www.essent.be Open in urlscan Pro
76.223.71.181 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://news.gelukkigepromoties.be/6972/eyJpZENsaSI6IjMyNDYiLCJpZENhbXAiOjk5ODM1NjIsImNvZCI6MzMxMjc2NTQ1LCJjYXQiOiI1MzY4NzA5MTIiLCJ...
Effective URL:
https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505...
Submission: On February 28 via api (February 28th 2020, 9:20:30 am UTC) from BE

Summary HTTP 48 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 23 IPs in 6 countries across 19 domains to perform 48 HTTP transactions. The main IP is 76.223.71.181, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is www.essent.be.
TLS certificate: Issued by Amazon on July 25th 2019. Valid for: a year.

This is the only time www.essent.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	188.95.250.153 188.95.250.153	197518 (RACKMARKT) (RACKMARKT)
2 3	2.23.65.48 2.23.65.48	16625 (AKAMAI-AS) (AKAMAI-AS)
10	76.223.71.181 76.223.71.181	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
2	151.101.112.175 151.101.112.175	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
2 8	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
3 4	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:e00:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
3 3	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
3 5	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
2	52.215.118.71 52.215.118.71	16509 (AMAZON-02) (AMAZON-02)
1	151.101.12.175 151.101.12.175	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
2 4	104.16.84.55 104.16.84.55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.74.113 104.18.74.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.194.157.205 54.194.157.205	16509 (AMAZON-02) (AMAZON-02)
1	104.18.73.113 104.18.73.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
48	23

1 188.95.250.153 (Spain) 1 redirects

ASN197518 (RACKMARKT, ES)
PTR: ds.adviceespana.com

news.gelukkigepromoties.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.23.65.48 (Ascension Island) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-65-48.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zenaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 76.223.71.181 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a50e171bb7c2d4990.awsglobalaccelerator.com

www.essent.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.112.175 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:821::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.134 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net

6229194.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:e00:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9c (Brussels, Belgium) 3 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.118.71 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-118-71.eu-west-1.compute.amazonaws.com

the.sciencebehindecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.175 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.84.55 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

v2.zopim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.74.113 (United States)

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.157.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-157-205.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.73.113 (United States)

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	essent.be www.essent.be	917 KB
9	doubleclick.net 6 redirects 6229194.fls.doubleclick.net ad.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	5 KB
8	google-analytics.com 2 redirects www.google-analytics.com	47 KB
6	google.com 3 redirects adservice.google.com www.google.com	924 B
5	google.de www.google.de	547 B
4	zopim.com 2 redirects v2.zopim.com	247 KB
4	krxd.net cdn.krxd.net consumer.krxd.net beacon.krxd.net	87 KB
3	gstatic.com fonts.gstatic.com	33 KB
2	zdassets.com static.zdassets.com ekr.zdassets.com	8 KB
2	sciencebehindecommerce.com the.sciencebehindecommerce.com	6 KB
2	googleadservices.com www.googleadservices.com	20 KB
2	zenaps.com 1 redirects www.zenaps.com	756 B
1	ytimg.com s.ytimg.com	10 KB
1	dwin1.com www.dwin1.com	9 KB
1	youtube.com www.youtube.com	923 B
1	googletagmanager.com www.googletagmanager.com	72 KB
1	googleapis.com fonts.googleapis.com	847 B
1	awin1.com 1 redirects www.awin1.com	1008 B
1	gelukkigepromoties.be 1 redirects news.gelukkigepromoties.be	228 B
48	19

	Domain	Requested by
10	www.essent.be	www.essent.be
8	www.google-analytics.com	2 redirects www.googletagmanager.com www.google-analytics.com www.essent.be
5	www.google.de	www.essent.be
5	www.google.com	3 redirects www.essent.be
4	v2.zopim.com	2 redirects v2.zopim.com
3	stats.g.doubleclick.net	3 redirects
3	fonts.gstatic.com	www.essent.be
2	googleads.g.doubleclick.net	www.googleadservices.com
2	the.sciencebehindecommerce.com	www.essent.be the.sciencebehindecommerce.com
2	ad.doubleclick.net	2 redirects
2	www.googleadservices.com	www.googletagmanager.com
2	6229194.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	cdn.krxd.net	www.essent.be cdn.krxd.net
2	www.zenaps.com	1 redirects www.essent.be
1	ekr.zdassets.com	static.zdassets.com
1	beacon.krxd.net	cdn.krxd.net
1	static.zdassets.com
1	consumer.krxd.net	cdn.krxd.net
1	s.ytimg.com	www.youtube.com
1	adservice.google.com	www.essent.be
1	www.dwin1.com	www.googletagmanager.com
1	www.youtube.com	www.essent.be
1	www.googletagmanager.com	www.essent.be
1	fonts.googleapis.com	www.essent.be
1	www.awin1.com	1 redirects
1	news.gelukkigepromoties.be	1 redirects
48	26

This site contains links to these domains. Also see Links.

Domain
ketelonderhoud.essent.be
deals.essent.be
lifebyessent.be
pers.essent.be
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
essent.be Amazon	`2019-07-25` - `2020-08-25`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.c.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-08-23` - `2020-08-23`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.dwin1.com Amazon	`2020-01-01` - `2021-02-01`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2019-03-22` - `2020-06-20`	a year	crt.sh
tag.device9.com Go Daddy Secure Certificate Authority - G2	`2019-07-19` - `2020-09-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.zdassets.com Sectigo RSA Domain Validation Secure Server CA	`2019-06-25` - `2021-05-31`	2 years	crt.sh
beacon.krxd.net DigiCert SHA2 Secure Server CA	`2020-01-30` - `2021-01-30`	a year	crt.sh
*.zopim.com COMODO RSA Domain Validation Secure Server CA	`2017-12-06` - `2020-12-29`	3 years	crt.sh

This page contains 6 frames:

Primary Page: https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6
Frame ID: 1460B81C33B3C421623AC430FAB03809
Requests: 45 HTTP requests in this frame

Frame: https://6229194.fls.doubleclick.net/activityi;dc_pre=COy55sH18-cCFRzjuwgdzcQFqQ;src=6229194;type=rmkt;cat=landi0;ord=237014103627;gtm=2wg2j0;auiddc=53862173.1582881612;~oref=https%3A%2F%2Fwww.essent.be%2Fnl%2Fprive%2Fbolactie%3Futm_source%3Dzanox%26utm_medium%3Daffiliate_tekstlink%26awc%3D8426_1582881611_93809cf505fe1f92f46a0dba31474cd6
Frame ID: C3E68F5088218CBB0EF78098B8132087
Requests: 1 HTTP requests in this frame

Frame: https://www.zenaps.com/alt.php?mid=8426&sv=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6
Frame ID: D2DD284D6BCC7FE10F95FF727777F976
Requests: 1 HTTP requests in this frame

Frame: https://v2.zopim.com/lib/20200211.083089/__$$__stringtable_lang_nl.js
Frame ID: DA101FADA35589E86372D357C992503A
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 0D9E3930340117A4C7F92FC1C724914D
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: CFE3123457470392E455E889A51B0B13
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://news.gelukkigepromoties.be/6972/eyJpZENsaSI6IjMyNDYiLCJpZENhbXAiOjk5ODM1NjIsImNvZCI6MzMxMjc2NTQ1LCJjYXQ... HTTP 302
https://www.awin1.com/cread.php?s=2371808&v=8426&q=361653&r=609415 HTTP 302
https://www.zenaps.com/rclick.php?mid=8426&c_len=2592000&c_ts=1582881611&c_cnt=609415%7C361653%7C23... HTTP 302
https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1... Page URL

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Drupal(?:\s([\d.]+))?/i
headers expires /19 Nov 1978/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Drupal(?:\s([\d.]+))?/i
headers expires /19 Nov 1978/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Zendesk Chat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

script /v2\.zopim\.com/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

48
Requests

100 %
HTTPS

50 %
IPv6

19
Domains

26
Subdomains

23
IPs

6
Countries

1472 kB
Transfer

3481 kB
Size

0
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://ketelonderhoud.essent.be/
Title: Ketelonderhoud

