers

date
Thu, 11 Jun 2020 13:03:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
569566
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Fri, 11 Jun 2021 13:03:24 GMT
bl.json
www.bonusway.be/assets/i18n/
155 KB
50 KB
XHR
General
Full URL
https://www.bonusway.be/assets/i18n/bl.json
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/polyfills.7e8bd2e8f4b4d6e2f8ac.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-13.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
78127fd60c41910a8d49e551938b6abf72b4c340d6ae0d8fff06c3290862b906

Request headers

X-Bonusway-Locale
bl
Accept
application/json, text/plain, */*
Referer
https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
Accept-Language
bl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Bonusway-Web-Version
4.0

Response headers

date
Thu, 18 Jun 2020 03:14:19 GMT
content-encoding
gzip
last-modified
Thu, 28 May 2020 09:33:15 GMT
server
AmazonS3
age
112
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
status
200
cache-control
max-age=1800,public
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
CubA6dwcLB6fHT5TCgHAOz45wgclmw1m0u4ipBCE3L4Cg8ge4QkgvA==
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
settings-bl.json
www.bonusway.be/assets/json/
31 KB
5 KB
XHR
General
Full URL
https://www.bonusway.be/assets/json/settings-bl.json
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/polyfills.7e8bd2e8f4b4d6e2f8ac.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-13.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ea9a4e06213e879471231156993f0df9b7c384d4d63f4a8d224efe88d299d063

Request headers

X-Bonusway-Locale
bl
Accept
application/json, text/plain, */*
Referer
https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
Accept-Language
bl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Bonusway-Web-Version
4.0

Response headers

date
Thu, 18 Jun 2020 03:14:19 GMT
content-encoding
gzip
last-modified
Thu, 18 Jun 2020 03:00:25 GMT
server
AmazonS3
age
112
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
status
200
cache-control
max-age=1800,public
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
nhySAw7CHuj11R8SyN3yVlFyHO-DPgeNqIvY-TNNvVl6H5VXEE-TVw==
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
collect
www.google-analytics.com/
35 B
96 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&a=2122574389&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bonusway.be%2Fwachtend%3Fuserid%3D7693647%26campaignid%3D48571%26offerid%3D262457&dp=https%3A%2F%2Fwww.bonusway.be%2Fwachtend%3Fuserid%3D7693647%26campaignid%3D48571%26offerid%3D262457&ul=en-us&de=UTF-8&dt=Bonusway&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1571261211&gjid=288086628&cid=1150155226.1592450170&tid=UA-140702845-4&_gid=549815955.1592450170&gtm=2wg6a0MXB8J5M&z=1656035105
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jun 2020 01:20:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
698118
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/
35 B
99 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-140702845-4&cid=1150155226.1592450170&jid=1571261211&gjid=288086628&_gid=549815955.1592450170&_u=YGBAgEAB~&z=962035691
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 18 Jun 2020 03:16:10 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
1.e87356c828ade3d70db4.js
www.bonusway.be/
2 KB
1 KB
Script
General
Full URL
https://www.bonusway.be/1.e87356c828ade3d70db4.js
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/runtime.f3b94d139415db3ecea0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-13.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
325a5439bbec33ae6e2bd2cdf5f35738dc745bb534017f337eccb4ec459ce67e

Request headers

Referer
https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:14:19 GMT
content-encoding
gzip
last-modified
Tue, 19 May 2020 13:36:27 GMT
server
AmazonS3
age
112
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
max-age=86400,public
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
IEl6qQZoGg7Lys0A-prp0U805LsEfVmo5lXD0wQsyCu7lG9GuGy9qQ==
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
2.d75441600f40d32a00e0.js
www.bonusway.be/
45 KB
8 KB
Script
General
Full URL
https://www.bonusway.be/2.d75441600f40d32a00e0.js
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/runtime.f3b94d139415db3ecea0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-13.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6e5c9d718df0e05c7bbfa84f1ac7cdb45f74dda677aae2986313525a820728e

Request headers

Referer
https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:14:19 GMT
content-encoding
gzip
last-modified
Tue, 19 May 2020 13:36:27 GMT
server
AmazonS3
age
112
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
max-age=86400,public
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
oZCYc82aPCtsUipDpImG5pFIQ4L4YE3-7SA-R8qWljBI5bCstvNvkQ==
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
7.50f9e0b1a775dc34a25d.js
www.bonusway.be/
4 MB
602 KB
Script
General
Full URL
https://www.bonusway.be/7.50f9e0b1a775dc34a25d.js
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/runtime.f3b94d139415db3ecea0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-13.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d352f572f9160097eb523ce7b2d49976d45e9411ded1134bec3b87cd5b929f42

Request headers

Referer
https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:14:19 GMT
content-encoding
gzip
last-modified
Tue, 19 May 2020 13:36:28 GMT
server
AmazonS3
age
113
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
max-age=86400,public
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
VYMW20aoCf8Tf88ipiuWwNREAPAP-2E1hu80CrFP4rgBAz9kLUEmLg==
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
9.6ce2f54a9106b2c63215.js
www.bonusway.be/
16 KB
5 KB
Script
General
Full URL
https://www.bonusway.be/9.6ce2f54a9106b2c63215.js
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/runtime.f3b94d139415db3ecea0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-13.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
13486d14a047d3f4f235627dc536ea22098fc1f958d0c3efa4b3f34b6798e639

Request headers

Referer
https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:14:19 GMT
content-encoding
gzip
last-modified
Tue, 19 May 2020 13:36:28 GMT
server
AmazonS3
age
112
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
max-age=86400,public
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
QhjCx01ER-Fwd4ZekshPU2pO8l5d8lMzrAYhhSkRSov5Oksy_SP7yA==
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
common.96bbeb2f9ebb5cefd602.js
www.bonusway.be/
11 KB
4 KB
Script
General
Full URL
https://www.bonusway.be/common.96bbeb2f9ebb5cefd602.js
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/runtime.f3b94d139415db3ecea0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-13.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e7a32324d85d6f2d9610fe152ba4b1e79fe9235301ecb2ed38f526139ff28d9

Request headers

Referer
https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:14:19 GMT
content-encoding
gzip
last-modified
Tue, 19 May 2020 13:36:28 GMT
server
AmazonS3
age
113
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
max-age=86400,public
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
HPg8W8v7b3tAfJIP8cn5Vt2eL9zwTFQu8zVOrwqqLPoaEAi4VScSHg==
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
39.ac0099123f4d4f8087c1.js
www.bonusway.be/
103 KB
17 KB
Script
General
Full URL
https://www.bonusway.be/39.ac0099123f4d4f8087c1.js
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/runtime.f3b94d139415db3ecea0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-13.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e844ec595f83ad9fd41131c4e1d65e828f6f5628667cce9d564f4aebab465cb4

Request headers

Referer
https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:14:19 GMT
content-encoding
gzip
last-modified
Tue, 19 May 2020 13:36:28 GMT
server
AmazonS3
age
112
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
max-age=86400,public
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
t8HTg_-Anx-huPym-v0DDIqzgHn94AxYHuS2pxMvdxvtuR1GZ251GA==
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
48571.json
d289b99uqa0t82.cloudfront.net/sites/30/campaigns/
3 KB
3 KB
XHR
General
Full URL
https://d289b99uqa0t82.cloudfront.net/sites/30/campaigns/48571.json
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/polyfills.7e8bd2e8f4b4d6e2f8ac.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:4000:12:13a9:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a83533ecfb7e1496c22c2dfc082ec86a04d69bfbc4f53970d25d5117f8522372

Request headers

X-Bonusway-Locale
bl
Accept
application/json, text/plain, */*
Referer
https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
Accept-Language
bl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Bonusway-Web-Version
4.0

