wd-cashback.ch Open in urlscan Pro
185.2.54.216 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wd-cashback.ch/
Effective URL:
https://wd-cashback.ch/
Submission: On March 05 via api (March 5th 2023, 10:57:33 am UTC) from US — Scanned from DE

Summary HTTP 60 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 12 domains to perform 60 HTTP transactions. The main IP is 185.2.54.216, located in Belgium and belongs to COMBELL-AS, BE. The main domain is wd-cashback.ch.
TLS certificate: Issued by R3 on January 31st 2023. Valid for: 3 months.

This is the only time wd-cashback.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 46	185.2.54.216 185.2.54.216	34762 (COMBELL-AS) (COMBELL-AS)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	91.183.134.203 91.183.134.203	5432 (PROXIMUS-...) (PROXIMUS-ISP-AS)
1	76.223.94.117 76.223.94.117	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:9600:c:7d55:b3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	91.183.134.201 91.183.134.201	5432 (PROXIMUS-...) (PROXIMUS-ISP-AS)
1	2400:52e0:1e0... 2400:52e0:1e00::1082:1	200325 (BUNNYCDN) (BUNNYCDN)
1	185.2.52.98 185.2.52.98	34762 (COMBELL-AS) (COMBELL-AS)
1	18.195.235.189 18.195.235.189	16509 (AMAZON-02) (AMAZON-02)
60	12

46 185.2.54.216 (Belgium) 1 redirects

ASN34762 (COMBELL-AS, BE)
PTR: Highactions.highco.be

wd-cashback.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
highactions.highco.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
form.highactions.highco.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.183.134.203 (Hoboken, Belgium)

ASN5432 (PROXIMUS-ISP-AS, BE)
PTR: 203.134-183-91.adsl-static.isp.belgacom.be

portal.highco-data.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.94.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa96a005eba94bd17.awsglobalaccelerator.com

api.autoaddress.ie	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:9600:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.183.134.201 (Hoboken, Belgium)

ASN5432 (PROXIMUS-ISP-AS, BE)
PTR: 201.134-183-91.adsl-static.isp.belgacom.be

api.highco.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1082:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)

consent.cookiefirst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.2.52.98 (Belgium)

ASN34762 (COMBELL-AS, BE)
PTR: web01.promolife.be

promolife.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.235.189 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-235-189.eu-central-1.compute.amazonaws.com

promolife.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	highco.be highactions.highco.be form.highactions.highco.be api.highco.be	18 MB
3	highco-data.be portal.highco-data.be	129 KB
2	matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 19695 promolife.matomo.cloud	39 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	20 KB
2	wd-cashback.ch 1 redirects wd-cashback.ch	7 KB
1	promolife.be promolife.be	8 KB
1	cookiefirst.com consent.cookiefirst.com — Cisco Umbrella Rank: 25421
1	autoaddress.ie api.autoaddress.ie — Cisco Umbrella Rank: 284971	11 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 788	11 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 693	33 KB
0	doubleclick.net Failed stats.g.doubleclick.net Failed
0	fpjs.io Failed cdn.fpjs.io Failed
60	12

	Domain	Requested by
41	highactions.highco.be	wd-cashback.ch code.jquery.com highactions.highco.be
3	portal.highco-data.be	highactions.highco.be portal.highco-data.be
3	form.highactions.highco.be	wd-cashback.ch
2	www.google-analytics.com	highactions.highco.be www.google-analytics.com
2	wd-cashback.ch	1 redirects
1	promolife.matomo.cloud	cdn.matomo.cloud
1	promolife.be	highactions.highco.be
1	consent.cookiefirst.com	code.jquery.com
1	api.highco.be	code.jquery.com
1	cdn.matomo.cloud	wd-cashback.ch
1	api.autoaddress.ie	code.jquery.com
1	maxcdn.bootstrapcdn.com	wd-cashback.ch
1	code.jquery.com	wd-cashback.ch
0	stats.g.doubleclick.net Failed	www.google-analytics.com
0	cdn.fpjs.io Failed	wd-cashback.ch
60	15

This site contains links to these domains. Also see Links.

Domain
www.keep-in-touch.ch
highactions.highco.be
www.westerndigital.com
www.google.com
www.microsoft.com
www.mozilla.org

Subject Issuer	Validity	Valid
wd-cashback.ch R3	`2023-01-31` - `2023-05-01`	3 months	crt.sh
*.highco.be Go Daddy Secure Certificate Authority - G2	`2022-10-07` - `2023-11-08`	a year	crt.sh
form.highactions.highco.be R3	`2023-02-11` - `2023-05-12`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.highco-data.be Sectigo RSA Domain Validation Secure Server CA	`2023-01-24` - `2024-01-29`	a year	crt.sh
*.autoaddress.ie Amazon RSA 2048 M01	`2023-02-10` - `2023-09-02`	7 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
cdn.matomo.cloud Amazon RSA 2048 M01	`2023-02-24` - `2023-12-25`	10 months	crt.sh
*.cookiefirst.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-01` - `2023-12-16`	a year	crt.sh
*.promolife.be Sectigo RSA Domain Validation Secure Server CA	`2023-01-27` - `2024-02-25`	a year	crt.sh
*.matomo.cloud Amazon RSA 2048 M01	`2023-02-10` - `2023-08-19`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://wd-cashback.ch/
Frame ID: 1DB5A4463498C9A6756DCFBF716EB5F1
Requests: 52 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Western Digital

Page URL History Show full URLs

http://wd-cashback.ch/ HTTP 301
https://wd-cashback.ch/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

97 %
HTTPS

45 %
IPv6

12
Domains

15
Subdomains

12
IPs

5
Countries

18220 kB
Transfer

19654 kB
Size

5
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.keep-in-touch.ch/

Search URL Search Domain Scan URL

URL: https://highactions.highco.be/actions/1321/forms/1321/files/eyJpdiI6InJ2Qnlja2QrNHJJOXExNUpOT2h3T0E9PSIsInZhbHVlIjoiUkx6QVdkOXkwSDNsZUlIMnRrT3gzZz09IiwibWFjIjoiYmRmNGFjMDgxYjAyOGNhNmIxYmI0YjBlNzc1MWY4NjRkYWM2NWUzYmZiYmJjOThkYmU2MDhmYTUwNzRkMDQ4YiJ9
Title: Allgemeine Bedingungen

Search URL Search Domain Scan URL

URL: https://www.westerndigital.com/de-de/legal
Title: rechtshinweis

Search URL Search Domain Scan URL

URL: https://www.westerndigital.com/de-de/company/contact-us
Title: Kontakt

Search URL Search Domain Scan URL

URL: https://www.google.com/intl/en/chrome/
Title: Chrome Google

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/edge
Title: Edge Microsoft

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/fr/firefox/new/
Title: Firefox Mozilla