Search URL Search Domain Scan URL

URL: https://deals.essent.be/nl/overview-particulier
Title: Klantvoordelen

Search URL Search Domain Scan URL

URL: https://deals.essent.be/nl/overview-zakelijk
Title: Klantenvoordelen

Search URL Search Domain Scan URL

URL: http://lifebyessent.be/nl
Title: Blog Life by Essent

Search URL Search Domain Scan URL

URL: https://pers.essent.be/
Title: Voor de pers

Search URL Search Domain Scan URL

URL: https://twitter.com/essentbe
Title: Via Twitter @EssentBe

Search URL Search Domain Scan URL

URL: https://www.facebook.com/EssentBE/
Title: Via Facebook Post je bericht

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://news.gelukkigepromoties.be/6972/eyJpZENsaSI6IjMyNDYiLCJpZENhbXAiOjk5ODM1NjIsImNvZCI6MzMxMjc2NTQ1LCJjYXQiOiI1MzY4NzA5MTIiLCJjbnQiOiJCRUwiLCJsaXN0IjoibGlzdF9CZWxnaXVtIiwiZW1haWwiOiJnaWxiZXJ0LmJhdXdlbnNAdGVsZW5ldC5iZSJ9 HTTP 302
https://www.awin1.com/cread.php?s=2371808&v=8426&q=361653&r=609415 HTTP 302
https://www.zenaps.com/rclick.php?mid=8426&c_len=2592000&c_ts=1582881611&c_cnt=609415%7C361653%7C2371808%7C1582881611%7C%7Caw%7C0&ir=85077521-5a0b-11ea-8b88-692d0ebeab44&pr=https%3A%2F%2Fwww.essent.be%2Fnl%2Fprive%2Fbolactie%3Futm_source%3Dzanox%26utm_medium%3Daffiliate_tekstlink%26awc%3D8426_1582881611_93809cf505fe1f92f46a0dba31474cd6&bId=HLEX_5e58db4b8501f5.33402284&cookie=1&c_d=zenaps.com HTTP 302
https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://6229194.fls.doubleclick.net/activityi;src=6229194;type=rmkt;cat=landi0;ord=237014103627;gtm=2wg2j0;auiddc=53862173.1582881612;~oref=https%3A%2F%2Fwww.essent.be%2Fnl%2Fprive%2Fbolactie%3Futm_source%3Dzanox%26utm_medium%3Daffiliate_tekstlink%26awc%3D8426_1582881611_93809cf505fe1f92f46a0dba31474cd6 HTTP 302
https://6229194.fls.doubleclick.net/activityi;dc_pre=COy55sH18-cCFRzjuwgdzcQFqQ;src=6229194;type=rmkt;cat=landi0;ord=237014103627;gtm=2wg2j0;auiddc=53862173.1582881612;~oref=https%3A%2F%2Fwww.essent.be%2Fnl%2Fprive%2Fbolactie%3Futm_source%3Dzanox%26utm_medium%3Daffiliate_tekstlink%26awc%3D8426_1582881611_93809cf505fe1f92f46a0dba31474cd6

Request Chain 20

https://ad.doubleclick.net/ddm/activity/src=9732598;type=invmedia;cat=visit0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?gtmcb=1156040849 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9732598;dc_pre=CLys6cH18-cCFVO5TwoduNQLHg;type=invmedia;cat=visit0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?gtmcb=1156040849 HTTP 302
https://adservice.google.com/ddm/fls/z/src=9732598;dc_pre=CLys6cH18-cCFVO5TwoduNQLHg;type=invmedia;cat=visit0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?gtmcb=1156040849

Request Chain 27

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-12071421-5&cid=1279922048.1582881612&jid=935179681&gjid=1191836665&_gid=1589895207.1582881612&_u=aGBAgEArQ~&z=1473842733 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12071421-5&cid=1279922048.1582881612&jid=935179681&_v=j81&z=1473842733 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12071421-5&cid=1279922048.1582881612&jid=935179681&_v=j81&z=1473842733&slf_rd=1&random=771924118

Request Chain 30

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1797695219&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.essent.be%2Fnl%2Fprive%2Fbolactie%3Futm_source%3Dzanox%26utm_medium%3Daffiliate_tekstlink%26awc%3D8426_1582881611_93809cf505fe1f92f46a0dba31474cd6&ul=en-us&de=UTF-8&dt=Verwen%20jezelf%20met%20onze%20energie%20en%20...%20een%20cadeau%20naar%20keuze!%20-%20priv%C3%A9%20%7C%20Essent&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Header&ea=Impression&el=bolactie_2.jpg&exp=vDRESy21SEqlKGWMFKv1YA.0&_u=aHDAAEArQ~&jid=1707938583&gjid=1837031169&cid=1279922048.1582881612&tid=UA-12071421-5&_gid=1589895207.1582881612&_r=1&gtm=2wg2j0N4HRJQN&cd1=hh&cd10=false&z=468962387 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12071421-5&cid=1279922048.1582881612&jid=1707938583&_gid=1589895207.1582881612&gjid=1837031169&_v=j81&z=468962387 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12071421-5&cid=1279922048.1582881612&jid=1707938583&_v=j81&z=468962387 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12071421-5&cid=1279922048.1582881612&jid=1707938583&_v=j81&z=468962387&slf_rd=1&random=3740620601

Request Chain 37

https://v2.zopim.com/?483vrpLWPmLwXhx9LsIwdYJtOdmSrdYO HTTP 302
https://static.zdassets.com/ekr/asset_composer.js

Request Chain 44

https://v2.zopim.com/w?483vrpLWPmLwXhx9LsIwdYJtOdmSrdYO HTTP 302
https://v2.zopim.com/bin/v/widget_v2.326.js

Request Chain 48

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1797695219&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.essent.be%2Fnl%2Fprive%2Fbolactie%3Futm_source%3Dzanox%26utm_medium%3Daffiliate_tekstlink%26awc%3D8426_1582881611_93809cf505fe1f92f46a0dba31474cd6&ul=en-us&de=UTF-8&dt=Verwen%20jezelf%20met%20onze%20energie%20en%20...%20een%20cadeau%20naar%20keuze!%20-%20priv%C3%A9%20%7C%20Essent&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Consent%20Level&ea=Cookiewall%20visible&_u=aHDAAEArQ~&jid=1948301449&gjid=1464631325&cid=314808770.1582881615&tid=UA-12071421-5&_gid=599875223.1582881615&_r=1&gtm=2wg2j0N4HRJQN&cd1=hh&cd10=false&z=1133153405 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12071421-5&cid=314808770.1582881615&jid=1948301449&_gid=599875223.1582881615&gjid=1464631325&_v=j81&z=1133153405 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12071421-5&cid=314808770.1582881615&jid=1948301449&_v=j81&z=1133153405 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12071421-5&cid=314808770.1582881615&jid=1948301449&_v=j81&z=1133153405&slf_rd=1&random=503424810

48 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request bolactie Show response
www.essent.be/nl/prive/
Redirect Chain

http://news.gelukkigepromoties.be/6972/eyJpZENsaSI6IjMyNDYiLCJpZENhbXAiOjk5ODM1NjIsImNvZCI6MzMxMjc2NTQ1LCJjYXQiOiI1MzY4NzA5MTIiLCJjbnQiOiJCRUwiLCJsaXN0IjoibGlzdF9CZWxnaXVtIiwiZW1haWwiOiJnaWxiZXJ0Lm...
https://www.awin1.com/cread.php?s=2371808&v=8426&q=361653&r=609415
https://www.zenaps.com/rclick.php?mid=8426&c_len=2592000&c_ts=1582881611&c_cnt=609415%7C361653%7C2371808%7C1582881611%7C%7Caw%7C0&ir=85077521-5a0b-11ea-8b88-692d0ebeab44&pr=https%3A%2F%2Fwww.essent...
https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6