Response headers

date
Thu, 18 Jun 2020 03:15:29 GMT
via
1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
vary
Origin
age
42
x-cache
Hit from cloudfront
status
200
content-length
2796
last-modified
Thu, 11 Jun 2020 05:51:00 GMT
server
AmazonS3
etag
"72cd794d63329b41025015ca14b7740b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=900
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
pLqUkoMzrXTphSCkJyqpSI893H4CqrgDQ61trIuqd8z1zn0fd4Sf8g==
Logo.svg
www.bonusway.be/assets/img/
34 KB
14 KB
Image
General
Full URL
https://www.bonusway.be/assets/img/Logo.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-13.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7dce684d8b08873daf9185a1db8d193f540e800513e15a9304e60a7089277ce

Request headers

Referer
https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:14:19 GMT
content-encoding
gzip
last-modified
Tue, 19 May 2020 13:36:25 GMT
server
AmazonS3
age
111
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
max-age=86400,public
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
b3by3MAK8pLayBOEn-du5jxJVXevuowHIQTmhITC2MggqvSwI5B-7g==
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bonusway.be/
Origin
https://www.bonusway.be

Response headers

date
Fri, 12 Jun 2020 16:53:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:11 GMT
server
sffe
age
469387
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Sat, 12 Jun 2021 16:53:03 GMT
clicks
api.bonusway.com/users/7693647/offers/262457/
99 B
616 B
XHR
General
Full URL
https://api.bonusway.com/users/7693647/offers/262457/clicks
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/polyfills.7e8bd2e8f4b4d6e2f8ac.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.154.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-154-19.dus51.r.cloudfront.net
Software
/
Resource Hash

Request headers

X-Bonusway-Locale
bl
Accept
application/json, text/plain, */*
Referer
https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
Accept-Language
bl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Bonusway-Web-Version
4.0
Content-Type
application/json

Response headers

date
Thu, 18 Jun 2020 03:16:13 GMT
via
1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
age
0
status
200
access-control-max-age
600
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-cache
Miss from cloudfront
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
access-control-allow-headers
Accept, Accept-Language, Authorization, Content-Type, X-Bonusway-Locale, X-Bonusway-Source, X-Bonusway-App-Version, X-Bonusway-Web-Version, X-Bonusway-Site, X-data, region
content-length
99
x-amz-cf-id
6vsHP8j4Q6uW9dkyIO5WUSL22tPqHOgThyLlcKDqkRIv0cN0_6cG2w==
click
clk.tradedoubler.com/
Redirect Chain
  • http://clk.tradedoubler.com/click?p=241105&a=1988076&g=0&EPI=7693647KA48571KL12
  • https://clk.tradedoubler.com/click?p=241105&a=1988076&g=0&EPI=7693647KA48571KL12
864 B
1 KB
Document
General
Full URL
https://clk.tradedoubler.com/click?p=241105&a=1988076&g=0&EPI=7693647KA48571KL12
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/main.c52b4419fdf83c1a4f9f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.109.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
120.109.95.34.bc.googleusercontent.com
Software
TXServerHttp /
Resource Hash
452d9d824da38ca86a1d0fd372415a56ae0a1d4f5b495e5755f2a855e23fe304

Request headers

:method
GET
:authority
clk.tradedoubler.com
:scheme
https
:path
/click?p=241105&a=1988076&g=0&EPI=7693647KA48571KL12
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457

Response headers

status
200
content-type
text/html; charset=ISO-8859-1
server
TXServerHttp
access-control-allow-origin
*
cache-control
private, max-age=0
pragma
no-cache
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy
origin
date
Thu, 18 Jun 2020 03:16:13 GMT
content-length
864
via
1.1 google
alt-svc
clear

Redirect headers

Location
https://clk.tradedoubler.com/click?p=241105&a=1988076&g=0&EPI=7693647KA48571KL12
Date
Thu, 18 Jun 2020 03:16:13 GMT
Content-Length
285
Content-Type
text/html; charset=ISO-8859-1
Via
1.1 google
prefs.js
vht.tradedoubler.com/fp/
9 KB
4 KB
Script
General
Full URL
https://vht.tradedoubler.com/fp/prefs.js
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=241105&a=1988076&g=0&EPI=7693647KA48571KL12
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.154.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-154-81.dus51.r.cloudfront.net
Software
Apache /
Resource Hash
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d

Request headers

Referer
https://clk.tradedoubler.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 14 Jun 2020 09:30:16 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Mon, 15 Oct 2018 09:28:46 GMT
Server
Apache
Age
323157
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
Cache-Control
max-age=604800, public
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-C1
X-Amz-Cf-Id
kAm04Z49zbI79OMPOYRrf8MPC3FLWGQovcpBXsitUPtw4mmPaHkAXw==
Expires
Sun, 21 Jun 2020 09:30:16 GMT
Primary Request /
www.peterhahn.be/
Redirect Chain
  • https://clk.tradedoubler.com/click?p=241105&a=1988076&g=0&EPI=7693647KA48571KL12
  • https://redir.tradedoubler.com/projectr/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e*_td_*KEEP_NEWEST&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076*_td_*KEEP_NEWEST&_td_deeplink=h...
  • https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
145 KB
25 KB
Document
General
Full URL
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=241105&a=1988076&g=0&EPI=7693647KA48571KL12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:1433 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e4e3f990d00e0134f200e463602fc7980bfa0ef5d28f98a6b8f91542976edc1
Security Headers
Name Value
Content-Security-Policy default-src *; font-src data: *; img-src data: *; script-src 'unsafe-eval' 'unsafe-inline' *; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.peterhahn.be
:scheme
https
:path
/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://clk.tradedoubler.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
https://clk.tradedoubler.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://clk.tradedoubler.com/

Response headers

status
200
date
Thu, 18 Jun 2020 03:16:14 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dd94a0dc5b26fdff9ffe7887d9ab6198e1592450174; expires=Sat, 18-Jul-20 03:16:14 GMT; path=/; domain=.peterhahn.be; HttpOnly; SameSite=Lax; Secure cartid=701305961270639664306184; expires=Thu, 16-Jul-2020 03:16:14 GMT; Max-Age=2419200; path=/; secure; httponly; samesite=lax afm=ITRAAFF130819-03%3B1988076; expires=Sat, 18-Jul-2020 03:16:14 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=lax phreferer=69a35b0d-45a6-6552-fb7e-627b64c05d07; expires=Thu, 18-Jun-2020 03:26:14 GMT; Max-Age=600; path=/; secure; httponly; samesite=lax
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cache-control
max-age=0, must-revalidate, private
x-robots-tag
index,follow
x-frame-options
SAMEORIGIN
content-security-policy
default-src *; font-src data: *; img-src data: *; script-src 'unsafe-eval' 'unsafe-inline' *; style-src 'unsafe-inline' *
x-xss-protection
1; mode=block
expires
Thu, 18 Jun 2020 03:16:14 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
03670665fe00009c395613e200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5a51d9b668299c39-AMS
content-encoding
br

Redirect headers

Cache-control
no-cache="set-cookie"
Content-Type
text/html; charset=UTF-8
Date
Thu, 18 Jun 2020 03:16:14 GMT
Location
https://www.peterhahn.be?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
Server
Apache/2.4.41 (Amazon) PHP/7.0.33
Set-Cookie
AWSELB=FF1BFB8F1C42D3E6A4BF4A0B044EDED4042A192C925C59E1947DEF1546AB5C4D570C7F9C7D52CC858A3682088BAF9956730AD534F0639998E2226FAE8D558457CAD9B6D0A7;PATH=/;MAX-AGE=30 AWSELBCORS=FF1BFB8F1C42D3E6A4BF4A0B044EDED4042A192C925C59E1947DEF1546AB5C4D570C7F9C7D52CC858A3682088BAF9956730AD534F0639998E2226FAE8D558457CAD9B6D0A7;PATH=/;MAX-AGE=30;SECURE;SAMESITE=None
X-Powered-By
PHP/7.0.33
Content-Length
1
Connection
keep-alive
/
analytics.tradedoubler.com/
0
241 B
Other
General
Full URL
https://analytics.tradedoubler.com/
Requested by
Host: vht.tradedoubler.com
URL: https://vht.tradedoubler.com/fp/prefs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.165.150.178 , France, ASN16276 (OVH, FR),
Reverse DNS
lb02.net.royalcactus.com
Software
nginx /
Resource Hash