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wd-cashback.ch/ HTTP 301
https://wd-cashback.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
wd-cashback.ch/
Redirect Chain

http://wd-cashback.ch/
https://wd-cashback.ch/

8 KB
5 KB

165ms
113ms

Document
text/html

185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wd-cashback.ch/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

bd4a6ccd3e8218a906fa0525444a0a8b8ae49410d62ae1c58b67be74b4439b83

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' portal.promolife.be promolife.matomo.cloud cdn.cookielaw.org www.highco-data.be .cookiefirst.com eu.api.fpjs.io tls-eun1.fpapi.io .highco.be esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud cdn.cookielaw.org www.googletagmanager.com .cookiebot.com .highco.be cdn.fpjs.io consent.cookiefirst.com unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com .highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: blob: data: http://www.highco-data.be; style-src 'unsafe-inline' 'self' www.highco-data.be consent.cookiefirst.com esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' .highco.be fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' consentcdn.cookiebot.com https://promolife.be/ https://www.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2906
Content-Security-Policy: default-src 'self' portal.promolife.be promolife.matomo.cloud cdn.cookielaw.org www.highco-data.be *.cookiefirst.com eu.api.fpjs.io tls-eun1.fpapi.io *.highco.be esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud cdn.cookielaw.org www.googletagmanager.com *.cookiebot.com *.highco.be cdn.fpjs.io consent.cookiefirst.com unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: blob: data: http://www.highco-data.be; style-src 'unsafe-inline' 'self' www.highco-data.be consent.cookiefirst.com esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' *.highco.be fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' consentcdn.cookiebot.com https://promolife.be/ https://www.promolife.be/;
Content-Type: text/html; charset=UTF-8
Date: Sun, 05 Mar 2023 10:57:27 GMT
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Request-ID: 3ec43acc0e451caa957a4104219ad7a1
X-XSS-Protection: 1;mode=block

Redirect headers

Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Security-Policy: default-src 'self' portal.promolife.be promolife.matomo.cloud cdn.cookielaw.org www.highco-data.be *.cookiefirst.com eu.api.fpjs.io tls-eun1.fpapi.io *.highco.be esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud cdn.cookielaw.org www.googletagmanager.com *.cookiebot.com *.highco.be cdn.fpjs.io consent.cookiefirst.com unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: blob: data: http://www.highco-data.be; style-src 'unsafe-inline' 'self' www.highco-data.be consent.cookiefirst.com esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' *.highco.be fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' consentcdn.cookiebot.com https://promolife.be/ https://www.promolife.be/;
Content-Type: text/html; charset=UTF-8
Date: Sun, 05 Mar 2023 10:57:27 GMT
Location: https://wd-cashback.ch/
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Request-ID: cba6de97978f9651e850b80cf972d82c
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK css
highactions.highco.be/api/actions/1321/ 54 KB
11 KB 162ms
50ms Stylesheet
text/css 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://highactions.highco.be/api/actions/1321/css

Requested by

Host: wd-cashback.ch
URL: https://wd-cashback.ch/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

a39c089f19fb86bb3be99343746551fe441c481351eb5f86c54344969395319f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 8569
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 0e66976258f26514228c3122e2afd69a
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

GET fp.js
cdn.fpjs.io/@2/ 0
0

GET
H/1.1 200
OK chrome.png
form.highactions.highco.be/images/ 52 KB
54 KB 126ms
40ms Image
image/png 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://form.highactions.highco.be/images/chrome.png

Requested by

Host: wd-cashback.ch
URL: https://wd-cashback.ch/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

720d49f9c2970210ae259b2a6df4687ed1a836ac36beaa021b3055524e68cff2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' portal.promolife.be promolife.matomo.cloud cdn.cookielaw.org www.highco-data.be .cookiefirst.com eu.api.fpjs.io tls-eun1.fpapi.io .highco.be esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud cdn.cookielaw.org www.googletagmanager.com .cookiebot.com .highco.be cdn.fpjs.io consent.cookiefirst.com unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com .highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: blob: data: http://www.highco-data.be; style-src 'unsafe-inline' 'self' www.highco-data.be consent.cookiefirst.com esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' .highco.be fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' consentcdn.cookiebot.com https://promolife.be/ https://www.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' portal.promolife.be promolife.matomo.cloud cdn.cookielaw.org www.highco-data.be *.cookiefirst.com eu.api.fpjs.io tls-eun1.fpapi.io *.highco.be esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud cdn.cookielaw.org www.googletagmanager.com *.cookiebot.com *.highco.be cdn.fpjs.io consent.cookiefirst.com unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: blob: data: http://www.highco-data.be; style-src 'unsafe-inline' 'self' www.highco-data.be consent.cookiefirst.com esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' *.highco.be fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' consentcdn.cookiebot.com https://promolife.be/ https://www.promolife.be/;
Connection: keep-alive
Content-Length: 53113
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: ba86e11fac92fa05cfc1c5fb49eb33fc
Referrer-Policy: no-referrer
Last-Modified: Fri, 08 May 2020 04:00:25 GMT
Server: nginx
ETag: "cf79-5a51b09764840"
Content-Type: image/png
Cache-Control: no-cache, no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK edge.png
form.highactions.highco.be/images/ 55 KB
57 KB 24ms
19ms Image
image/png 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://form.highactions.highco.be/images/edge.png

Requested by

Host: wd-cashback.ch
URL: https://wd-cashback.ch/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

57356b4bf5617d546ffd061aab43d9d55cded343f6072c7154516a5e94d0f404

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' portal.promolife.be promolife.matomo.cloud cdn.cookielaw.org www.highco-data.be .cookiefirst.com eu.api.fpjs.io tls-eun1.fpapi.io .highco.be esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud cdn.cookielaw.org www.googletagmanager.com .cookiebot.com .highco.be cdn.fpjs.io consent.cookiefirst.com unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com .highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: blob: data: http://www.highco-data.be; style-src 'unsafe-inline' 'self' www.highco-data.be consent.cookiefirst.com esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' .highco.be fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' consentcdn.cookiebot.com https://promolife.be/ https://www.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' portal.promolife.be promolife.matomo.cloud cdn.cookielaw.org www.highco-data.be *.cookiefirst.com eu.api.fpjs.io tls-eun1.fpapi.io *.highco.be esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud cdn.cookielaw.org www.googletagmanager.com *.cookiebot.com *.highco.be cdn.fpjs.io consent.cookiefirst.com unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: blob: data: http://www.highco-data.be; style-src 'unsafe-inline' 'self' www.highco-data.be consent.cookiefirst.com esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' *.highco.be fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' consentcdn.cookiebot.com https://promolife.be/ https://www.promolife.be/;
Connection: keep-alive
Content-Length: 56375
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 50086307384dbb80fce251c6ecba4959
Referrer-Policy: no-referrer
Last-Modified: Thu, 05 Mar 2020 08:57:59 GMT
Server: nginx
ETag: "dc37-5a017bbccb3c0"
Content-Type: image/png
Cache-Control: no-cache, no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK firefox.png
form.highactions.highco.be/images/ 337 KB
339 KB 71ms
36ms Image
image/png 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://form.highactions.highco.be/images/firefox.png