47 KB
12 KB

712ms
580ms

Document
text/html

76.223.71.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.71.181 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a50e171bb7c2d4990.awsglobalaccelerator.com

Software

Apache /

Resource Hash

de5ecfbee9bd5941e5c989bdbc189dbf59e816694e99cd7886926578e1ad0b8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.essent.be
:scheme: https
:path: /nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 28 Feb 2020 09:20:11 GMT
content-type: text/html; charset=UTF-8
content-length: 10253
set-cookie: AWSALB=8dcyZUUVZw3I8ziskVLbGUYOmAg7eZ6Wcdw2b4D2Vsf38Mh+2oxyk1Juz9533cQO2JGb0X18ndBcDSNhoCvB8jlyPDkV+/4VDExcGUpaDtKn/qWsgkGK9FCSMtf5; Expires=Fri, 06 Mar 2020 09:20:11 GMT; Path=/ AWSALBCORS=8dcyZUUVZw3I8ziskVLbGUYOmAg7eZ6Wcdw2b4D2Vsf38Mh+2oxyk1Juz9533cQO2JGb0X18ndBcDSNhoCvB8jlyPDkV+/4VDExcGUpaDtKn/qWsgkGK9FCSMtf5; Expires=Fri, 06 Mar 2020 09:20:11 GMT; Path=/; SameSite=None; Secure clientLanguage=nl; expires=Wed, 26-Aug-2020 09:20:11 GMT; Max-Age=15552000; path=/; secure; httponly; samesite=none currentSegment=hh; expires=Wed, 26-Aug-2020 09:20:11 GMT; Max-Age=15552000; path=/; secure; httponly; samesite=none dealerCurrent=%7B%22name%22%3Anull%2C%22ownerId%22%3A%22dd2c9993443cdc7dbaa63c2dba1368f47f909333f84f%22%2C%22priceComparisonAgent%22%3Anull%2C%22roles%22%3Anull%7D; expires=Mon, 02-Mar-2020 09:20:11 GMT; Max-Age=259200; path=/; secure; httponly; samesite=none dealerFirstVisit=dd2c9993443cdc7dbaa63c2dba1368f47f909333f84f; expires=Sun, 29-Mar-2020 09:20:11 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none SSESS68e2a595f6f36ad8ca9251b61db27d1a=j6y53pF1Hk5vij4VwDAl5MEE6tX7JdlJZI5p6wytkkA; expires=Sun, 22-Mar-2020 12:53:31 GMT; Max-Age=2000000; path=/; domain=.www.essent.be; secure; HttpOnly
server: Apache
strict-transport-security: max-age=63072000
x-content-type-options: nosniff nosniff
cache-control: no-cache, private no-cache, private no-cache, private no-cache, private max-age=300, public
x-drupal-dynamic-cache: UNCACHEABLE
link: <https://www.essent.be/nl/prive/bolactie>; rel="canonical" <https://www.essent.be/nl/prive/bolactie>; rel="alternate"; hreflang="nl" <https://www.essent.be/nl/prive/bolactie>; rel="alternate"; hreflang="nl-be" <https://www.essent.be/fr/node/1581>; rel="alternate"; hreflang="fr-be" <https://www.essent.be/de/node/1581>; rel="alternate"; hreflang="de-be" <https://www.essent.be/nl/prive/bolactie>; rel="revision"
x-ua-compatible: IE=edge
content-language: nl
x-frame-options: SAMEORIGIN
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Fri, 28 Feb 2020 09:20:11 GMT
etag: "1582881611-gzip"
vary: Cookie,Accept-Encoding
x-generator: Drupal 8 (https://www.drupal.org)
content-encoding: gzip

Redirect headers

Allow: GET
Location: https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Content-Length: 0
Date: Fri, 28 Feb 2020 09:20:11 GMT
Connection: keep-alive
Set-Cookie: aw8426=609415|361653|2371808|1582881611||aw|0;domain=.zenaps.com;path=/;expires=Sunday, 29-Mar-2020 09:20:11 UTC;Secure;SameSite=None bId=HLEX_5e58db4b8501f5.33402284;domain=.zenaps.com;path=/;expires=Saturday, 27-Feb-2021 09:20:11 UTC;Secure;SameSite=None
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
H2 200 css
fonts.googleapis.com/ 7 KB
847 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,700&display=swap

Requested by

Host: www.essent.be
URL: https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

101051ed51b3cfd13d875e0936f70a8d185c2bab4bef1b929d4e362d8eaad5e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Feb 2020 09:20:12 GMT
server: ESF
date: Fri, 28 Feb 2020 09:20:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Feb 2020 09:20:12 GMT

GET
H2 200 css_mhQEBDs8ytpcfJsrWnLfGeLEi5YJESw_p-y-5wDiSlk.css
www.essent.be/sites/default/files/css/ 9 KB
3 KB 53ms
52ms Stylesheet
text/css 76.223.71.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.essent.be/sites/default/files/css/css_mhQEBDs8ytpcfJsrWnLfGeLEi5YJESw_p-y-5wDiSlk.css

Requested by

Host: www.essent.be
URL: https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.71.181 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a50e171bb7c2d4990.awsglobalaccelerator.com

Software

Apache /

Resource Hash

9a1404043b3ccada5c7c9b2b5a72df19e2c48b9609112c3fa7ecbee700e24a59

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 28 Feb 2020 09:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Feb 2020 21:10:10 GMT
server: Apache
vary: Accept-encoding
content-type: text/css
status: 200
cache-control: max-age=7776000
strict-transport-security: max-age=63072000
accept-ranges: bytes
content-length: 2396
expires: Thu, 28 May 2020 09:20:12 GMT

GET
H2 200 css_xyPPHKf7HkqOe0TcB4SiKBmgwqHQzhYqqkpoIOUWO4M.css
www.essent.be/sites/default/files/css/ 276 KB
44 KB 83ms
83ms Stylesheet
text/css 76.223.71.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.essent.be/sites/default/files/css/css_xyPPHKf7HkqOe0TcB4SiKBmgwqHQzhYqqkpoIOUWO4M.css

Requested by

Host: www.essent.be
URL: https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.71.181 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a50e171bb7c2d4990.awsglobalaccelerator.com

Software

Apache /

Resource Hash

c723cf1ca7fb1e4a8e7b44dc0784a22819a0c2a1d0ce162aaa4a6820e5163b83

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 28 Feb 2020 09:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Feb 2020 21:10:07 GMT
server: Apache
vary: Accept-encoding
content-type: text/css
status: 200
cache-control: max-age=7776000
strict-transport-security: max-age=63072000
accept-ranges: bytes
content-length: 44676
expires: Thu, 28 May 2020 09:20:12 GMT

GET
H2 200 js_viGAx0ohrclMqXGHmaSDk05BNtA1XooI3XQHqBLS6FU.js Show response
www.essent.be/sites/default/files/js/ 8 KB
3 KB 87ms
86ms Script
text/javascript 76.223.71.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.essent.be/sites/default/files/js/js_viGAx0ohrclMqXGHmaSDk05BNtA1XooI3XQHqBLS6FU.js

Requested by

Host: www.essent.be
URL: https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.71.181 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a50e171bb7c2d4990.awsglobalaccelerator.com

Software

Apache /

Resource Hash

be2180c74a21adc94ca9718799a483934e4136d0355e8a08dd7407a812d2e855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 09:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Feb 2020 21:10:11 GMT
server: Apache
vary: Accept-encoding
content-type: text/javascript
status: 200
cache-control: max-age=7776000
strict-transport-security: max-age=63072000
accept-ranges: bytes
content-length: 2410
expires: Thu, 28 May 2020 09:20:12 GMT

GET
H2 200 logo.svg
www.essent.be/themes/essent/ 3 KB
2 KB 47ms
47ms Image
image/svg+xml 76.223.71.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.essent.be/themes/essent/logo.svg