Request headers

Referer
https://clk.tradedoubler.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 18 Jun 2020 03:16:14 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
js_visitor_settings.php
dev.visualwebsiteoptimizer.com/deploy/
4 KB
2 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=29717&url=https%3A%2F%2Fwww.peterhahn.be%2F%3Ftduid%3Dbd5f99f1dace3a8b555b0efd8a8de43e%26pmk%3DITRAAFF130819-03%3B1988076%26campaign%3Daffiliate%2Ftradedoubler%2F1988076&random=0.19187110462335566
Requested by
Host: www.peterhahn.be
URL: https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
0b14fdb07dfbad8d778a153b20f20fbcc16242fcb3bfaf92f384eb4e435e8d5f

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

status
200
date
Thu, 18 Jun 2020 03:16:14 GMT
content-encoding
gzip
server
gfra1
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via
1.1 google
content-type
application/javascript; charset=UTF-8
style_peterhahn.cc35a9ea.css
www.peterhahn.be/assets/
150 KB
24 KB
Stylesheet
General
Full URL
https://www.peterhahn.be/assets/style_peterhahn.cc35a9ea.css
Requested by
Host: www.peterhahn.be
URL: https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:1433 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e45364564c5552cee232c1a3a1fa6ed7a402a85ee1953e9f512573be7ed3452
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:16:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
133726
cf-polished
origSize=153735
status
200
vary
Accept-Encoding
cf-request-id
036706675c00009c395614e200000001
last-modified
Tue, 16 Jun 2020 13:53:55 GMT
server
cloudflare
etag
W/"25887-5a833dfcb62c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
text/css
expires
Mon, 04 Jan 2021 03:16:14 GMT
cache-control
public, max-age=17280000
cf-ray
5a51d9b899199c39-AMS
cf-bgj
minify
style_home.1a397318.css
www.peterhahn.be/assets/
12 KB
2 KB
Stylesheet
General
Full URL
https://www.peterhahn.be/assets/style_home.1a397318.css
Requested by
Host: www.peterhahn.be
URL: https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:1433 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25b650dd64090a551db1c363d217721786380649655eecf66492cbd6bd044067
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:16:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
681357
cf-polished
origSize=12557
status
200
vary
Accept-Encoding
cf-request-id
036706675c00009c395614f200000001
last-modified
Wed, 10 Jun 2020 05:54:20 GMT
server
cloudflare
etag
W/"310d-5a7b4799f7b00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
text/css
expires
Mon, 04 Jan 2021 03:16:14 GMT
cache-control
public, max-age=17280000
cf-ray
5a51d9b8991b9c39-AMS
cf-bgj
minify
style_static.b8dd6796.css
www.peterhahn.be/assets/
14 KB
3 KB
Stylesheet
General
Full URL
https://www.peterhahn.be/assets/style_static.b8dd6796.css
Requested by
Host: www.peterhahn.be
URL: https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:1433 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caa6f094703c64caa9b78ad58f67ca227200e88708af45aa27b873ef099dde51
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:16:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
133666
cf-polished
origSize=14736
status
200
vary
Accept-Encoding
cf-request-id
036706675c00009c3956150200000001
last-modified
Tue, 16 Jun 2020 13:53:55 GMT
server
cloudflare
etag
W/"3990-5a833dfcb62c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
text/css
expires
Mon, 04 Jan 2021 03:16:14 GMT
cache-control
public, max-age=17280000
cf-ray
5a51d9b8991c9c39-AMS
cf-bgj
minify
BEnl_PH_mainslider_shirtsale_1680_700
media.peterhahn.com/i/peterhahn/
84 KB
85 KB
Image
General
Full URL
https://media.peterhahn.com/i/peterhahn/BEnl_PH_mainslider_shirtsale_1680_700?w=1680
Requested by
Host: www.peterhahn.be
URL: https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Unknown /
Resource Hash
25abd4f14044ba115c0746e9da6fe370b01f3b3fa4e2c23607c6c5dbcbac0a08
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15780000; includeSubDomains ; preload
x-content-type-options
nosniff
edge-cache-tag
XMNq_Xg7z,64xQc2mve
status
200
edge-control
max-age=86400
x-req-id
kz3tvy6g3H
content-length
86431
x-xss-protection
1; mode=block
x-amp-source-height
700
server
Unknown
date
Thu, 18 Jun 2020 03:16:15 GMT
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
x-amp-source-width
1680
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Mon, 25 May 2020 09:40:21 GMT
empty.gif
www.peterhahn.be/images/
97 B
244 B
Image
General
Full URL
https://www.peterhahn.be/images/empty.gif
Requested by
Host: www.peterhahn.be
URL: https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:1433 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84fcd827680012520f08009edaaa57a82141c6bec20fd91aaab64e7275a23cd3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:16:14 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
3536583
status
200
strict-transport-security
max-age=15552000
content-length
97
cf-request-id
03670667aa00009c3956151200000001
last-modified
Thu, 07 May 2020 14:18:39 GMT
server
cloudflare
etag
"61-5a50f8e986dc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=17280000
accept-ranges
bytes
cf-ray
5a51d9b919489c39-AMS
expires
Mon, 04 Jan 2021 03:16:14 GMT
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.peterhahn.be
URL: https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:16:14 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Wed, 10 Jun 2020 17:45:48 GMT
server
cloudflare
etag
W/"5ee11c4c-3016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
5a51d9b91c93fa78-AMS
cf-request-id
03670667af0000fa7889901200000001
expires
Sat, 20 Jun 2020 03:16:14 GMT
v.gif
dev.visualwebsiteoptimizer.com/
35 B
215 B
Image
General
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=29717&d=peterhahn.be&u=DECBA3CB9D33AF7BB0CC337AB5FD3E63D&h=4a43c4c8e8f0ac1da8595a0ecfd64c76&r=0.0817225844609295
Requested by
Host: www.peterhahn.be
URL: https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1-c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jun 2020 03:16:14 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1-c
content-type
image/gif
status
200
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
LoaderPH
peterhahn.a.bigcontent.io/v1/static/
6 KB
7 KB
Image
General
Full URL
https://peterhahn.a.bigcontent.io/v1/static/LoaderPH
Requested by
Host: www.peterhahn.be
URL: https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.238.39.45 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
openresty/1.11.3 /
Resource Hash
e5b7154a38e0b6f08ecf6d8f7daa940e68a365cd9b8893fcb0867c7465699a4c

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 17 Jun 2020 21:21:15 GMT
Server
openresty/1.11.3
Age
21299
Access-Control-Allow-Methods
POST, GET, OPTIONS
x-amz-version-id
.xjapuq.lPZQ2.PJhe648td7pLN7GyLW
access-control-allow-origin
*
Edge-Control
max-age=86400
Cache-Control
max-age=1800, s-maxage=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
6448
Expires
Wed, 17 Jun 2020 21:51:15 GMT
OpenSans-Regular-webfont.f609a6a3.woff
www.peterhahn.be/assets/fonts/
83 KB
83 KB
Font
General
Full URL
https://www.peterhahn.be/assets/fonts/OpenSans-Regular-webfont.f609a6a3.woff
Requested by
Host: www.peterhahn.be
URL: https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:1433 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33637fa0826291bfe2cf8cd916c1e0e96a0e6f9f7fbb9a7e93c183e5448d1774
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.peterhahn.be/assets/style_peterhahn.cc35a9ea.css
Origin
https://www.peterhahn.be

Response headers

date
Thu, 18 Jun 2020 03:16:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
111
status
200
strict-transport-security
max-age=15552000
cf-request-id
03670667c300009c3956152200000001
last-modified
Thu, 18 Jun 2020 02:21:09 GMT
server
cloudflare
etag
W/"14bc0-5a8526dfbf665"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-woff
cache-control
public, max-age=14400
cf-ray
5a51d9b939579c39-AMS
expires
Thu, 18 Jun 2020 07:16:14 GMT
fontawesome-webfont.af6df524.woff2
www.peterhahn.be/assets/fonts/
65 KB
65 KB
Font
General
Full URL
https://www.peterhahn.be/assets/fonts/fontawesome-webfont.af6df524.woff2
Requested by
Host: www.peterhahn.be
URL: https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:1433 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.peterhahn.be/assets/style_peterhahn.cc35a9ea.css
Origin
https://www.peterhahn.be