Requested by

Host: wd-cashback.ch
URL: https://wd-cashback.ch/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

befbba9a62193e1f706f556fc6c81ffcc618c632f2ed42374a650e7c1821301d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' portal.promolife.be promolife.matomo.cloud cdn.cookielaw.org www.highco-data.be .cookiefirst.com eu.api.fpjs.io tls-eun1.fpapi.io .highco.be esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud cdn.cookielaw.org www.googletagmanager.com .cookiebot.com .highco.be cdn.fpjs.io consent.cookiefirst.com unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com .highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: blob: data: http://www.highco-data.be; style-src 'unsafe-inline' 'self' www.highco-data.be consent.cookiefirst.com esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' .highco.be fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' consentcdn.cookiebot.com https://promolife.be/ https://www.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' portal.promolife.be promolife.matomo.cloud cdn.cookielaw.org www.highco-data.be *.cookiefirst.com eu.api.fpjs.io tls-eun1.fpapi.io *.highco.be esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud cdn.cookielaw.org www.googletagmanager.com *.cookiebot.com *.highco.be cdn.fpjs.io consent.cookiefirst.com unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: blob: data: http://www.highco-data.be; style-src 'unsafe-inline' 'self' www.highco-data.be consent.cookiefirst.com esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' *.highco.be fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' consentcdn.cookiebot.com https://promolife.be/ https://www.promolife.be/;
Connection: keep-alive
Content-Length: 345180
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 998c2b0506513172c5afa0b63a7748e0
Referrer-Policy: no-referrer
Last-Modified: Fri, 08 May 2020 03:47:35 GMT
Server: nginx
ETag: "5445c-5a51adb9103c0"
Content-Type: image/png
Cache-Control: no-cache, no-store
Accept-Ranges: bytes

GET
H2 200 jquery-1.12.4.min.js Show response
code.jquery.com/ 95 KB
33 KB 48ms
11ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4.min.js
Requested by: Host: wd-cashback.ch
URL: https://wd-cashback.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer
Origin: https://wd-cashback.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 10:57:27 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-17b8b"
vary: Accept-Encoding
x-hw: 1678013847.dop226.fr8.t,1678013847.cds343.fr8.hn,1678013847.cds167.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33738

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
11 KB 35ms
18ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: wd-cashback.ch
URL: https://wd-cashback.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://wd-cashback.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 10:57:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1029
age: 249376
cdn-cachedat: 01/02/2023 00:17:37
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"5869c96cc8f19086aee625d670d741f9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 75c3c7000a795d88851b23ae65b108a4
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 7a31d6946f2f368c-FRA
cdn-requestpullsuccess: True

GET
H/1.1 200
OK ha.min.js Show response
highactions.highco.be/js/ 1 KB
2 KB 63ms
19ms Script
application/javascript 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://highactions.highco.be/js/ha.min.js

Requested by

Host: wd-cashback.ch
URL: https://wd-cashback.ch/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

f6ae41614045742bd247c36bc6c98a80f1aece1fa74f177ec2dbe9b9412d3689

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

Referer
Origin: https://wd-cashback.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 503
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 0116c9b98e0bc34f2bf4f0a22f144120
Referrer-Policy: no-referrer
Last-Modified: Fri, 01 Oct 2021 14:39:49 GMT
Server: nginx
ETag: "43e-5cd4b890d5624-gzip"
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK all.min.css
portal.highco-data.be/font-awesome5/css/ 59 KB
12 KB 136ms
23ms Stylesheet
text/css 91.183.134.203
PROXIMUS-ISP-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.highco-data.be/font-awesome5/css/all.min.css
Requested by: Host: highactions.highco.be
URL: https://highactions.highco.be/api/actions/1321/css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.183.134.203 Hoboken, Belgium, ASN5432 (PROXIMUS-ISP-AS, BE),
Reverse DNS: 203.134-183-91.adsl-static.isp.belgacom.be
Software: Apache /
Resource Hash: d55e3385a8c2063d4b0f3a88c1acd01173f86009702067790613a08e55d7597f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:27 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03 Aug 2018 08:47:38 GMT
Server: Apache
ETag: "ecca-57283fad37e80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=1000
Content-Length: 12421

GET
H/1.1 200
OK js Show response
highactions.highco.be/api/actions/1321/ 18 B
3 KB 41ms
41ms XHR
application/json 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://highactions.highco.be/api/actions/1321/js

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

ce46e83a89f7529396ecd06192d6a3383389805bf60ef7e22ebb573f9bb07467

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

Accept: */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 38
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 1cd81dd167e2a5d33b75496520580136
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

GET
H/1.1 200
OK highaction.min.js Show response
highactions.highco.be/js/ 837 KB
194 KB 28ms
28ms Script
application/javascript 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://highactions.highco.be/js/highaction.min.js?_version=1678013848

Requested by

Host: highactions.highco.be
URL: https://highactions.highco.be/js/ha.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

0ee35b92c9a4cd4e03a437b7d2d3800bf8f5ec08d138759c41665580bb3e2c20

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 6fd0c5b770fca973b4697f09cae4c8b8
Referrer-Policy: no-referrer
Last-Modified: Thu, 20 Oct 2022 11:39:48 GMT
Server: nginx
ETag: "d1318-5eb75c8561ce4-gzip"
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Accept-Ranges: bytes

OPTIONS
H/1.1 204
No Content templates
highactions.highco.be/api/ 0
0 36ms
36ms Preflight
text/html 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://highactions.highco.be/api/templates?auth=&_token=&text=&fp=v1.e2f33cbe74ead473eecc2977876e617b&original_fp=v1.e2f33cbe74ead473eecc2977876e617b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-csrf-token
Access-Control-Request-Method: GET
Origin: https://wd-cashback.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Headers: x-csrf-token
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 0
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Content-Type: text/html; charset=UTF-8
Date: Sun, 05 Mar 2023 10:57:29 GMT
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Vary: Access-Control-Request-Method,Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Request-ID: 0bba654136d815e63449b03aa460c4fd
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK templates Show response
highactions.highco.be/api/ 34 KB
6 KB 60ms
59ms XHR
text/html 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://highactions.highco.be/api/templates?auth=&_token=&text=&fp=v1.e2f33cbe74ead473eecc2977876e617b&original_fp=v1.e2f33cbe74ead473eecc2977876e617b

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

f859694f9e2de1c8632f291aae0915322dc124c0f79d5e5b363e0c6122f3a379

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

Accept: */*
Referer
X-CSRF-TOKEN
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:29 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 3849
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 185cac6359b77cbd7f65101b96502136
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

GET
H2 200 autoaddress.min.css
api.autoaddress.ie/2.0/control/css/ 11 KB
11 KB 149ms
51ms Stylesheet
text/css 76.223.94.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.autoaddress.ie/2.0/control/css/autoaddress.min.css
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.4.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.94.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa96a005eba94bd17.awsglobalaccelerator.com
Software: awselb/2.0 /
Resource Hash: 0589d359b8dcdf0915db62c847f500a8ded9d98c87176ea82e6109bdb8c8069b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 10:57:29 GMT
last-modified: Tue, 01 Jan 1980 00:00:00 GMT
server: awselb/2.0
accept-ranges: bytes
etag: "1a8e79fe1d5ab6e"
content-length: 11118
content-type: text/css

GET
H/1.1 200
OK all.css
highactions.highco.be/css/ 149 KB
28 KB 24ms
23ms Stylesheet
text/css 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://highactions.highco.be/css/all.css