Requested by

Host: www.essent.be
URL: https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.71.181 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a50e171bb7c2d4990.awsglobalaccelerator.com

Software

Apache /

Resource Hash

215612f81f99fd1c99e58544cf96806829955d7216f3b2e79b44b139f430f087

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 09:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Feb 2020 14:18:31 GMT
server: Apache
strict-transport-security: max-age=63072000
content-type: image/svg+xml
status: 200
cache-control: max-age=7776000
accept-ranges: bytes
vary: Accept-Encoding
content-length: 1558
expires: Thu, 28 May 2020 09:20:12 GMT

GET
H2 200 logo_bol.png
www.essent.be/sites/default/files/uploads/images/ 10 KB
11 KB 56ms
55ms Image
image/png 76.223.71.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.essent.be/sites/default/files/uploads/images/logo_bol.png

Requested by

Host: www.essent.be
URL: https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.71.181 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a50e171bb7c2d4990.awsglobalaccelerator.com

Software

Apache /

Resource Hash

c8b78634013e2a70d15d24868eaaeb003ee51d3a7f34925845987ec17228b2b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 09:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 14 Jan 2020 22:30:19 GMT
server: Apache
strict-transport-security: max-age=63072000
content-type: image/png
status: 200
cache-control: max-age=7776000
accept-ranges: bytes
vary: Accept-Encoding
content-length: 10380
expires: Thu, 28 May 2020 09:20:12 GMT

GET
H2 200 bol_image.png
www.essent.be/sites/default/files/uploads/images/ 113 KB
113 KB 65ms
65ms Image
image/png 76.223.71.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.essent.be/sites/default/files/uploads/images/bol_image.png

Requested by

Host: www.essent.be
URL: https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.71.181 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a50e171bb7c2d4990.awsglobalaccelerator.com

Software

Apache /

Resource Hash

121ba11bf9dff50337ea26384da9144a974307529d4c805e2677076dfe25cdbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 09:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 14 Jan 2020 22:30:20 GMT
server: Apache
strict-transport-security: max-age=63072000
content-type: image/png
status: 200
cache-control: max-age=7776000
accept-ranges: bytes
vary: Accept-Encoding
expires: Thu, 28 May 2020 09:20:12 GMT

GET
H2 200 js_PDJDMRVjKTS_1JGcvJsDtJGl7nKgVnaql9_IQ9BxDxI.js Show response
www.essent.be/sites/default/files/js/ 324 KB
89 KB 60ms
60ms Script
text/javascript 76.223.71.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.essent.be/sites/default/files/js/js_PDJDMRVjKTS_1JGcvJsDtJGl7nKgVnaql9_IQ9BxDxI.js

Requested by

Host: www.essent.be
URL: https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.71.181 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a50e171bb7c2d4990.awsglobalaccelerator.com

Software

Apache /

Resource Hash

3c32433115632934bfd4919cbc9b03b491a5ee72a05676aa97dfc843d0710f12

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 09:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Feb 2020 06:47:18 GMT
server: Apache
vary: Accept-encoding
content-type: text/javascript
status: 200
cache-control: max-age=7776000
strict-transport-security: max-age=63072000
accept-ranges: bytes
content-length: 89953
expires: Thu, 28 May 2020 09:20:12 GMT

GET
H/1.1 200
OK tjjapxqdn.js Show response
cdn.krxd.net/controltag/ 24 KB
6 KB 65ms
21ms Script
text/javascript 151.101.112.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/tjjapxqdn.js
Requested by: Host: www.essent.be
URL: https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.175 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 71a3e790205793adebd316be363ea93b3e7efe4fadf055e212242081ef25379c

Request headers

Referer: https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

X-CDN-Backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
Date: Fri, 28 Feb 2020 09:20:12 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 598
X-Cache: MISS, HIT, HIT
X-App-Cache: HIT
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 5346
X-Served-By: config-service-a005-ash-prod.krxd.net, cache-bwi5125-BWI, cache-hhn4066-HHN
X-Response-Time: 1
X-Do-Esi: esi
X-Timer: S1582881612.148126,VS0,VE0
ETag: "e1963e38662778e58173c1d4f14b39308f333b06"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=1200
Accept-Ranges: bytes
X-Age: 0
X-Cache-Hits: 0, 1, 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 392 KB
72 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N4HRJQN

Requested by

Host: www.essent.be
URL: https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

50373e952bc1639c707766842fd47baff72c73dffc0cdaa876d6528fa8a432ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 09:20:12 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Cache-Control
content-length: 73952
x-xss-protection: 0
expires: Fri, 28 Feb 2020 09:20:12 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: www.essent.be
URL: https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,700&display=swap
Origin: https://www.essent.be
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 02:00:53 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 2099959
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11180
x-xss-protection: 0
expires: Wed, 03 Feb 2021 02:00:53 GMT

GET
H2 200 bolactie_2.jpg
www.essent.be/sites/default/files/2019-12/ 628 KB
619 KB 54ms
54ms Image
image/jpeg 76.223.71.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.essent.be/sites/default/files/2019-12/bolactie_2.jpg

Requested by

Host: www.essent.be
URL: https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.71.181 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a50e171bb7c2d4990.awsglobalaccelerator.com

Software

Apache /

Resource Hash

0dc57d6ef43968b6ccd0ee64f65bd074046d19e4e410b9a1137c3820030292f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 09:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 14 Jan 2020 22:31:20 GMT
server: Apache
strict-transport-security: max-age=63072000
content-type: image/jpeg
status: 200
cache-control: max-age=7776000
accept-ranges: bytes
vary: Accept-Encoding
expires: Thu, 28 May 2020 09:20:12 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: www.essent.be
URL: https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,700&display=swap
Origin: https://www.essent.be
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 00:50:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 2449793
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11020
x-xss-protection: 0
expires: Sat, 30 Jan 2021 00:50:19 GMT

GET
H2 200 icons.woff
www.essent.be/themes/essent/fonts/icons/ 21 KB
21 KB 46ms
45ms Font
application/x-font-woff 76.223.71.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.essent.be/themes/essent/fonts/icons/icons.woff?v=1.4

Requested by

Host: www.essent.be
URL: https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.71.181 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a50e171bb7c2d4990.awsglobalaccelerator.com

Software

Apache /

Resource Hash

cf5aea9b0edb324004b3d474aacc3cda59bc6742bfbb4992679650e2079af6a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.essent.be/sites/default/files/css/css_xyPPHKf7HkqOe0TcB4SiKBmgwqHQzhYqqkpoIOUWO4M.css
Origin: https://www.essent.be
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 28 Feb 2020 09:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Feb 2020 14:18:31 GMT
server: Apache
strict-transport-security: max-age=63072000
content-type: application/x-font-woff
status: 200
cache-control: max-age=7776000
accept-ranges: bytes
vary: Accept-Encoding
content-length: 21203
expires: Thu, 28 May 2020 09:20:12 GMT

GET
H2 200 KFOkCnqEu92Fr1MmgVxIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1MmgVxIIzIXKMny.woff2

Requested by

Host: www.essent.be
URL: https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

969d3b8c3b846ba9d4dd5fa3936ec2c610f4f9f67f6f880cc9b00ebda3414083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,700&display=swap
Origin: https://www.essent.be
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Feb 2020 01:53:13 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:40 GMT
server: sffe
age: 286019
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10984
x-xss-protection: 0
expires: Wed, 24 Feb 2021 01:53:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4HRJQN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5281
date: Fri, 28 Feb 2020 07:52:11 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Fri, 28 Feb 2020 09:52:11 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 859 B
923 B 24ms
24ms Script
application/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.essent.be
URL: https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

61649cc70d5623f16ffa85f9acb60391fa0b52a5bf8d0d5c93aec38ff22a25e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 09:20:12 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
content-type: application/javascript
status: 200
cache-control: no-cache
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
expires: Tue, 27 Apr 1971 19:44:06 GMT

GET
H2

200

activityi;dc_pre=COy55sH18-cCFRzjuwgdzcQFqQ;src=6229194;type=rmkt;cat=landi0;ord=237014103627;gtm=2wg2j0;auiddc=53862173.1582881612;~oref=https%3A%2F%2Fwww.essent.be%2Fnl%2Fprive%2Fbolactie%3Futm_s...
6229194.fls.doubleclick.net/ Frame C3E6
Redirect Chain

https://6229194.fls.doubleclick.net/activityi;src=6229194;type=rmkt;cat=landi0;ord=237014103627;gtm=2wg2j0;auiddc=53862173.1582881612;~oref=https%3A%2F%2Fwww.essent.be%2Fnl%2Fprive%2Fbolactie%3Futm...
https://6229194.fls.doubleclick.net/activityi;dc_pre=COy55sH18-cCFRzjuwgdzcQFqQ;src=6229194;type=rmkt;cat=landi0;ord=237014103627;gtm=2wg2j0;auiddc=53862173.1582881612;~oref=https%3A%2F%2Fwww.essen...