Response headers

date
Thu, 18 Jun 2020 03:16:14 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
111
status
200
strict-transport-security
max-age=15552000
content-length
66624
cf-request-id
03670667c400009c3956153200000001
last-modified
Thu, 18 Jun 2020 02:21:09 GMT
server
cloudflare
etag
"10440-5a8526dfc1546"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
5a51d9b939589c39-AMS
expires
Thu, 18 Jun 2020 07:16:14 GMT
pa-5b1a363c29ccc50006000240.js
rum-static.pingdom.net/
6 KB
3 KB
Script
General
Full URL
https://rum-static.pingdom.net/pa-5b1a363c29ccc50006000240.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:14ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cabb2342b43f38de08f25262c14edb37156facb7cc397ab4581a6fcda85327d7

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:16:15 GMT
content-encoding
gzip
cf-cache-status
HIT
age
112
status
200
cf-request-id
0367066828000072ffb2ae6200000001
last-modified
Wed, 13 May 2020 13:49:07 GMT
server
cloudflare
etag
W/"5ebbfad3-1889"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
5a51d9b9db9372ff-AMS
expires
Thu, 18 Jun 2020 03:19:23 GMT
emos3.7535e732.js
www.peterhahn.be/assets/
25 KB
10 KB
Script
General
Full URL
https://www.peterhahn.be/assets/emos3.7535e732.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:1433 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b45d2560d79f7bfee2e64b6db0b1b508536029c97120000fc5dd25c616271178
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:16:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
681559
cf-polished
origSize=25291
status
200
vary
Accept-Encoding
cf-request-id
036706680900009c3956181200000001
last-modified
Wed, 10 Jun 2020 05:54:20 GMT
server
cloudflare
etag
W/"62cb-5a7b4799f7b00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
expires
Mon, 04 Jan 2021 03:16:14 GMT
cache-control
public, max-age=17280000
cf-ray
5a51d9b9a9b59c39-AMS
cf-bgj
minify
staticpages.df620db1.js
www.peterhahn.be/assets/
53 KB
18 KB
Script
General
Full URL
https://www.peterhahn.be/assets/staticpages.df620db1.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:1433 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71e23f8573b01f5626bb692a450cc32470bc8e75ebff79ab405a4c23de9a8efd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:16:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
71193
status
200
cf-bgj
minify
vary
Accept-Encoding
cf-request-id
036706680900009c3956182200000001
last-modified
Wed, 17 Jun 2020 07:08:03 GMT
server
cloudflare
etag
W/"d275-5a8425224bac0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
public, max-age=17280000
cf-ray
5a51d9b9a9b69c39-AMS
expires
Mon, 04 Jan 2021 03:16:14 GMT
peterhahn.44929605.js
www.peterhahn.be/assets/
172 KB
50 KB
Script
General
Full URL
https://www.peterhahn.be/assets/peterhahn.44929605.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:1433 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12458acdb951ba15abe7b4d0a24e50084d08a7738773e366adc917ec650fd805
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:16:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
14191
status
200
cf-bgj
minify
vary
Accept-Encoding
cf-request-id
036706680900009c3956183200000001
last-modified
Wed, 17 Jun 2020 15:24:10 GMT
server
cloudflare
etag
W/"2aeed-5a84940651a80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
public, max-age=17280000
cf-ray
5a51d9b9a9b79c39-AMS
expires
Mon, 04 Jan 2021 03:16:14 GMT
jquery.min.4e18d06d.js
www.peterhahn.be/assets/
87 KB
30 KB
Script
General
Full URL
https://www.peterhahn.be/assets/jquery.min.4e18d06d.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:1433 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46582e87c27668d65b6c7be67fdea099e1193d59bb1c93ef974a69d37454478f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:16:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
601841
cf-polished
origSize=89476
status
200
vary
Accept-Encoding
cf-request-id
036706680900009c3956184200000001
last-modified
Wed, 10 Jun 2020 13:21:30 GMT
server
cloudflare
etag
W/"15d84-5a7bab8d0ca80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
expires
Mon, 04 Jan 2021 03:16:14 GMT
cache-control
public, max-age=17280000
cf-ray
5a51d9b9a9b89c39-AMS
cf-bgj
minify
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
1196
date
Thu, 18 Jun 2020 02:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Thu, 18 Jun 2020 04:56:19 GMT
pwacompat.min.js
cdn.jsdelivr.net/npm/pwacompat@2.0.8/
5 KB
3 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/pwacompat@2.0.8/pwacompat.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
155e9d195d215d8f8477995a70044a3b12d1a636d9afb448eeb8bc7d2e052ebc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
Origin
https://www.peterhahn.be

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
2539323
x-cache
HIT, HIT
status
200
content-length
2467
etag
W/"145a-mavRWhTQdscf2JWdmd0fzRu2KeA"
x-served-by
cache-fra19139-FRA, cache-hhn4029-HHN
date
Thu, 18 Jun 2020 03:16:15 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
382abd67-de21-4451-b1a1-77d416e643a1
www.econda-monitor.de/l/00001634/t/
43 B
411 B
Other
General
Full URL
https://www.econda-monitor.de/l/00001634/t/382abd67-de21-4451-b1a1-77d416e643a1?v=4&emrid=AXLFbVCYm_3PyL3914l0D_VTlq0BpY8e&emsid=AXLFbVCYqJrm2Ysf3NG8NCy7hTpv6BuZ&emnc=1&emtn=1&emhost=www.peterhahn.be&tpct=2&prv=2&d=eyJ1cmwiOlsiLyIsIi8_dGR1aWQ9YmQ1Zjk5ZjFkYWNlM2E4YjU1NWIwZWZkOGE4ZGU0M2UmcG1rPUlUUkFBRkYxMzA4MTktMDM7MTk4ODA3NiZjYW1wYWlnbj1hZmZpbGlhdGUvdHJhZGVkb3VibGVyLzE5ODgwNzYiXSwiY29udGVudCI6IkJFL2luZGV4LnBocCIsInBtayI6IklUUkFBRkYxMzA4MTktMDMiLCJwbWszIjoiSVRSQUFGRjEzMDgxOS0wMyIsInBhZ2VJZCI6Ii9pbmRleC5waHAiLCJwbWsyIjoiMTk4ODA3NiIsInNpdGVpZCI6Ind3dy5wZXRlcmhhaG4uYmUiLCJjb3VudHJ5aWQiOiJCRSIsImxhbmdpZCI6Im5sIiwidWdyb3VwIjoiIiwidXNlcnR5cGUiOiJuZXVrdW5kZSIsImNhcnRpZCI6IjcwMTMwNTk2MTI3MDYzOTY2NDMwNjE4NCIsInBhZ2VjYXRlZ29yeSI6InN0YXJ0c2VpdGUiLCJoYXNoZWR2YWx1ZSI6bnVsbCwicmVmIjoiaHR0cHM6Ly9jbGsudHJhZGVkb3VibGVyLmNvbSIsInNvdXJjZSI6ImNwIiwiY2FtcGFpZ24iOiJhZmZpbGlhdGUvdHJhZGVkb3VibGVyLzE5ODgwNzYiLCJwb3N0Y29udiI6IjAiLCJzd3NoIjoiMTYwMHgxMjAwIiwidHoiOi0yLCJudCI6MCwiZW1vc1YiOiJjNTYuMSIsInNjcm9sbCI6WzAsMCwxNjAwLDEyMDAsMl19tR8
Requested by
Host: www.peterhahn.be
URL: https://www.peterhahn.be/assets/emos3.7535e732.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a00:1798:3:c00::1:1 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
econda /
Resource Hash
26bfa280dddc8e22dd6c8779a91d1d7feaa2c62b6a1fda7f6c9c95e2f0c4274f