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

7d41db8bcd52dded60cc1b36ecde46ec5f39ab5abcc3c80519b1e12f6bd4f2f4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:29 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 27060
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 7e24f894ad6b83f26cc2a114178f63f1
Referrer-Policy: no-referrer
Last-Modified: Thu, 29 Jul 2021 15:13:35 GMT
Server: nginx
ETag: "2521c-5c8448bfffb92-gzip"
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-cache, no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK css
highactions.highco.be/api/actions/1321/ 54 KB
11 KB 73ms
47ms Stylesheet
text/css 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://highactions.highco.be/api/actions/1321/css

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

a39c089f19fb86bb3be99343746551fe441c481351eb5f86c54344969395319f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:29 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 8569
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 0f83e212b4d24a6ac5eaa6b8a0286371
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

GET
H/1.1 200
OK all.min.css
portal.highco-data.be/font-awesome5/css/ 59 KB
12 KB 22ms
22ms Stylesheet
text/css 91.183.134.203
PROXIMUS-ISP-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.highco-data.be/font-awesome5/css/all.min.css
Requested by: Host: highactions.highco.be
URL: https://highactions.highco.be/api/actions/1321/css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.183.134.203 Hoboken, Belgium, ASN5432 (PROXIMUS-ISP-AS, BE),
Reverse DNS: 203.134-183-91.adsl-static.isp.belgacom.be
Software: Apache /
Resource Hash: d55e3385a8c2063d4b0f3a88c1acd01173f86009702067790613a08e55d7597f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03 Aug 2018 08:47:38 GMT
Server: Apache
ETag: "ecca-57283fad37e80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=999
Content-Length: 12421

GET
H/1.1 200
OK lang Show response
highactions.highco.be/api/actions/1321/ 276 KB
26 KB 67ms
67ms XHR
application/json 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://highactions.highco.be/api/actions/1321/lang?auth=&_token=&text=&fp=v1.e2f33cbe74ead473eecc2977876e617b&original_fp=v1.e2f33cbe74ead473eecc2977876e617b

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

d426bebbaeccbed9b6bbdcde4820c41bd4413672cccaa162dc0b37f94ce01261

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

Accept: */*
Referer
X-CSRF-TOKEN
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:29 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 23519
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 6e814b712588937e523151f822bdc46a
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

OPTIONS
H/1.1 204
No Content lang
highactions.highco.be/api/actions/1321/ 0
0 35ms
35ms Preflight
text/html 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://highactions.highco.be/api/actions/1321/lang?auth=&_token=&text=&fp=v1.e2f33cbe74ead473eecc2977876e617b&original_fp=v1.e2f33cbe74ead473eecc2977876e617b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-csrf-token
Access-Control-Request-Method: GET
Origin: https://wd-cashback.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Headers: x-csrf-token
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 0
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Content-Type: text/html; charset=UTF-8
Date: Sun, 05 Mar 2023 10:57:29 GMT
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Vary: Access-Control-Request-Method,Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Request-ID: 85eff72fa02ffb5203d5a1d6c09ecd3f
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK 1321 Show response
highactions.highco.be/api/actions/ 58 KB
15 KB 842ms
841ms XHR
application/json 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://highactions.highco.be/api/actions/1321?fp=v1.e2f33cbe74ead473eecc2977876e617b&encrypted_personal_data=&mkey=&auth=&_token=&text=&original_fp=v1.e2f33cbe74ead473eecc2977876e617b

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

4ab069b5f4af16b092dd95ec4488e492a6e02352794f305536c8cb40240b8e3f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

Accept: */*
Referer
X-CSRF-TOKEN
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:30 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 12661
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 4a952778cf5d804b4986161eee72c522
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

OPTIONS
H/1.1 204
No Content 1321
highactions.highco.be/api/actions/ 0
0 36ms
35ms Preflight
text/html 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://highactions.highco.be/api/actions/1321?fp=v1.e2f33cbe74ead473eecc2977876e617b&encrypted_personal_data=&mkey=&auth=&_token=&text=&original_fp=v1.e2f33cbe74ead473eecc2977876e617b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-csrf-token
Access-Control-Request-Method: GET
Origin: https://wd-cashback.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Headers: x-csrf-token
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 0
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Content-Type: text/html; charset=UTF-8
Date: Sun, 05 Mar 2023 10:57:29 GMT
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Vary: Access-Control-Request-Method,Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Request-ID: 2216e0a4fd0baecf198f53a13b0bd735
X-XSS-Protection: 1;mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 47ms
14ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: highactions.highco.be
URL: https://highactions.highco.be/js/highaction.min.js?_version=1678013848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 05 Mar 2023 10:43:15 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 855
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 05 Mar 2023 12:43:15 GMT

GET
H2 200 matomo.js Show response
cdn.matomo.cloud/promolife.matomo.cloud/ 132 KB
39 KB 49ms
11ms Script
application/javascript 2600:9000:21f3:9600:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.matomo.cloud/promolife.matomo.cloud/matomo.js
Requested by: Host: wd-cashback.ch
URL: https://wd-cashback.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9600:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 77bfadab52b22b3e95be56a1a4c1c9cba0f921c393ebe790bc5f6ba126b78b14

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 06:40:39 GMT
x-amz-version-id: f_nG4jWu2fTkdVLGo1l.lJOG1jIqt06G
content-encoding: gzip
via: 1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 15412
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 19 Oct 2022 22:37:59 GMT
server: AmazonS3
etag: W/"00865cc0afbc5cff0aad9569c165b479"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-cf-id: UXqbomkPcimh-3ufSxkGrX9aTad9CiJHPu15C1BkUZUo1wnK_2NJgA==

GET
H/1.1 500
Internal Server Error ipinfos Show response
api.highco.be/api/ 4 KB
4 KB 193ms
79ms XHR
text/html 91.183.134.201
PROXIMUS-ISP-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.highco.be/api/ipinfos
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.4.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.183.134.201 Hoboken, Belgium, ASN5432 (PROXIMUS-ISP-AS, BE),
Reverse DNS: 201.134-183-91.adsl-static.isp.belgacom.be
Software: Apache /
Resource Hash: 4c27dbee00ac2aa90cf1f3bad168426b9eead912dac15040a6421d40f155fba6

Request headers

Accept: */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:30 GMT
Server: Apache
X-RateLimit-Remaining: 59
Vary: Origin
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://wd-cashback.ch
Cache-Control: no-cache, private
X-RateLimit-Limit: 60
Connection: close
Content-Length: 4159

GET
H/1.1 200
OK custom.js Show response
highactions.highco.be/api/actions/1321/ 25 KB
12 KB 41ms
41ms Script
text/javascript 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://highactions.highco.be/api/actions/1321/custom.js

Requested by

Host: highactions.highco.be
URL: https://highactions.highco.be/js/highaction.min.js?_version=1678013848

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

ad244f23c34cfd98cd45881d30cce3ba7111ee97da99f00066907a5082839d21

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:30 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 26569afde0a529270da8de874d166a57
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