0
0

36ms
35ms

Document
text/html

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6229194.fls.doubleclick.net/activityi;dc_pre=COy55sH18-cCFRzjuwgdzcQFqQ;src=6229194;type=rmkt;cat=landi0;ord=237014103627;gtm=2wg2j0;auiddc=53862173.1582881612;~oref=https%3A%2F%2Fwww.essent.be%2Fnl%2Fprive%2Fbolactie%3Futm_source%3Dzanox%26utm_medium%3Daffiliate_tekstlink%26awc%3D8426_1582881611_93809cf505fe1f92f46a0dba31474cd6?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4HRJQN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6229194.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=COy55sH18-cCFRzjuwgdzcQFqQ;src=6229194;type=rmkt;cat=landi0;ord=237014103627;gtm=2wg2j0;auiddc=53862173.1582881612;~oref=https%3A%2F%2Fwww.essent.be%2Fnl%2Fprive%2Fbolactie%3Futm_source%3Dzanox%26utm_medium%3Daffiliate_tekstlink%26awc%3D8426_1582881611_93809cf505fe1f92f46a0dba31474cd6?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 28 Feb 2020 09:20:12 GMT
expires: Fri, 28 Feb 2020 09:20:12 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 420
x-xss-protection: 0
set-cookie: IDE=AHWqTUlhlHB-K4SViGV6NsU30M58VRRbHjLlstBdYvMUpMk3G_6cqqfrbYEYOJBl; expires=Wed, 24-Mar-2021 09:20:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 28 Feb 2020 09:20:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6229194.fls.doubleclick.net/activityi;dc_pre=COy55sH18-cCFRzjuwgdzcQFqQ;src=6229194;type=rmkt;cat=landi0;ord=237014103627;gtm=2wg2j0;auiddc=53862173.1582881612;~oref=https%3A%2F%2Fwww.essent.be%2Fnl%2Fprive%2Fbolactie%3Futm_source%3Dzanox%26utm_medium%3Daffiliate_tekstlink%26awc%3D8426_1582881611_93809cf505fe1f92f46a0dba31474cd6?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 28-Feb-2020 09:35:12 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 8426.js Show response
www.dwin1.com/ 16 KB
9 KB 71ms
71ms Script
application/javascript 2600:9000:2156:e00:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/8426.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4HRJQN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:e00:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3d82d43bab45dff631cb1e9616791f40456b1d09852dbba71eb37867402bd84

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 08:08:50 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
last-modified: Tue, 17 Sep 2019 13:23:08 GMT
server: AmazonS3
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
x-amz-version-id: p7w.5GNZ5oQ6cpGd._NOu0EwOuPjgqjJ
access-control-allow-origin: *
cache-control: max-age=3600,s-maxage=3600
content-type: application/javascript
x-amz-cf-id: cdSApwAqBnd55ol1twd5dn76waIoKVyZa5m9gD73eGp8OP0DGJLr6A==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 248ms
33ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4HRJQN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

e613df9aa843851d019cc12e6184972311e2229c14299d2f6c80f4aadf2d844a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 09:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9931
x-xss-protection: 0
server: cafe
etag: 9478280665056484852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Feb 2020 09:20:12 GMT

GET
H2

200

src=9732598;dc_pre=CLys6cH18-cCFVO5TwoduNQLHg;type=invmedia;cat=visit0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=9732598;type=invmedia;cat=visit0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?gtmcb=1156040849
https://ad.doubleclick.net/ddm/activity/src=9732598;dc_pre=CLys6cH18-cCFVO5TwoduNQLHg;type=invmedia;cat=visit0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?gtmcb=1156040849
https://adservice.google.com/ddm/fls/z/src=9732598;dc_pre=CLys6cH18-cCFVO5TwoduNQLHg;type=invmedia;cat=visit0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?gtmcb=1156040849

42 B
109 B

16ms
15ms

Image
image/gif

2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9732598;dc_pre=CLys6cH18-cCFVO5TwoduNQLHg;type=invmedia;cat=visit0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?gtmcb=1156040849

Requested by

Host: www.essent.be
URL: https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Feb 2020 09:20:12 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Feb 2020 09:20:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://adservice.google.com/ddm/fls/z/src=9732598;dc_pre=CLys6cH18-cCFVO5TwoduNQLHg;type=invmedia;cat=visit0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?gtmcb=1156040849
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK controltag.js.cee73ba6ab74e5caa8092ae34993bbaa Show response
cdn.krxd.net/ctjs/ 249 KB
80 KB 21ms
20ms Script
application/javascript 151.101.112.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.cee73ba6ab74e5caa8092ae34993bbaa
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/tjjapxqdn.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.175 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 068bed61e83437f5e2d270cba661153f7912233b984631298cdd5ea1a2bb7fa2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

X-CDN-Backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
Date: Fri, 28 Feb 2020 09:20:12 GMT
Content-Encoding: gzip
Age: 4212255
X-Cache: HIT
Connection: keep-alive
Content-Length: 81273
X-Served-By: cache-hhn4066-HHN
Last-Modified: Thu, 02 Jan 2020 17:46:59 GMT
X-Timer: S1582881612.283570,VS0,VE0
ETag: "cee73ba6ab74e5caa8092ae34993bbaa"
Content-Type: application/javascript
Via: 1.1 varnish
Expires: Sun, 30 Dec 2029 17:46:58 GMT
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes
X-Cache-Hits: 4034486

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vfl2dBoXz/ 27 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vfl2dBoXz/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe7a86c76c74d7ed774325d80240edd8f7f9cd835392c368884616effa572d4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 06:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11004
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10171
x-xss-protection: 0
last-modified: Wed, 26 Feb 2020 07:01:33 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Sat, 07 Mar 2020 06:16:48 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 08:49:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1861
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
expires: Fri, 28 Feb 2020 09:49:11 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
955 B 7ms
7ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 09:06:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 842
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
expires: Fri, 28 Feb 2020 10:06:10 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 83 KB
27 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-55SSS8P&t=gtm8&cid=1279922048.1582881612

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d37e88a979e364fdf59257865dd0def74eb865057c4de36cc8a1232b2588b3f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 09:20:12 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Cache-Control
content-length: 27318
x-xss-protection: 0
expires: Fri, 28 Feb 2020 09:20:12 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
6ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1797695219&t=pageview&_s=1&dl=https%3A%2F%2Fwww.essent.be%2Fnl%2Fprive%2Fbolactie%3Futm_source%3Dzanox%26utm_medium%3Daffiliate_tekstlink%26awc%3D8426_1582881611_93809cf505fe1f92f46a0dba31474cd6&dp=%2Fnl%2Fprive%2Fbolactie%3Futm_source%3Dzanox%26utm_medium%3Daffiliate_tekstlink%26awc%3D8426_1582881611_93809cf505fe1f92f46a0dba31474cd6&ul=en-us&de=UTF-8&dt=Verwen%20jezelf%20met%20onze%20energie%20en%20...%20een%20cadeau%20naar%20keuze!%20-%20priv%C3%A9%20%7C%20Essent&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBAgEArQ~&jid=935179681&gjid=1191836665&cid=1279922048.1582881612&tid=UA-12071421-5&_gid=1589895207.1582881612&gtm=2wg2j0N4HRJQN&z=293829852