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 18 Jun 2020 03:16:14 GMT
server
econda
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW NID PSAo PSDo OUR STP OTC"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
x-info
c0ha0020 : pool_els_c0sv0670
expires
Sat, 6 May 1995 12:00:00 GMT
gtm.js
www.googletagmanager.com/
129 KB
35 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5VCH7P
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
956f89c4c2a126a550267fcdec4afe690888a18f1679e1f8ec9893a434f520f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:16:15 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35988
x-xss-protection
0
last-modified
Thu, 18 Jun 2020 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 18 Jun 2020 03:16:15 GMT
css
fonts.googleapis.com/
1 KB
583 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Caveat&display=swap
Requested by
Host: www.peterhahn.be
URL: https://www.peterhahn.be/assets/jquery.min.4e18d06d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
880e2c027c0b462ca62e1ef7ec24698646c39863e80e6c9c46f64b78d5d05612
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 18 Jun 2020 03:16:15 GMT
server
ESF
date
Thu, 18 Jun 2020 03:16:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Jun 2020 03:16:15 GMT
382abd67-de21-4451-b1a1-77d416e643a1
www.econda-monitor.de/l/00001634/t/
43 B
411 B
Other
General
Full URL
https://www.econda-monitor.de/l/00001634/t/382abd67-de21-4451-b1a1-77d416e643a1?v=4&emrid=AXLFbVDAg9wZlc8hcEdCy5tg0pusakHv&emsid=AXLFbVCYqJrm2Ysf3NG8NCy7hTpv6BuZ&emvid=0&emnc=1&emtn=1&emhost=www.peterhahn.be&tpct=2&prv=3&d=eyJwbWsiOiJJVFJBQUZGMTMwODE5LTAzIiwicG1rMyI6IklUUkFBRkYxMzA4MTktMDMiLCJwbWsyIjoiMTk4ODA3NiIsInBhZ2VJZCI6Ii9pbmRleC5waHAiLCJjb250ZW50IjoiQkUvaW5kZXgucGhwIiwic2l0ZWlkIjoid3d3LnBldGVyaGFobi5iZSIsImNvdW50cnlpZCI6IkJFIiwibGFuZ2lkIjoibmwiLCJ1Z3JvdXAiOiIiLCJ1c2VydHlwZSI6Im5ldWt1bmRlIiwiY2FydGlkIjoiNzAxMzA1OTYxMjcwNjM5NjY0MzA2MTg0IiwicnF0eXBlIjoiaGlkZGVucGkiLCJtYXJrZXIiOiJMYXllci9kYXRlbnNjaHV0eiIsImhhc2hlZHZhbHVlIjoiTlVMTCIsInBhZ2VjYXRlZ29yeSI6InN0YXJ0c2VpdGUiLCJlbW9zViI6ImM1Ni4xIiwicGxSZXFJZCI6IkFYTEZiVkNZbV8zUHlMMzkxNGwwRF9WVGxxMEJwWThlIn16pQ
Requested by
Host: www.peterhahn.be
URL: https://www.peterhahn.be/assets/emos3.7535e732.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a00:1798:3:c00::1:1 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
econda /
Resource Hash
26bfa280dddc8e22dd6c8779a91d1d7feaa2c62b6a1fda7f6c9c95e2f0c4274f