OPTIONS
H/1.1 204
No Content pick
highactions.highco.be/api/actions/1321/fields/48768/ 0
0 37ms
37ms Preflight
text/html 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://highactions.highco.be/api/actions/1321/fields/48768/pick?auth=&pp_token=eyJpdiI6InM2Q3p5b0tORWQ5akJ2VHVDNjJMUGc9PSIsInZhbHVlIjoiREJjTWZBcmxCb1RXaUk3QnE3dk1WQ0FJcUNldE1sblJ4MzFqOTkwcU90cTc4R0ZRaEpEU1I5Q0dTOGV5cTlRQzdvMHp4ek5obVp4TlI0am1lMjhSZFVVREZYSTdMZ29xS1U2eHVMTGsxUUhkRTRpSTBwa3RBVE43QWs3bzZkWnBJc3dJMWFpUGxwK1hSOGpmZmd6aENObkFWNnpKS2wwV05mLzZjdHZDaXNhQWhTQzNZbXVMWVVON1VJM2VrYXhoIiwibWFjIjoiNTZiYjY1MzJhMzlmMDQxZjUzNjZlZjkwZDI4NzA4ZDBmYTg3MzVkMTk4N2JkYjVhMDA3Yzg0NjhhYmIyNTYwMSJ9&locale=de_CH&session=eyJpdiI6IkgxZzVvaTFWOFFKR0ZaQWp2QUdPRHc9PSIsInZhbHVlIjoiY1UwSTRHUXNmY1U4eUZJV1pCZHJaYkN0aGMvbEFLdGJ1cXpxNXVud2RuOWR6MWVwWWxTNGJOTEdyN3VUZUlxL1VPRktXdTY3Z0VqQ3JlV3QyZWxMemc9PSIsIm1hYyI6ImY1MjZiZjU0Mjc2YzFiMDEwMzMwYjM1ZDY1Nzg5NGVlNDcyNGZiMTgxMjZiYjYzOWIwYjBiZTRmMjI3YzlmNDkifQ%3D%3D&_token=yoibi3WzRxsbtPhKzF7EfWSidakgiUE3dPVpf7S7&text=&fp=eyJpdiI6ImE5L283U21kQm9URzF0L2hoc2JXd2c9PSIsInZhbHVlIjoiOE90dkttNFZvRFdiWmRBWXc1d3J0azJkVzhoTEgwMjZzN2ErVjJFeXY0YXphSHlGTG9SRkhjbE5DbjVCWFBWUFFpMDFrbXlXVEF6Mmx1Y20xRE9ZR1JkaWdPWGRPR0xFNFVSMTF0Q2JXcVdQMk82c0poYmFmUExFM2lreVJuU0YiLCJtYWMiOiI0NTkxMTYwZTFmYTE4NjZlNDM1Y2I3MTJiNDFmOWJmMjkyNjljZTlkYmZjMmRhYWI1ZWEwYmQ5YjgwN2E1YzQ0In0%3D&original_fp=v1.e2f33cbe74ead473eecc2977876e617b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-csrf-token
Access-Control-Request-Method: GET
Origin: https://wd-cashback.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Headers: x-csrf-token
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 0
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Content-Type: text/html; charset=UTF-8
Date: Sun, 05 Mar 2023 10:57:30 GMT
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Vary: Access-Control-Request-Method,Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Request-ID: 9b502abbb6e6ac80318ca0327b6b4d9d
X-XSS-Protection: 1;mode=block

OPTIONS
H/1.1 204
No Content consumers
highactions.highco.be/api/actions/1321/ 0
0 68ms
34ms Preflight
text/html 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://highactions.highco.be/api/actions/1321/consumers?auth=&pp_token=eyJpdiI6InM2Q3p5b0tORWQ5akJ2VHVDNjJMUGc9PSIsInZhbHVlIjoiREJjTWZBcmxCb1RXaUk3QnE3dk1WQ0FJcUNldE1sblJ4MzFqOTkwcU90cTc4R0ZRaEpEU1I5Q0dTOGV5cTlRQzdvMHp4ek5obVp4TlI0am1lMjhSZFVVREZYSTdMZ29xS1U2eHVMTGsxUUhkRTRpSTBwa3RBVE43QWs3bzZkWnBJc3dJMWFpUGxwK1hSOGpmZmd6aENObkFWNnpKS2wwV05mLzZjdHZDaXNhQWhTQzNZbXVMWVVON1VJM2VrYXhoIiwibWFjIjoiNTZiYjY1MzJhMzlmMDQxZjUzNjZlZjkwZDI4NzA4ZDBmYTg3MzVkMTk4N2JkYjVhMDA3Yzg0NjhhYmIyNTYwMSJ9&locale=de_CH&session=eyJpdiI6IkgxZzVvaTFWOFFKR0ZaQWp2QUdPRHc9PSIsInZhbHVlIjoiY1UwSTRHUXNmY1U4eUZJV1pCZHJaYkN0aGMvbEFLdGJ1cXpxNXVud2RuOWR6MWVwWWxTNGJOTEdyN3VUZUlxL1VPRktXdTY3Z0VqQ3JlV3QyZWxMemc9PSIsIm1hYyI6ImY1MjZiZjU0Mjc2YzFiMDEwMzMwYjM1ZDY1Nzg5NGVlNDcyNGZiMTgxMjZiYjYzOWIwYjBiZTRmMjI3YzlmNDkifQ%3D%3D&_token=yoibi3WzRxsbtPhKzF7EfWSidakgiUE3dPVpf7S7&text=&fp=eyJpdiI6ImE5L283U21kQm9URzF0L2hoc2JXd2c9PSIsInZhbHVlIjoiOE90dkttNFZvRFdiWmRBWXc1d3J0azJkVzhoTEgwMjZzN2ErVjJFeXY0YXphSHlGTG9SRkhjbE5DbjVCWFBWUFFpMDFrbXlXVEF6Mmx1Y20xRE9ZR1JkaWdPWGRPR0xFNFVSMTF0Q2JXcVdQMk82c0poYmFmUExFM2lreVJuU0YiLCJtYWMiOiI0NTkxMTYwZTFmYTE4NjZlNDM1Y2I3MTJiNDFmOWJmMjkyNjljZTlkYmZjMmRhYWI1ZWEwYmQ5YjgwN2E1YzQ0In0%3D&original_fp=v1.e2f33cbe74ead473eecc2977876e617b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-csrf-token
Access-Control-Request-Method: GET
Origin: https://wd-cashback.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Headers: x-csrf-token
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 0
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Content-Type: text/html; charset=UTF-8
Date: Sun, 05 Mar 2023 10:57:30 GMT
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Vary: Access-Control-Request-Method,Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Request-ID: 18379565d7f739d062dc3ced77734f44
X-XSS-Protection: 1;mode=block

OPTIONS
H/1.1 204
No Content pick
highactions.highco.be/api/actions/1321/fields/48768/ 0
0 68ms
35ms Preflight
text/html 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-csrf-token
Access-Control-Request-Method: GET
Origin: https://wd-cashback.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Headers: x-csrf-token
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 0
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Content-Type: text/html; charset=UTF-8
Date: Sun, 05 Mar 2023 10:57:30 GMT
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Vary: Access-Control-Request-Method,Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Request-ID: 418caee13094a3abbfaf990b330762d3
X-XSS-Protection: 1;mode=block