Requested by

Host: www.essent.be
URL: https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 23 Jan 2020 10:42:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3105482
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-12071421-5&cid=1279922048.1582881612&jid=935179681&gjid=1191836665&_gid=1589895207.1582881612&_u=aGBAgEArQ~&z=1473842733
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12071421-5&cid=1279922048.1582881612&jid=935179681&_v=j81&z=1473842733
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12071421-5&cid=1279922048.1582881612&jid=935179681&_v=j81&z=1473842733&slf_rd=1&random=771924118

42 B
109 B

19ms
19ms

Image
image/gif

2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12071421-5&cid=1279922048.1582881612&jid=935179681&_v=j81&z=1473842733&slf_rd=1&random=771924118

Requested by

Host: www.essent.be
URL: https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Feb 2020 09:20:12 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Feb 2020 09:20:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12071421-5&cid=1279922048.1582881612&jid=935179681&_v=j81&z=1473842733&slf_rd=1&random=771924118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK alt.php
www.zenaps.com/ Frame D2DD 0
0 73ms
72ms Document
text/html 2.23.65.48
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zenaps.com/alt.php?mid=8426&sv=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6

Requested by

Host: www.essent.be
URL: https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.23.65.48 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-23-65-48.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Host: www.zenaps.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: aw8426=609415|361653|2371808|1582881611||aw|0; bId=HLEX_5e58db4b8501f5.33402284
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe

Response headers

Content-Type: text/html
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 28 Feb 2020 09:20:12 GMT
Content-Length: 139
Connection: keep-alive
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
H/1.1 200 d9core Show response
the.sciencebehindecommerce.com/ 12 KB
5 KB 996ms
37ms Script
application/javascript 52.215.118.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://the.sciencebehindecommerce.com/d9core
Requested by: Host: www.essent.be
URL: https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.118.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-118-71.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.38 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: 52ce0f4578209eb40159cf37e4346b5ecd33ccd4a5a65974974ee8bb9b599b96

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 28 Feb 2020 09:20:12 GMT
Content-Encoding: gzip
Server: Apache/2.4.38 (Amazon) OpenSSL/1.0.2k-fips
ETag: 8a9f12b2e87d7b911fe1cb4d9a1144b3
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,SERVER
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin: the.sciencebehindecommerce.com
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=172800, no-cache="set-cookie"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Content-Length: 4141

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1797695219&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.essent.be%2Fnl%2Fprive%2Fbolactie%3Futm_source%3Dzanox%26utm_medium%3Daffiliate_tekstlink%2...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12071421-5&cid=1279922048.1582881612&jid=1707938583&_gid=1589895207.1582881612&gjid=1837031169&_v=j81&z=468962387
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12071421-5&cid=1279922048.1582881612&jid=1707938583&_v=j81&z=468962387
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12071421-5&cid=1279922048.1582881612&jid=1707938583&_v=j81&z=468962387&slf_rd=1&random=3740620601

42 B
109 B

15ms
15ms

Image
image/gif

2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12071421-5&cid=1279922048.1582881612&jid=1707938583&_v=j81&z=468962387&slf_rd=1&random=3740620601

Requested by

Host: www.essent.be
URL: https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Feb 2020 09:20:12 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Feb 2020 09:20:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12071421-5&cid=1279922048.1582881612&jid=1707938583&_v=j81&z=468962387&slf_rd=1&random=3740620601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
103 B 6ms
6ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&aip=1&t=data&ni=1&_s=2&dp=%2Fnl%2Fprive%2Fbolactie%3Futm_source%3Dzanox%26utm_medium%3Daffiliate_tekstlink%26awc%3D8426_1582881611_93809cf505fe1f92f46a0dba31474cd6&dt=&je=0&_u=aHDAgEArQ~&jid=&gjid=&cid=1279922048.1582881612&tid=UA-12071421-5&_gid=1589895207.1582881612&gtm=2wg2j0N4HRJQN&z=308392139

Requested by

Host: www.essent.be
URL: https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 23 Jan 2020 10:42:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3105482
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK a0cb674b-7a15-4a8f-80b1-e46af6ae1adb Show response
consumer.krxd.net/consent/get/ 236 B
613 B 96ms
50ms Script
text/javascript 151.101.12.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/a0cb674b-7a15-4a8f-80b1-e46af6ae1adb?idt=device&dt=kxcookie&callback=Krux.ns.essentbe.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.cee73ba6ab74e5caa8092ae34993bbaa
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.175 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4eed48e99140a09d81b43acc96f5d28d7e1636a0f1ea19b790d653dad7334717

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 28 Feb 2020 09:20:12 GMT
Content-Encoding: gzip
Age: 0
Vary: Accept-Encoding
X-Cache: MISS, MISS
Content-Type: text/javascript; charset=UTF-8
Via: 1.1 varnish
Cache-Control: max-age=1800
X-Cache-Hits: 0, 0
Connection: keep-alive
Accept-Ranges: bytes
X-Timer: S1582881612.495782,VS0,VE26
X-Age: 0
Content-Length: 187
X-Served-By: consumer-a008-dub-prod.krxd.net, cache-fra19161-FRA

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/767591364/ 2 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/767591364/?random=1582881612523&cv=9&fst=1582881612523&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.essent.be%2Fnl%2Fprive%2Fbolactie%3Futm_source%3Dzanox%26utm_medium%3Daffiliate_tekstlink%26awc%3D8426_1582881611_93809cf505fe1f92f46a0dba31474cd6&tiba=Verwen%20jezelf%20met%20onze%20energie%20en%20...%20een%20cadeau%20naar%20keuze!%20-%20priv%C3%A9%20%7C%20Essent&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7907760e1cfe2b09841db764c5e69ddd467d940fbaafc1008f36d4f2a39298ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Fri, 28 Feb 2020 09:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1138
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/767591364/ 42 B
122 B 22ms
22ms Image
image/gif 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/767591364/?random=1582881612523&cv=9&fst=1582880400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2j0&sendb=1&frm=0&url=https%3A%2F%2Fwww.essent.be%2Fnl%2Fprive%2Fbolactie%3Futm_source%3Dzanox%26utm_medium%3Daffiliate_tekstlink%26awc%3D8426_1582881611_93809cf505fe1f92f46a0dba31474cd6&tiba=Verwen%20jezelf%20met%20onze%20energie%20en%20...%20een%20cadeau%20naar%20keuze!%20-%20priv%C3%A9%20%7C%20Essent&async=1&fmt=3&is_vtc=1&random=3560972584&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.essent.be
URL: https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 28 Feb 2020 09:20:12 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/767591364/ 42 B
110 B 20ms
19ms Image
image/gif 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/767591364/?random=1582881612523&cv=9&fst=1582880400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2j0&sendb=1&frm=0&url=https%3A%2F%2Fwww.essent.be%2Fnl%2Fprive%2Fbolactie%3Futm_source%3Dzanox%26utm_medium%3Daffiliate_tekstlink%26awc%3D8426_1582881611_93809cf505fe1f92f46a0dba31474cd6&tiba=Verwen%20jezelf%20met%20onze%20energie%20en%20...%20een%20cadeau%20naar%20keuze!%20-%20priv%C3%A9%20%7C%20Essent&async=1&fmt=3&is_vtc=1&random=3560972584&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.essent.be
URL: https://www.essent.be/nl/prive/bolactie?utm_source=zanox&utm_medium=affiliate_tekstlink&awc=8426_1582881611_93809cf505fe1f92f46a0dba31474cd6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 28 Feb 2020 09:20:12 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 lgc Show response
the.sciencebehindecommerce.com/ 0
568 B 58ms
58ms XHR
text/plain 52.215.118.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://the.sciencebehindecommerce.com/lgc
Requested by: Host: the.sciencebehindecommerce.com
URL: https://the.sciencebehindecommerce.com/d9core
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.118.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-118-71.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.38 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: https://www.essent.be
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 28 Feb 2020 09:20:12 GMT
Server: Apache/2.4.38 (Amazon) OpenSSL/1.0.2k-fips
Access-Control-Allow-Methods: GET,POST,SERVER
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin: https://www.essent.be
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

asset_composer.js Show response
static.zdassets.com/ekr/
Redirect Chain

https://v2.zopim.com/?483vrpLWPmLwXhx9LsIwdYJtOdmSrdYO
https://static.zdassets.com/ekr/asset_composer.js