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 18 Jun 2020 03:16:14 GMT
server
econda
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW NID PSAo PSDo OUR STP OTC"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
x-info
c0ha0020 : pool_els_c0sv0670
expires
Sat, 6 May 1995 12:00:00 GMT
empty.gif
www.peterhahn.be/images/
97 B
246 B
Image
General
Full URL
https://www.peterhahn.be/images/empty.gif
Requested by
Host: www.peterhahn.be
URL: https://www.peterhahn.be/assets/jquery.min.4e18d06d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:1433 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84fcd827680012520f08009edaaa57a82141c6bec20fd91aaab64e7275a23cd3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:16:15 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
3536584
status
200
strict-transport-security
max-age=15552000
content-length
97
cf-request-id
03670668d600009c39561b7200000001
last-modified
Thu, 07 May 2020 14:18:39 GMT
server
cloudflare
etag
"61-5a50f8e986dc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=17280000
accept-ranges
bytes
cf-ray
5a51d9bafa689c39-AMS
expires
Mon, 04 Jan 2021 03:16:15 GMT
site.webmanifest
www.peterhahn.be/
2 KB
997 B
XHR
General
Full URL
https://www.peterhahn.be/site.webmanifest
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/pwacompat@2.0.8/pwacompat.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:1433 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5359f6a7cb414e29dbc7eaaaa0d02fdd826ec9593456a82e61450c3a0e85fac8
Security Headers
Name Value
Content-Security-Policy default-src *; font-src data: *; img-src data: *; script-src 'unsafe-eval' 'unsafe-inline' *; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:16:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
vary
Accept-Encoding
cf-request-id
03670668ed00009c39561ba200000001
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/json
x-xss-protection
1; mode=block
cache-control
max-age=0, must-revalidate, private
content-security-policy
default-src *; font-src data: *; img-src data: *; script-src 'unsafe-eval' 'unsafe-inline' *; style-src 'unsafe-inline' *
cf-ray
5a51d9bb1a7b9c39-AMS
expires
Thu, 18 Jun 2020 03:16:15 GMT
mb_310_sw_128px
media.peterhahn.com/i/peterhahn/
2 KB
3 KB
Image
General
Full URL
https://media.peterhahn.com/i/peterhahn/mb_310_sw_128px
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Unknown /
Resource Hash
e130b72f94d14f29ac93279c541f2580441b7f9eb4675f4bd6750417076c9617
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15780000; includeSubDomains ; preload
x-content-type-options
nosniff
edge-cache-tag
XMNq_Xg7z,rAPeb23df
status
200
edge-control
max-age=86400
x-req-id
wNGlsZJkAT
content-length
2165
x-xss-protection
1; mode=block
x-amp-source-height
40
server
Unknown
date
Thu, 18 Jun 2020 03:16:15 GMT
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
x-amp-source-width
128
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Mon, 14 Oct 2019 11:21:53 GMT
b_507_sw_128px
media.peterhahn.com/i/peterhahn/
5 KB
6 KB
Image
General
Full URL
https://media.peterhahn.com/i/peterhahn/b_507_sw_128px
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Unknown /
Resource Hash
2c57cee448b87ff5c5c03c383c5d8d62d17ba20beca461bcf70be67329ec1026
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15780000; includeSubDomains ; preload
x-content-type-options
nosniff
edge-cache-tag
XMNq_Xg7z,PzHfhMgMk
status
200
edge-control
max-age=86400
x-req-id
XNC1VZhMws
content-length
5368
x-xss-protection
1; mode=block
x-amp-source-height
41
server
Unknown
date
Thu, 18 Jun 2020 03:16:15 GMT
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
x-amp-source-width
128
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Mon, 14 Oct 2019 10:08:33 GMT
mb_428_sw_128px
media.peterhahn.com/i/peterhahn/
1 KB
2 KB
Image
General
Full URL
https://media.peterhahn.com/i/peterhahn/mb_428_sw_128px
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Unknown /
Resource Hash
847bb952edd4a23f7a55177f4658531c93f8c20c79f123bf7f1d1a7f43554c52
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15780000; includeSubDomains ; preload
x-content-type-options
nosniff
edge-cache-tag
XMNq_Xg7z,JjeASax8B
status
200
edge-control
max-age=86400
x-req-id
U32kSm075c
content-length
1481
x-xss-protection
1; mode=block
x-amp-source-height
41
server
Unknown
date
Thu, 18 Jun 2020 03:16:15 GMT
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
x-amp-source-width
128
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Mon, 14 Oct 2019 11:20:55 GMT
mb_145_sw_128px
media.peterhahn.com/i/peterhahn/
5 KB
5 KB
Image
General
Full URL
https://media.peterhahn.com/i/peterhahn/mb_145_sw_128px
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Unknown /
Resource Hash
ae8a5a44c6253c80f44a10748f8ddbaff40be84f7f759dfe32ff24c239f1caa0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15780000; includeSubDomains ; preload
x-content-type-options
nosniff
edge-cache-tag
XMNq_Xg7z,y6ODjijsg
status
200
edge-control
max-age=86400
x-req-id
ZPgLOr1SOK
content-length
4659
x-xss-protection
1; mode=block
x-amp-source-height
41
server
Unknown
date
Thu, 18 Jun 2020 03:16:15 GMT
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
x-amp-source-width
128
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Mon, 14 Oct 2019 11:21:53 GMT
mb_223_sw_128px
media.peterhahn.com/i/peterhahn/
2 KB
2 KB
Image
General
Full URL
https://media.peterhahn.com/i/peterhahn/mb_223_sw_128px
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Unknown /
Resource Hash
c2615c0bd74a91b1c6ed61b143614d7c18ec8e1e6e17bd8ca23bd5615c0978fb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15780000; includeSubDomains ; preload
x-content-type-options
nosniff
edge-cache-tag
XMNq_Xg7z,wy7ATahHC
status
200
edge-control
max-age=86400
x-req-id
L8wsgdi8LI
content-length
1779
x-xss-protection
1; mode=block
x-amp-source-height
41
server
Unknown
date
Thu, 18 Jun 2020 03:16:15 GMT
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
x-amp-source-width
128
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Mon, 14 Oct 2019 09:36:32 GMT
mb_33_sw_128px
media.peterhahn.com/i/peterhahn/
2 KB
2 KB
Image
General
Full URL
https://media.peterhahn.com/i/peterhahn/mb_33_sw_128px
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Unknown /
Resource Hash
656b83717c1f8afcb79c9e87e25edba249acac95e904407e375c798cadb7a53d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15780000; includeSubDomains ; preload
x-content-type-options
nosniff
edge-cache-tag
XMNq_Xg7z,qFJ56ELSR
status
200
edge-control
max-age=86400
x-req-id
o1dmXvo05G
content-length
2103
x-xss-protection
1; mode=block
x-amp-source-height
41
server
Unknown
date
Thu, 18 Jun 2020 03:16:15 GMT
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
x-amp-source-width
128
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Mon, 14 Oct 2019 11:21:59 GMT
b_720_sw_128px
media.peterhahn.com/i/peterhahn/
3 KB
4 KB
Image
General
Full URL
https://media.peterhahn.com/i/peterhahn/b_720_sw_128px
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Unknown /
Resource Hash
798e7fcdea9cee555b39c0531da648f2cdb183e902af7abfc9f916fe3e59e6f4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15780000; includeSubDomains ; preload
x-content-type-options
nosniff
edge-cache-tag
XMNq_Xg7z,omqyObR1I
status
200
edge-control
max-age=86400
x-req-id
D5lJQlpfyz
content-length
3353
x-xss-protection
1; mode=block
x-amp-source-height
41
server
Unknown
date
Thu, 18 Jun 2020 03:16:15 GMT
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
x-amp-source-width
128
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Mon, 14 Oct 2019 10:08:36 GMT
BEnl_PH_kw23_20_ct3_1_444_525
media.peterhahn.com/i/peterhahn/
38 KB
39 KB
Image
General
Full URL
https://media.peterhahn.com/i/peterhahn/BEnl_PH_kw23_20_ct3_1_444_525?w=444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Unknown /
Resource Hash
1ac429aeaca2284fced65bc3a1e80c930bea10cec89cef8ff6bfdd656bd96c79
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15780000; includeSubDomains ; preload
x-content-type-options
nosniff
edge-cache-tag
XMNq_Xg7z,iEyoph5LH
status
200
edge-control
max-age=86400
x-req-id
GEiMaASl7A
content-length
39404
x-xss-protection
1; mode=block
x-amp-source-height
525
server
Unknown
date
Thu, 18 Jun 2020 03:16:15 GMT
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
x-amp-source-width
445
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Tue, 02 Jun 2020 06:58:38 GMT
BEnl_PH_kw26_20_ct3_2_410_525
media.peterhahn.com/i/peterhahn/
25 KB
25 KB
Image
General
Full URL
https://media.peterhahn.com/i/peterhahn/BEnl_PH_kw26_20_ct3_2_410_525?w=410
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Unknown /
Resource Hash
1933fa686110b3d09cb47f9b9b56b0c1c147505129434e88534c3a1f245c307d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15780000; includeSubDomains ; preload
x-content-type-options
nosniff
edge-cache-tag
XMNq_Xg7z,NEOKw3Br5
status
200
edge-control
max-age=86400
x-req-id
u-sL7BLM5W
content-length
25113
x-xss-protection
1; mode=block
x-amp-source-height
525
server
Unknown
date
Thu, 18 Jun 2020 03:16:15 GMT
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
x-amp-source-width
410
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Fri, 05 Jun 2020 13:49:18 GMT
BEnl_PH_kw25_20_ct3_3_444_525
media.peterhahn.com/i/peterhahn/
47 KB
48 KB
Image
General
Full URL
https://media.peterhahn.com/i/peterhahn/BEnl_PH_kw25_20_ct3_3_444_525?w=444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Unknown /
Resource Hash
64a76c7279f75f31a096cc0e4e087700d0fda933f9f20bcf99b9e91b7e37899d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15780000; includeSubDomains ; preload
x-content-type-options
nosniff
edge-cache-tag
XMNq_Xg7z,zkFqFbNc-
status
200
edge-control
max-age=86400
x-req-id
aRXFZJ18T3
content-length
48163
x-xss-protection
1; mode=block
x-amp-source-height
525
server
Unknown
date
Thu, 18 Jun 2020 03:16:15 GMT
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
x-amp-source-width
444
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Mon, 15 Jun 2020 13:37:01 GMT
Wnz6HAc5bAfYB2Q7ZjYYiAzcPA.woff2
fonts.gstatic.com/s/caveat/v7/
46 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/caveat/v7/Wnz6HAc5bAfYB2Q7ZjYYiAzcPA.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02b4b46ee4f61636ae6704304722e8917ad8cf2518e28cd3ee3d50084c6564e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Caveat&display=swap
Origin
https://www.peterhahn.be

Response headers

date
Mon, 08 Jun 2020 21:28:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:52:02 GMT
server
sffe
age
798442
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46976
x-xss-protection
0
expires
Tue, 08 Jun 2021 21:28:53 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&aip=1&a=1061454500&t=pageview&_s=1&dl=https%3A%2F%2Fwww.peterhahn.be%2F%3Ftduid%3Dbd5f99f1dace3a8b555b0efd8a8de43e%26pmk%3DITRAAFF130819-03%3B1...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-36826831-7&cid=372977092.1592450175&jid=1600678869&_gid=80254103.1592450175&gjid=28427203&_v=j83&z=1795041664
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-36826831-7&cid=372977092.1592450175&jid=1600678869&_v=j83&z=1795041664
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-36826831-7&cid=372977092.1592450175&jid=1600678869&_v=j83&z=1795041664&slf_rd=1&random=4003155437
42 B
106 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-36826831-7&cid=372977092.1592450175&jid=1600678869&_v=j83&z=1795041664&slf_rd=1&random=4003155437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jun 2020 03:16:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Jun 2020 03:16:15 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-36826831-7&cid=372977092.1592450175&jid=1600678869&_v=j83&z=1795041664&slf_rd=1&random=4003155437
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
beacon.gif
rum-collector-2.pingdom.net/img/
0
213 B
XHR
General
Full URL
https://rum-collector-2.pingdom.net/img/beacon.gif?id=5b1a363c29ccc50006000240&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=190&cE=226&dLE=190&dLS=190&fS=189&hS=203&rE=-1&rS=-1&reS=227&resS=559&resE=576&uEE=-1&uES=-1&dL=567&dI=741&dCLES=749&dCLEE=749&dC=886&lES=886&lEE=891&s=nt&title=Mode%20en%20merken%3A%20Online%20shoppen%20bij%20Peter%20Hahn&path=https%3A%2F%2Fwww.peterhahn.be%2F&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&sId=2vcrkiut&sST=1592450175&sIS=1&rV=0&v=1.4.1
Requested by
Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-5b1a363c29ccc50006000240.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.39.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-39-11.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Thu, 18 Jun 2020 03:16:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
fbevents.js
connect.facebook.net/en_US/
131 KB
32 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.bonusway.be
URL: https://www.bonusway.be/wachtend?userid=7693647&campaignid=48571&offerid=262457
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
31766
x-xss-protection
0
pragma
public
x-fb-debug
C4xTFVcrS+6saHEf4VtHfPiE7VCFJSyd2io73cNQyzLrhCxXAI+mks6/nrOWXc2vDrXGTYdNSNJd9qeQVYJ3hA==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 18 Jun 2020 03:16:15 GMT, Thu, 18 Jun 2020 03:16:15 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/
29 KB
11 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VCH7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
a693efa7265b630e27e537f6ba09c5558a23b9ed2f57abdbf417c237a50a5156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:16:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
server
cafe
etag
13497728949557021888
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 18 Jun 2020 03:16:15 GMT
ld.js
static.criteo.net/js/ld/
30 KB
10 KB
Script
General
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VCH7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
934fd0223cbf8ace416bfbd8313409e27e57a12ae7289a617726eb94984238ed