GET
H2 404 consent.js
consent.cookiefirst.com/sites/wd-cashback.ch-106922e3-328c-41c2-b02b-bac188b4c3fb/ 0
0 119ms
56ms Script
text/html 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/sites/wd-cashback.ch-106922e3-328c-41c2-b02b-bac188b4c3fb/consent.js
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.4.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H/1.1 200
OK fa-light-300.woff2
portal.highco-data.be/font-awesome5/webfonts/ 104 KB
104 KB 86ms
20ms Font
application/octet-stream 91.183.134.203
PROXIMUS-ISP-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.highco-data.be/font-awesome5/webfonts/fa-light-300.woff2
Requested by: Host: portal.highco-data.be
URL: https://portal.highco-data.be/font-awesome5/css/all.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.183.134.203 Hoboken, Belgium, ASN5432 (PROXIMUS-ISP-AS, BE),
Reverse DNS: 203.134-183-91.adsl-static.isp.belgacom.be
Software: Apache /
Resource Hash: 9e178abaada4c85b35e7d012f2d667beb22c83d6b4f42810efcf3731fd632979

Request headers

Referer: https://portal.highco-data.be/font-awesome5/css/all.min.css
Origin: https://wd-cashback.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:30 GMT
Last-Modified: Fri, 03 Aug 2018 08:47:39 GMT
Server: Apache
ETag: "1a080-57283fae2c0c0"
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=1000
Content-Length: 106624

GET
H/1.1 200
OK pick Show response
highactions.highco.be/api/actions/1321/fields/48768/ 75 B
3 KB 121ms
121ms XHR
application/json 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

3984a1401555a3993b695a4310c38be51123599346e0f7487277cd24da0b661e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

Accept: */*
Referer
X-CSRF-TOKEN: yoibi3WzRxsbtPhKzF7EfWSidakgiUE3dPVpf7S7
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:30 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 87
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 415f7bd9eaf7c66a86b6abf9f3708b6e
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

GET
H/1.1 200
OK connect.framework.js Show response
promolife.be/connect/ 27 KB
8 KB 155ms
20ms Script
application/javascript 185.2.52.98
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://promolife.be/connect/connect.framework.js

Requested by

Host: highactions.highco.be
URL: https://highactions.highco.be/js/highaction.min.js?_version=1678013848

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.2.52.98 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

web01.promolife.be

Software

Apache /

Resource Hash

844a600ab668cfcdefc6b8b9c206771d58bda7047f94a5d3e82e3510291ed0b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: promolife.matomo.cloud .cookiefirst.com .highco.be maps.googleapis.com ssl.google-analytics.com www.googletagmanager.com www.google-analytics.com stats.g.doubleclick.net; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.matomo.cloud ssl.google-analytics.com connect.facebook.net platform.twitter.com www.googletagmanager.com www.google-analytics.com .addthis.com static.addtoany.com consent.cookiefirst.com .gstatic.com .google.com .highco.be stats.g.doubleclick.net; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.cookiefirst.com fonts.googleapis.com cdn2.hubspot.net; img-src 'self' data: ssl.google-analytics.com www.googletagmanager.com www.google-analytics.com stats.g.doubleclick.net; font-src 'self' data: fonts.gstatic.com fonts.googleapis.com cdn2.hubspot.net; frame-src 'self' www.google.com player.vimeo.com static.addtoany.com; frame-ancestors 'self' https://highactions.highco.be/ https://www.weightwatchers.be https://www.entremont.be/ https://entremont.be/ https://uat.okay.eu https://www.okay.eu https://www.bolsiuspromo.be/ https://bru.be/ https://www.bru.be/;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Security-Policy: default-src 'self' data: promolife.matomo.cloud *.cookiefirst.com *.highco.be maps.googleapis.com ssl.google-analytics.com www.googletagmanager.com www.google-analytics.com stats.g.doubleclick.net; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.matomo.cloud ssl.google-analytics.com connect.facebook.net platform.twitter.com www.googletagmanager.com www.google-analytics.com *.addthis.com static.addtoany.com consent.cookiefirst.com *.gstatic.com *.google.com *.highco.be stats.g.doubleclick.net; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.cookiefirst.com fonts.googleapis.com cdn2.hubspot.net; img-src 'self' data: ssl.google-analytics.com www.googletagmanager.com www.google-analytics.com stats.g.doubleclick.net; font-src 'self' data: fonts.gstatic.com fonts.googleapis.com cdn2.hubspot.net; frame-src 'self' www.google.com player.vimeo.com static.addtoany.com; frame-ancestors 'self' https://highactions.highco.be/ https://www.weightwatchers.be https://www.entremont.be/ https://entremont.be/ https://uat.okay.eu https://www.okay.eu https://www.bolsiuspromo.be/ https://bru.be/ https://www.bru.be/;
Connection: Keep-Alive
Content-Length: 6130
X-XSS-Protection: 1;mode=block
Referrer-Policy: no-referrer
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: sameorigin
Access-Control-Allow-Methods: POST, GET
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: max-age=43200, public
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Keep-Alive: timeout=15, max=100
Expires: Sun, 05 Mar 2023 10:57:31 GMT

GET
H/1.1 403
Forbidden consumers Show response
highactions.highco.be/api/actions/1321/ 1 KB
3 KB 88ms
86ms XHR
text/html 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

699ed0b6b04ef1a2b410c9b7e30bb4cedc855c4b00fdc3927b0c727ea4de40c6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

Accept: */*
Referer
X-CSRF-TOKEN: yoibi3WzRxsbtPhKzF7EfWSidakgiUE3dPVpf7S7
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:30 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

GET
H/1.1 200
OK pick Show response
highactions.highco.be/api/actions/1321/fields/48768/ 75 B
3 KB 92ms
81ms XHR
application/json 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

3984a1401555a3993b695a4310c38be51123599346e0f7487277cd24da0b661e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

Accept: */*
Referer
X-CSRF-TOKEN: yoibi3WzRxsbtPhKzF7EfWSidakgiUE3dPVpf7S7
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:30 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 87
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: af0f6e0746381235e5ce465d7cc09de9
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

GET
H/1.1 200
OK pick Show response
highactions.highco.be/api/actions/1321/fields/48768/ 75 B
3 KB 73ms
72ms XHR
application/json 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

3984a1401555a3993b695a4310c38be51123599346e0f7487277cd24da0b661e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

Accept: */*
Referer
X-CSRF-TOKEN: yoibi3WzRxsbtPhKzF7EfWSidakgiUE3dPVpf7S7
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:30 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 87
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 07fe600aff48d1880efa321654650ff1
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