24 KB
7 KB

69ms
29ms

Script
application/javascript

104.18.74.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/asset_composer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.74.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

513ce29703580e6b4f7b34d4ab48e5379f815a3900a28fa981e027b7a6379fdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 28 Feb 2020 09:20:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 8
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: 9635A56BCD5FAB65
x-amz-id-2: 2/yVEjmHOI/8uVf5dXr2nxeEBpxWt0HN/gMCvnOMO7SSPhiqVN+jjEwaVfXoSx0t5RaVpAl8aHA=
last-modified: Wed, 26 Feb 2020 03:53:03 GMT
server: cloudflare
etag: W/"bdb14851105a33db27493a68cc37a8eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: Qq99HmTwYss4UwPe8POMlou47qjkssf9
cf-ray: 56c152449cf1d8f1-AMS

Redirect headers

date: Fri, 28 Feb 2020 09:20:13 GMT
cf-cache-status: HIT
server: cloudflare
age: 13062
location: https://static.zdassets.com/ekr/asset_composer.js
etag: "5e4b5349-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
status: 302
cache-control: max-age=14400, max-age=14400, public, must-revalidate, proxy-revalidate
cf-ray: 56c15244289a9d60-AMS
content-length: 0
expires: Fri, 28 Feb 2020 09:42:31 GMT

GET
H2 200 optout_check Show response
beacon.krxd.net/ 62 B
221 B 122ms
37ms Script
text/javascript 54.194.157.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.essentbe.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.cee73ba6ab74e5caa8092ae34993bbaa
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.157.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-157-205.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a6b541236758b090b0fc37fc78d70d1159da07be0387880d75728934086f0182

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

status: 200
date: Fri, 28 Feb 2020 09:20:13 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=41 t=1582881613
x-served-by: beacon-n015-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 32ms
31ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4HRJQN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

e613df9aa843851d019cc12e6184972311e2229c14299d2f6c80f4aadf2d844a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 09:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9931
x-xss-protection: 0
server: cafe
etag: 9478280665056484852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Feb 2020 09:20:13 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/767591364/ 2 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/767591364/?random=1582881613463&cv=9&fst=1582881613463&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.essent.be%2Fnl%2Fprive%2Fbolactie%3Futm_source%3Dzanox%26utm_medium%3Daffiliate_tekstlink%26awc%3D8426_1582881611_93809cf505fe1f92f46a0dba31474cd6&tiba=Verwen%20jezelf%20met%20onze%20energie%20en%20...%20een%20cadeau%20naar%20keuze!%20-%20priv%C3%A9%20%7C%20Essent&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74e3ece74b2fc7fcc4ff31e94bdd62bdd9adfe368bd587e3dd07d7205ba5668b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Fri, 28 Feb 2020 09:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1138
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/767591364/ 42 B
122 B 24ms
24ms Image
image/gif 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/767591364/?random=1582881613463&cv=9&fst=1582880400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2j0&sendb=1&frm=0&url=https%3A%2F%2Fwww.essent.be%2Fnl%2Fprive%2Fbolactie%3Futm_source%3Dzanox%26utm_medium%3Daffiliate_tekstlink%26awc%3D8426_1582881611_93809cf505fe1f92f46a0dba31474cd6&tiba=Verwen%20jezelf%20met%20onze%20energie%20en%20...%20een%20cadeau%20naar%20keuze!%20-%20priv%C3%A9%20%7C%20Essent&async=1&fmt=3&is_vtc=1&random=2318258970&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 28 Feb 2020 09:20:13 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/767591364/ 42 B
110 B 20ms
20ms Image
image/gif 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/767591364/?random=1582881613463&cv=9&fst=1582880400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2j0&sendb=1&frm=0&url=https%3A%2F%2Fwww.essent.be%2Fnl%2Fprive%2Fbolactie%3Futm_source%3Dzanox%26utm_medium%3Daffiliate_tekstlink%26awc%3D8426_1582881611_93809cf505fe1f92f46a0dba31474cd6&tiba=Verwen%20jezelf%20met%20onze%20energie%20en%20...%20een%20cadeau%20naar%20keuze!%20-%20priv%C3%A9%20%7C%20Essent&async=1&fmt=3&is_vtc=1&random=2318258970&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 28 Feb 2020 09:20:13 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 483vrpLWPmLwXhx9LsIwdYJtOdmSrdYO Show response
ekr.zdassets.com/compose/zopim_chat/ 194 B
705 B 237ms
194ms XHR
application/json 104.18.73.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/zopim_chat/483vrpLWPmLwXhx9LsIwdYJtOdmSrdYO

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.73.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb9e43a9df9f8117f99f47c82a46401f08bb1ac0065c7e259a406ca622837971

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Origin: https://www.essent.be
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

date: Fri, 28 Feb 2020 09:20:13 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: REVALIDATED
status: 200, 200 OK
strict-transport-security: max-age=0
x-request-id: f5f9df35-4106-4be1-97b6-c4e0dea07e84
x-runtime: 0.006429
server: cloudflare
etag: W/"fb9e43a9df9f8117f99f47c82a46401f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=600, s-maxage=60
cf-ray: 56c152451eab7251-AMS

GET
H2

200

widget_v2.326.js Show response
v2.zopim.com/bin/v/
Redirect Chain

https://v2.zopim.com/w?483vrpLWPmLwXhx9LsIwdYJtOdmSrdYO
https://v2.zopim.com/bin/v/widget_v2.326.js

1 MB
244 KB

33ms
33ms

Script
application/javascript

104.16.84.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.zopim.com/bin/v/widget_v2.326.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.84.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc146a170971e0f56800073a4d67d59a9d1f7c3051107a27a443b3917ee5d9c4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 28 Feb 2020 09:20:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Feb 2020 08:31:02 GMT
server: cloudflare
age: 185445
etag: W/"5e426646-103442"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=315360000
cf-ray: 56c152468aa99d60-AMS
expires: Mon, 25 Feb 2030 09:20:13 GMT

Redirect headers

date: Fri, 28 Feb 2020 09:20:13 GMT
cf-cache-status: DYNAMIC
server: cloudflare
etag: "5e4b5349-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://v2.zopim.com/bin/v/widget_v2.326.js
content-type: application/octet-stream
status: 302
cache-control: max-age=14400, max-age=14400, public, must-revalidate, proxy-revalidate
cf-ray: 56c152464a789d60-AMS
content-length: 0
expires: Fri, 28 Feb 2020 13:20:13 GMT

GET
H2 200 __$$__stringtable_lang_nl.js Show response
v2.zopim.com/lib/20200211.083089/ Frame DA10 6 KB
2 KB 27ms
27ms Script
application/javascript 104.16.84.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.zopim.com/lib/20200211.083089/__$$__stringtable_lang_nl.js
Requested by: Host: v2.zopim.com
URL: https://v2.zopim.com/bin/v/widget_v2.326.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.84.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18616651ff7e9763b902e0e4ffaee1172422b942a9ee8c5585147ac7b5028c64