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:16:15 GMT
content-encoding
gzip
last-modified
Wed, 27 May 2020 13:06:59 GMT
server
nginx
etag
W/"5ece65f3-773a"
status
200
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 19 Jun 2020 03:16:15 GMT
1723889437739836
connect.facebook.net/signals/config/
516 KB
129 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1723889437739836?v=2.9.18&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8aee3a72a5775bfdec1d09e7d7b2ccc02eeaa19dd840c683c502f92f069687c5
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
131690
x-xss-protection
0
pragma
public
x-fb-debug
Pm9LApALz6s8Zo1ggKiaAJUVtqVRbcnZWeTdv5pY0ZfflkKW958EBekRBh41VOMlH5ng/P50LTvZvLJHODBBhQ==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 18 Jun 2020 03:16:15 GMT, Thu, 18 Jun 2020 03:16:15 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/971453770/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/971453770/?random=1592450175346&cv=9&fst=1592450175346&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6a0&sendb=1&ig=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fwww.peterhahn.be%2F%3Ftduid%3Dbd5f99f1dace3a8b555b0efd8a8de43e%26pmk%3DITRAAFF130819-03%3B1988076%26campaign%3Daffiliate%2Ftradedoubler%2F1988076&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Mode%20en%20merken%3A%20Online%20shoppen%20bij%20Peter%20Hahn&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e83dd4ab6ee498747a1c964d93b42e790b8123781a203a5f5f56759d4d79f5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jun 2020 03:16:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1141
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
sslwidget.criteo.com/
8 KB
4 KB
Script
General
Full URL
https://sslwidget.criteo.com/event?a=9590&v=5.6.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fclk.tradedoubler.com&p1=e%3Dvh%26is_nc%3D0&p2=e%3Ddis&adce=1&tld=peterhahn.be&dtycbr=91782
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7c7779099f2fca307996fe699f0b48bd94f38e7b31d78acaea0d42ac49c5df77

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jun 2020 03:16:14 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
timing-allow-origin
*
x-powered-by
ASP.NET
vary
Accept-Encoding
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
status
200
cache-control
no-cache
content-type
application/x-javascript
content-length
3863
expires
0
/
www.facebook.com/tr/
44 B
361 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1723889437739836&ev=PageView&dl=https%3A%2F%2Fwww.peterhahn.be%2F%3Ftduid%3Dbd5f99f1dace3a8b555b0efd8a8de43e%26pmk%3DITRAAFF130819-03%3B1988076%26campaign%3Daffiliate%2Ftradedoubler%2F1988076&rl=https%3A%2F%2Fclk.tradedoubler.com%2F&if=false&ts=1592450175381&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1592450175381.1256479766&it=1592450175330&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 03:16:15 GMT, Thu, 18 Jun 2020 03:16:15 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Thu, 18 Jun 2020 03:16:15 GMT
/
www.google.com/pagead/1p-user-list/971453770/
42 B
119 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/971453770/?random=1592450175346&cv=9&fst=1592449200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6a0&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fwww.peterhahn.be%2F%3Ftduid%3Dbd5f99f1dace3a8b555b0efd8a8de43e%26pmk%3DITRAAFF130819-03%3B1988076%26campaign%3Daffiliate%2Ftradedoubler%2F1988076&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Mode%20en%20merken%3A%20Online%20shoppen%20bij%20Peter%20Hahn&async=1&fmt=3&is_vtc=1&random=635487668&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jun 2020 03:16:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/971453770/
42 B
107 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/971453770/?random=1592450175346&cv=9&fst=1592449200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6a0&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fwww.peterhahn.be%2F%3Ftduid%3Dbd5f99f1dace3a8b555b0efd8a8de43e%26pmk%3DITRAAFF130819-03%3B1988076%26campaign%3Daffiliate%2Ftradedoubler%2F1988076&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Mode%20en%20merken%3A%20Online%20shoppen%20bij%20Peter%20Hahn&async=1&fmt=3&is_vtc=1&random=635487668&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jun 2020 03:16:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
0
84 B
Other
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryfHi04v5EH9wxVBnh

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Thu, 18 Jun 2020 03:16:15 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://www.peterhahn.be
access-control-allow-credentials
true
alt-svc
h3-27=":443"; ma=3600
content-length
0
tpe
csm.nl.eu.criteo.net/1.0/
43 B
183 B
Image
General
Full URL
https://csm.nl.eu.criteo.net/1.0/tpe?cpp=Frbe6Xx4NTY3aklYQVBpVkJwRlhBQ3ltU2VpRHJNaGpkTmhQTG4rUitBZ1p2OUFWQTdIWDhzM3k0bGxXamo4TzJ6R0hqNklEM0ZXRm1xakVJNnZLQ0s3TW1PZz09fA&cppv=2&p=%7B%22cp%22%3A%5B%7B%22c%22%3Afalse%2C%22ct%22%3A%22static%22%2C%22dlt%22%3A0%2C%22rdt%22%3A0%2C%22rpt%22%3A0%2C%22rqt%22%3A13%2C%22sct%22%3A18%2C%22tct%22%3A29%7D%2C%7B%22c%22%3Afalse%2C%22ct%22%3A%22widget%22%2C%22dlt%22%3A1%2C%22rdt%22%3A0%2C%22rpt%22%3A1%2C%22rqt%22%3A34%2C%22sct%22%3A47%2C%22tct%22%3A62%7D%5D%2C%22mtp%22%3A%7B%22cqt%22%3A0%2C%22it%22%3A6%7D%7D&dtycbr=65559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.peterhahn.be/?tduid=bd5f99f1dace3a8b555b0efd8a8de43e&pmk=ITRAAFF130819-03;1988076&campaign=affiliate/tradedoubler/1988076
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jun 2020 03:16:18 GMT
server
Finatra
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
content-length
43
expires
0

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate number| _vis_opt_account_id string| _vis_opt_url string| _vis_opt_protocol number| _vwo_acc_id object| _vwo_exp_ids object| _vwo_exp string| _vwo_cookieDomain string| _vwo_uuid string| _vwo_lib_cb string| _vwo_mt string| _vwo_tm object| vwo_iehack_queue object| VWO object| __cfQR string| gaProperty string| disableStr function| gaOptout string| GoogleAnalyticsObject function| ga string| country string| language string| language_default object| googleMaps string| spinner function| initGTM object| dataLayer object| ffsuggesttranslation string| channel object| cookiesDirective function| econdamarker object| emospro object| emos3 string| layerPageCategory boolean| __cfRLUnblockHandlers function| $ function| jQuery object| webpackJsonp function| ff_tracking object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| fbq function| _fbq function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| criteo_q object| TrackersTimingCallType function| MakeTrackersTimingRecord function| CsmLogger object| criteo_perf_q