GET
H/1.1 200
OK eyJpdiI6IjE5RUw0dWtYSnhOcmlMUzlvVlJCQ2c9PSIsInZhbHVlIjoidlNneTRzemY3ckx5djh5R08xeGYxdz09IiwibWFjIjoiNjY5NTM2ZDQ0NDczZWIzMmFhMWRjZDdjMzA0OWZmNzk3NDRkNDA4MmZmZWZkMDUxNTk1NDJkZTFiNzM2NDAwZCJ9
highactions.highco.be/actions/1321/forms/1321/files/ 5 KB
7 KB 77ms
75ms Image
image/png 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highactions.highco.be/actions/1321/forms/1321/files/eyJpdiI6IjE5RUw0dWtYSnhOcmlMUzlvVlJCQ2c9PSIsInZhbHVlIjoidlNneTRzemY3ckx5djh5R08xeGYxdz09IiwibWFjIjoiNjY5NTM2ZDQ0NDczZWIzMmFhMWRjZDdjMzA0OWZmNzk3NDRkNDA4MmZmZWZkMDUxNTk1NDJkZTFiNzM2NDAwZCJ9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

29d4fea924758d3bd27dc78ecc53b55f4695a3ebb4927cf683b04e9c3a49b61e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:30 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 83e895da6df7a2f428ed9a42b47d974b
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

GET
H/1.1 200
OK eyJpdiI6IjlyTUNXMFRZbFBob05HSEUxdjJqaVE9PSIsInZhbHVlIjoibHRiNEppSG5RRmZZbEhkMVBiZGwvdz09IiwibWFjIjoiNDdhMjBhNGNkNTc1MThiODNjNGRiZTAzZjUwZmFiMjNlMzU0OGIxY2QwMDFiZmJmMTcwMDU3ZTNkYWMxNzYwZCJ9
highactions.highco.be/actions/1321/forms/1321/files/ 194 KB
197 KB 75ms
74ms Image
image/jpeg 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highactions.highco.be/actions/1321/forms/1321/files/eyJpdiI6IjlyTUNXMFRZbFBob05HSEUxdjJqaVE9PSIsInZhbHVlIjoibHRiNEppSG5RRmZZbEhkMVBiZGwvdz09IiwibWFjIjoiNDdhMjBhNGNkNTc1MThiODNjNGRiZTAzZjUwZmFiMjNlMzU0OGIxY2QwMDFiZmJmMTcwMDU3ZTNkYWMxNzYwZCJ9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

9b62796ba711f0f34ab70ac02cdd8ac60383be8de04520f52e2fd1aff7fb1d46

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:30 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: de882cbb114a533d0d07fce9482f6373
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

GET
H/1.1 200
OK eyJpdiI6Ijd4L21TbnV5RHU4Mm8vNTludjF6R0E9PSIsInZhbHVlIjoic3hFb1NLVG53dG1VdVdVVjBDb1h4Zz09IiwibWFjIjoiMGFiOWNhMzUzNThlNWRmMTU0NzIwNWY5ZTA2MDc2N2U2MTgzM2E3ODQ3ODYzZjAxYzFjNDdmZDVmMjgzMzAyNyJ9
highactions.highco.be/actions/1321/forms/1321/files/ 72 KB
74 KB 52ms
52ms Image
image/jpeg 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highactions.highco.be/actions/1321/forms/1321/files/eyJpdiI6Ijd4L21TbnV5RHU4Mm8vNTludjF6R0E9PSIsInZhbHVlIjoic3hFb1NLVG53dG1VdVdVVjBDb1h4Zz09IiwibWFjIjoiMGFiOWNhMzUzNThlNWRmMTU0NzIwNWY5ZTA2MDc2N2U2MTgzM2E3ODQ3ODYzZjAxYzFjNDdmZDVmMjgzMzAyNyJ9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

276a762c4154253554174aa2acdb8f9287729c55a2b247a0da04fb92ddf71f74

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:30 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 0e2298434d99ac26dfb5a55a99e5f17a
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

GET
H/1.1 200
OK eyJpdiI6Ik0weEs0SENHVVc0N2xhUnMzOGlHb1E9PSIsInZhbHVlIjoibW5lSGsxUXVQOU8wVUtsSDZvSUEydz09IiwibWFjIjoiNGZjZDlhODZkYWFiODAyZTFlNGM5NGM2NTU4YmU3ZWQzYzhiNzA0N2VjNGQ3NmE0NTViMjdiNDQxZTEwYTY0YyJ9
highactions.highco.be/actions/1321/forms/1321/files/ 58 KB
61 KB 143ms
104ms Image
image/png 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highactions.highco.be/actions/1321/forms/1321/files/eyJpdiI6Ik0weEs0SENHVVc0N2xhUnMzOGlHb1E9PSIsInZhbHVlIjoibW5lSGsxUXVQOU8wVUtsSDZvSUEydz09IiwibWFjIjoiNGZjZDlhODZkYWFiODAyZTFlNGM5NGM2NTU4YmU3ZWQzYzhiNzA0N2VjNGQ3NmE0NTViMjdiNDQxZTEwYTY0YyJ9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

79c311dc8b7ce60b4bda3bccbdae55ae748bf4e2027fc1bab77e7cdbd4f4e37d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:30 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 59ea33cd7169e697e618ec0b9748e448
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

OPTIONS
H/1.1 204
No Content pick
highactions.highco.be/api/actions/1321/fields/48768/ 0
0 79ms
50ms Preflight
text/html 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-csrf-token
Access-Control-Request-Method: GET
Origin: https://wd-cashback.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Headers: x-csrf-token
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 0
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Content-Type: text/html; charset=UTF-8
Date: Sun, 05 Mar 2023 10:57:30 GMT
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Vary: Access-Control-Request-Method,Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Request-ID: ee8faa847c47ef93a3b7cb2a312bd7b4
X-XSS-Protection: 1;mode=block

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 18ms
18ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=544949904&t=pageview&_s=1&dl=https%3A%2F%2Fwd-cashback.ch%2F&dp=%2F17482%2Fafter-action&ul=en-us&de=UTF-8&dt=Western%20Digital&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1864485445&gjid=1359612476&cid=164733156.1678013851&tid=UA-93461950-17&_gid=1642843398.1678013851&_r=1&_slc=1&z=1659899048

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 10:57:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wd-cashback.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 matomo.php
promolife.matomo.cloud/ 0
168 B 130ms
92ms Ping
text/plain 18.195.235.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://promolife.matomo.cloud/matomo.php?action_name=Western%20Digital&idsite=5&rec=1&r=673732&h=10&m=57&s=30&url=https%3A%2F%2Fwd-cashback.ch%2F&_id=772693b396ad3288&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=uQogAu&fa_pv=1&fa_fp[1][fa_vid]=M8Eqkj&fa_fp[1][fa_id]=consumer-reset-password-form&fa_fp[1][fa_fv]=1&fa_fp[2][fa_vid]=1G0LO7&fa_fp[2][fa_id]=consumer-renew-password-form&fa_fp[2][fa_fv]=1&fa_fp[4][fa_vid]=pVUwBC&fa_fp[4][fa_id]=page-protected-login-form&fa_fp[4][fa_fv]=1&pf_net=52&pf_srv=114&pf_tfr=1&pf_dm1=321&pf_dm2=245&pf_onl=0&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/promolife.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.235.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-235-189.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://wd-cashback.ch
date: Sun, 05 Mar 2023 10:57:30 GMT
access-control-allow-credentials: true
server: Apache
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