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 09:20:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Feb 2020 08:31:00 GMT
server: cloudflare
age: 185444
etag: W/"5e426644-181c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=315360000
cf-ray: 56c152476b7d9d60-AMS
expires: Mon, 25 Feb 2030 09:20:13 GMT

GET
DATA 200
OK truncated
/ Frame 0D9E 13 KB
13 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2d83ad40a286051bd88ec3207cfeccf2e94ad85e777d9fe84708256f37ace14

Request headers

Origin: https://www.essent.be
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ Frame CFE3 13 KB
0 Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2d83ad40a286051bd88ec3207cfeccf2e94ad85e777d9fe84708256f37ace14

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://www.essent.be

Response headers

Content-Type: application/font-woff

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1797695219&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.essent.be%2Fnl%2Fprive%2Fbolactie%3Futm_source%3Dzanox%26utm_medium%3Daffiliate_tekstlink%2...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12071421-5&cid=314808770.1582881615&jid=1948301449&_gid=599875223.1582881615&gjid=1464631325&_v=j81&z=1133153405
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12071421-5&cid=314808770.1582881615&jid=1948301449&_v=j81&z=1133153405
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12071421-5&cid=314808770.1582881615&jid=1948301449&_v=j81&z=1133153405&slf_rd=1&random=503424810

42 B
109 B

16ms
16ms

Image
image/gif

2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12071421-5&cid=314808770.1582881615&jid=1948301449&_v=j81&z=1133153405&slf_rd=1&random=503424810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Feb 2020 09:20:14 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Feb 2020 09:20:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12071421-5&cid=314808770.1582881615&jid=1948301449&_v=j81&z=1133153405&slf_rd=1&random=503424810
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 3) Message: Problem interacting with dataLayer history: TypeError: Cannot read property 'getItem' of null
console-api	log	(Line 3) Message: Problem interacting with dataLayer history: TypeError: Cannot read property 'getItem' of null
console-api	log	(Line 3) Message: Problem interacting with dataLayer history: TypeError: Cannot read property 'getItem' of null
console-api	log	(Line 3) Message: Problem interacting with dataLayer history: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://v2.zopim.com/bin/v/widget_v2.326.js(Line 4104) Message: Error in LiveChatAPI call: TypeError - Cannot read property 'status' of undefined
console-api	log	URL: https://v2.zopim.com/bin/v/widget_v2.326.js(Line 4105) Message: TypeError: Cannot read property 'status' of undefined
console-api	log	URL: https://v2.zopim.com/bin/v/widget_v2.326.js(Line 4106) Message: function(){$zopim.livechat.departments.setVisitorDepartment("NL");var b=$zopim.livechat.departments.getDepartment("NL"), d=$zopim.livechat.departments.getDepartment("FR"),a="default";"default"==a&&(a="Heb je vragen over ons aanbod?");$zopim.livechat.setGreetings({online:a,offline:a});"online"!=b.status&&"online"!=d.status\|\|$zopim.livechat.setOnStatus(function(){$zopim.livechat.departments.filter("");"offline"==b.status&&$zopim.livechat.setStatus("offline")})}
console-api	log	(Line 3) Message: Problem interacting with dataLayer history: TypeError: Cannot read property 'getItem' of null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6229194.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
beacon.krxd.net
cdn.krxd.net
consumer.krxd.net
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
news.gelukkigepromoties.be
s.ytimg.com
static.zdassets.com
stats.g.doubleclick.net
the.sciencebehindecommerce.com
v2.zopim.com
www.awin1.com
www.dwin1.com
www.essent.be
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.youtube.com
www.zenaps.com
104.16.84.55
104.18.73.113
104.18.74.113
151.101.112.175
151.101.12.175
172.217.16.134
172.217.18.2
188.95.250.153
2.23.65.48
2600:9000:2156:e00:f:8ce2:fb80:93a1
2a00:1450:4001:80b::200e
2a00:1450:4001:819::2002
2a00:1450:4001:81b::2003
2a00:1450:4001:81c::2008
2a00:1450:4001:81d::2003
2a00:1450:4001:81f::2004
2a00:1450:4001:820::200e
2a00:1450:4001:821::200a
2a00:1450:4001:821::200e
2a00:1450:4001:824::2002
2a00:1450:400c:c00::9c
52.215.118.71
54.194.157.205
76.223.71.181
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
068bed61e83437f5e2d270cba661153f7912233b984631298cdd5ea1a2bb7fa2
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0dc57d6ef43968b6ccd0ee64f65bd074046d19e4e410b9a1137c3820030292f6
101051ed51b3cfd13d875e0936f70a8d185c2bab4bef1b929d4e362d8eaad5e6
121ba11bf9dff50337ea26384da9144a974307529d4c805e2677076dfe25cdbf
18616651ff7e9763b902e0e4ffaee1172422b942a9ee8c5585147ac7b5028c64
215612f81f99fd1c99e58544cf96806829955d7216f3b2e79b44b139f430f087
3c32433115632934bfd4919cbc9b03b491a5ee72a05676aa97dfc843d0710f12
4eed48e99140a09d81b43acc96f5d28d7e1636a0f1ea19b790d653dad7334717
50373e952bc1639c707766842fd47baff72c73dffc0cdaa876d6528fa8a432ac
513ce29703580e6b4f7b34d4ab48e5379f815a3900a28fa981e027b7a6379fdb
52ce0f4578209eb40159cf37e4346b5ecd33ccd4a5a65974974ee8bb9b599b96
61649cc70d5623f16ffa85f9acb60391fa0b52a5bf8d0d5c93aec38ff22a25e4
71a3e790205793adebd316be363ea93b3e7efe4fadf055e212242081ef25379c
74e3ece74b2fc7fcc4ff31e94bdd62bdd9adfe368bd587e3dd07d7205ba5668b
7907760e1cfe2b09841db764c5e69ddd467d940fbaafc1008f36d4f2a39298ce
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
969d3b8c3b846ba9d4dd5fa3936ec2c610f4f9f67f6f880cc9b00ebda3414083
9a1404043b3ccada5c7c9b2b5a72df19e2c48b9609112c3fa7ecbee700e24a59
a6b541236758b090b0fc37fc78d70d1159da07be0387880d75728934086f0182
b3d82d43bab45dff631cb1e9616791f40456b1d09852dbba71eb37867402bd84
be2180c74a21adc94ca9718799a483934e4136d0355e8a08dd7407a812d2e855
c2d83ad40a286051bd88ec3207cfeccf2e94ad85e777d9fe84708256f37ace14
c723cf1ca7fb1e4a8e7b44dc0784a22819a0c2a1d0ce162aaa4a6820e5163b83
c8b78634013e2a70d15d24868eaaeb003ee51d3a7f34925845987ec17228b2b9
cf5aea9b0edb324004b3d474aacc3cda59bc6742bfbb4992679650e2079af6a5
d37e88a979e364fdf59257865dd0def74eb865057c4de36cc8a1232b2588b3f6
de5ecfbee9bd5941e5c989bdbc189dbf59e816694e99cd7886926578e1ad0b8b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e613df9aa843851d019cc12e6184972311e2229c14299d2f6c80f4aadf2d844a
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb9e43a9df9f8117f99f47c82a46401f08bb1ac0065c7e259a406ca622837971
fc146a170971e0f56800073a4d67d59a9d1f7c3051107a27a443b3917ee5d9c4
fe7a86c76c74d7ed774325d80240edd8f7f9cd835392c368884616effa572d4e

www.essent.be Open in urlscan Pro 76.223.71.181 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

100 %HTTPS

50 %IPv6

19 Domains

26 Subdomains

23 IPs

6 Countries

1472 kBTransfer

3481 kBSize

0 Cookies

7 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.essent.be Open in urlscan Pro
76.223.71.181 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

100 %
HTTPS

50 %
IPv6

19
Domains

26
Subdomains

23
IPs

6
Countries

1472 kB
Transfer

3481 kB
Size

0
Cookies

48 HTTP transactions
2 data transactions