5 Cookies

Domain/Path Name / Value
.peterhahn.be/ Name: _vwo_uuid_v2
Value: DECBA3CB9D33AF7BB0CC337AB5FD3E63D|4a43c4c8e8f0ac1da8595a0ecfd64c76
www.peterhahn.be/ Name: phreferer
Value: 69a35b0d-45a6-6552-fb7e-627b64c05d07
www.peterhahn.be/ Name: afm
Value: ITRAAFF130819-03%3B1988076
www.peterhahn.be/ Name: cartid
Value: 701305961270639664306184
.peterhahn.be/ Name: __cfduid
Value: dd94a0dc5b26fdff9ffe7887d9ab6198e1592450174

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
analytics.tradedoubler.com
api.bonusway.com
app.dialoginsight.com
cdn.jsdelivr.net
clk.tradedoubler.com
connect.facebook.net
csm.nl.eu.criteo.net
d289b99uqa0t82.cloudfront.net
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
media.peterhahn.com
peterhahn.a.bigcontent.io
redir.tradedoubler.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
sdk.amazonaws.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
vht.tradedoubler.com
www.bonusway.be
www.econda-monitor.de
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.peterhahn.be
13.226.154.19
13.226.154.44
13.226.154.81
143.204.202.13
172.217.22.66
178.250.2.150
178.250.2.151
188.165.150.178
208.91.248.7
2600:9000:2182:4000:12:13a9:7c80:21
2606:4700:10::6814:14ef
2606:4700::6810:1433
2606:4700::6810:84e5
2a00:1450:4001:800::2002
2a00:1450:4001:802::200a
2a00:1450:4001:806::2004
2a00:1450:4001:809::2003
2a00:1450:4001:818::2003
2a00:1450:4001:81b::200e
2a00:1450:4001:825::2008
2a00:1450:400c:c00::9b
2a00:1798:3:c00::1:1
2a02:2638:1::3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::621
34.254.39.11
34.95.109.120
34.96.102.137
63.33.85.46
67.27.157.250
8.238.39.45
02b4b46ee4f61636ae6704304722e8917ad8cf2518e28cd3ee3d50084c6564e6
0b14fdb07dfbad8d778a153b20f20fbcc16242fcb3bfaf92f384eb4e435e8d5f
0e4e3f990d00e0134f200e463602fc7980bfa0ef5d28f98a6b8f91542976edc1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12458acdb951ba15abe7b4d0a24e50084d08a7738773e366adc917ec650fd805
13486d14a047d3f4f235627dc536ea22098fc1f958d0c3efa4b3f34b6798e639
155e9d195d215d8f8477995a70044a3b12d1a636d9afb448eeb8bc7d2e052ebc
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d
1933fa686110b3d09cb47f9b9b56b0c1c147505129434e88534c3a1f245c307d
1ac429aeaca2284fced65bc3a1e80c930bea10cec89cef8ff6bfdd656bd96c79
1e7a32324d85d6f2d9610fe152ba4b1e79fe9235301ecb2ed38f526139ff28d9
25abd4f14044ba115c0746e9da6fe370b01f3b3fa4e2c23607c6c5dbcbac0a08
25b650dd64090a551db1c363d217721786380649655eecf66492cbd6bd044067
26bfa280dddc8e22dd6c8779a91d1d7feaa2c62b6a1fda7f6c9c95e2f0c4274f
2c57cee448b87ff5c5c03c383c5d8d62d17ba20beca461bcf70be67329ec1026
325a5439bbec33ae6e2bd2cdf5f35738dc745bb534017f337eccb4ec459ce67e
33637fa0826291bfe2cf8cd916c1e0e96a0e6f9f7fbb9a7e93c183e5448d1774
4054e0e08281cafe72746e44584aad43cc2fae4327e003a53f52558cb722e3f4
452d9d824da38ca86a1d0fd372415a56ae0a1d4f5b495e5755f2a855e23fe304
46582e87c27668d65b6c7be67fdea099e1193d59bb1c93ef974a69d37454478f
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5359f6a7cb414e29dbc7eaaaa0d02fdd826ec9593456a82e61450c3a0e85fac8
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5e45364564c5552cee232c1a3a1fa6ed7a402a85ee1953e9f512573be7ed3452
5e83dd4ab6ee498747a1c964d93b42e790b8123781a203a5f5f56759d4d79f5f
64a76c7279f75f31a096cc0e4e087700d0fda933f9f20bcf99b9e91b7e37899d
64cb5e99243c8b9a0d71e64d9ad335bce15b608622e04dc7ebc459719024ed6e
656b83717c1f8afcb79c9e87e25edba249acac95e904407e375c798cadb7a53d
71e23f8573b01f5626bb692a450cc32470bc8e75ebff79ab405a4c23de9a8efd
78127fd60c41910a8d49e551938b6abf72b4c340d6ae0d8fff06c3290862b906
781f984879e738f5a9eeea553216a1828a96b286d586575482d243a2928e271f
798e7fcdea9cee555b39c0531da648f2cdb183e902af7abfc9f916fe3e59e6f4
7c7779099f2fca307996fe699f0b48bd94f38e7b31d78acaea0d42ac49c5df77
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847bb952edd4a23f7a55177f4658531c93f8c20c79f123bf7f1d1a7f43554c52
84fcd827680012520f08009edaaa57a82141c6bec20fd91aaab64e7275a23cd3
880e2c027c0b462ca62e1ef7ec24698646c39863e80e6c9c46f64b78d5d05612
8aee3a72a5775bfdec1d09e7d7b2ccc02eeaa19dd840c683c502f92f069687c5
8b67ffa5bcc69b72e1fd971de44ff6e71b379f039adc48eec47bb678bb619d15
934fd0223cbf8ace416bfbd8313409e27e57a12ae7289a617726eb94984238ed
956f89c4c2a126a550267fcdec4afe690888a18f1679e1f8ec9893a434f520f3
95a97863a95700781128192d4b1ff2a1bc71f66d83c10c9c8267bc53646e1228
96b2a8727314dc37aa534061e3357c27513b2c53daf5a183d35a52c194431b71
9a047ff7ee43975e57dc39d0812407b6c31f30fb5f6c6781af250ba4b418e6e1
9a9636f7107e19d190302530d8d5bbb0b6f6999352260fa1bd38b56c2ea490af
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a693efa7265b630e27e537f6ba09c5558a23b9ed2f57abdbf417c237a50a5156
a83533ecfb7e1496c22c2dfc082ec86a04d69bfbc4f53970d25d5117f8522372
adcc82d3181ad467c6e1153bf4bf1c7458b835565b51abdddd791a8cbd21d2e2
ae8a5a44c6253c80f44a10748f8ddbaff40be84f7f759dfe32ff24c239f1caa0
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b45d2560d79f7bfee2e64b6db0b1b508536029c97120000fc5dd25c616271178
b73c7391f692794e2f05903eb8d9bbe04f00a2657343eef48c3a6f205a013054
b7dce684d8b08873daf9185a1db8d193f540e800513e15a9304e60a7089277ce
c2615c0bd74a91b1c6ed61b143614d7c18ec8e1e6e17bd8ca23bd5615c0978fb
c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc
caa6f094703c64caa9b78ad58f67ca227200e88708af45aa27b873ef099dde51
cabb2342b43f38de08f25262c14edb37156facb7cc397ab4581a6fcda85327d7
d352f572f9160097eb523ce7b2d49976d45e9411ded1134bec3b87cd5b929f42
de07748e3baa211e5c67b7c3a3600a5aca1a88fa4918f9952a812454a958ca72
e130b72f94d14f29ac93279c541f2580441b7f9eb4675f4bd6750417076c9617
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b7154a38e0b6f08ecf6d8f7daa940e68a365cd9b8893fcb0867c7465699a4c
e844ec595f83ad9fd41131c4e1d65e828f6f5628667cce9d564f4aebab465cb4
ea9a4e06213e879471231156993f0df9b7c384d4d63f4a8d224efe88d299d063
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6e5c9d718df0e05c7bbfa84f1ac7cdb45f74dda677aae2986313525a820728e
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
ff0cf5022dd57c13099cde26c91de999ff3e6004e595999a775c7a90af8e0ab9
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995