POST collect
stats.g.doubleclick.net/j/ 0
0

OPTIONS
H/1.1 204
No Content new
highactions.highco.be/api/actions/1321/pending_participations/ 0
0 36ms
35ms Preflight
text/html 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://highactions.highco.be/api/actions/1321/pending_participations/new?auth=&pp_token=eyJpdiI6InM2Q3p5b0tORWQ5akJ2VHVDNjJMUGc9PSIsInZhbHVlIjoiREJjTWZBcmxCb1RXaUk3QnE3dk1WQ0FJcUNldE1sblJ4MzFqOTkwcU90cTc4R0ZRaEpEU1I5Q0dTOGV5cTlRQzdvMHp4ek5obVp4TlI0am1lMjhSZFVVREZYSTdMZ29xS1U2eHVMTGsxUUhkRTRpSTBwa3RBVE43QWs3bzZkWnBJc3dJMWFpUGxwK1hSOGpmZmd6aENObkFWNnpKS2wwV05mLzZjdHZDaXNhQWhTQzNZbXVMWVVON1VJM2VrYXhoIiwibWFjIjoiNTZiYjY1MzJhMzlmMDQxZjUzNjZlZjkwZDI4NzA4ZDBmYTg3MzVkMTk4N2JkYjVhMDA3Yzg0NjhhYmIyNTYwMSJ9&locale=de_CH&session=eyJpdiI6IkgxZzVvaTFWOFFKR0ZaQWp2QUdPRHc9PSIsInZhbHVlIjoiY1UwSTRHUXNmY1U4eUZJV1pCZHJaYkN0aGMvbEFLdGJ1cXpxNXVud2RuOWR6MWVwWWxTNGJOTEdyN3VUZUlxL1VPRktXdTY3Z0VqQ3JlV3QyZWxMemc9PSIsIm1hYyI6ImY1MjZiZjU0Mjc2YzFiMDEwMzMwYjM1ZDY1Nzg5NGVlNDcyNGZiMTgxMjZiYjYzOWIwYjBiZTRmMjI3YzlmNDkifQ%3D%3D&_token=yoibi3WzRxsbtPhKzF7EfWSidakgiUE3dPVpf7S7&text=&fp=eyJpdiI6ImE5L283U21kQm9URzF0L2hoc2JXd2c9PSIsInZhbHVlIjoiOE90dkttNFZvRFdiWmRBWXc1d3J0azJkVzhoTEgwMjZzN2ErVjJFeXY0YXphSHlGTG9SRkhjbE5DbjVCWFBWUFFpMDFrbXlXVEF6Mmx1Y20xRE9ZR1JkaWdPWGRPR0xFNFVSMTF0Q2JXcVdQMk82c0poYmFmUExFM2lreVJuU0YiLCJtYWMiOiI0NTkxMTYwZTFmYTE4NjZlNDM1Y2I3MTJiNDFmOWJmMjkyNjljZTlkYmZjMmRhYWI1ZWEwYmQ5YjgwN2E1YzQ0In0%3D&original_fp=v1.e2f33cbe74ead473eecc2977876e617b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-csrf-token
Access-Control-Request-Method: GET
Origin: https://wd-cashback.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Headers: x-csrf-token
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 0
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Content-Type: text/html; charset=UTF-8
Date: Sun, 05 Mar 2023 10:57:30 GMT
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Vary: Access-Control-Request-Method,Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Request-ID: dd5571b4ad5beaa9092a3964668c00a5
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK new Show response
highactions.highco.be/api/actions/1321/pending_participations/ 427 B
3 KB 48ms
48ms XHR
application/json 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

0c19fe9ce7810dd8640764c7a94489e7d9435a46e453653c308685ce1ad023c8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

Accept: */*
Referer
X-CSRF-TOKEN: yoibi3WzRxsbtPhKzF7EfWSidakgiUE3dPVpf7S7
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:30 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 364
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 99d0379fa4138caaf5d49b333bacf7a1
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: highactions.highco.be
URL: https://highactions.highco.be/js/highaction.min.js?_version=1678013848

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

29d4fea924758d3bd27dc78ecc53b55f4695a3ebb4927cf683b04e9c3a49b61e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 3b094b87ec637f606a34fdfac7b44229
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: highactions.highco.be
URL: https://highactions.highco.be/js/highaction.min.js?_version=1678013848

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

79c311dc8b7ce60b4bda3bccbdae55ae748bf4e2027fc1bab77e7cdbd4f4e37d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: ae0772f77bc9aae658d7bc5f1346e7ee
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: highactions.highco.be
URL: https://highactions.highco.be/js/highaction.min.js?_version=1678013848

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

9b62796ba711f0f34ab70ac02cdd8ac60383be8de04520f52e2fd1aff7fb1d46

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 735b6ae65690da170cce6e661589df86
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: highactions.highco.be
URL: https://highactions.highco.be/js/highaction.min.js?_version=1678013848

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

276a762c4154253554174aa2acdb8f9287729c55a2b247a0da04fb92ddf71f74

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: d7f8410f937fc0104cb9287f102b8d53
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

GET
H/1.1 200
OK eyJpdiI6ImN3UTJxb2s0cDlyK1RSQXQ0czV1eVE9PSIsInZhbHVlIjoiZ0JmQ0J3bkVkL0xyb3RhNDhveUkvZz09IiwibWFjIjoiMzVmZDIxYTcxNDMyYjNmNTEyZmMzMzA4NTY4ZjQwMDRhNDUyNDI0YzM0YjA4OGUwYzVjYWMwOTYxZmE2ZDczYiJ9
highactions.highco.be/actions/1321/forms/1321/files/ 3 KB
6 KB 96ms
59ms Image
image/png 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highactions.highco.be/actions/1321/forms/1321/files/eyJpdiI6ImN3UTJxb2s0cDlyK1RSQXQ0czV1eVE9PSIsInZhbHVlIjoiZ0JmQ0J3bkVkL0xyb3RhNDhveUkvZz09IiwibWFjIjoiMzVmZDIxYTcxNDMyYjNmNTEyZmMzMzA4NTY4ZjQwMDRhNDUyNDI0YzM0YjA4OGUwYzVjYWMwOTYxZmE2ZDczYiJ9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

19ac66b45f25d355469bc33d3ca96190c1dec6f293d9de2e9a7231358b8b72a4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 574bd5ecc626b38fe9896f5dd8f600a3
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

GET
H/1.1 200
OK eyJpdiI6IlhOYVErTUdYbytwOUV1Vk5vK1pmL0E9PSIsInZhbHVlIjoiYmEvUHFVUm1wc3c4czRFdUdmWVhrQT09IiwibWFjIjoiOWE1ZjU4ZDU4YWM0MWE1N2QxZTU1YmZmODUxMTBiYjg0NzcxZGQ1NTBhZWY4MGY3OGEyNDM4ZWQ3ZmNjMTcxNSJ9
highactions.highco.be/actions/1321/forms/1321/files/ 3 KB
6 KB 100ms
60ms Image
image/png 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highactions.highco.be/actions/1321/forms/1321/files/eyJpdiI6IlhOYVErTUdYbytwOUV1Vk5vK1pmL0E9PSIsInZhbHVlIjoiYmEvUHFVUm1wc3c4czRFdUdmWVhrQT09IiwibWFjIjoiOWE1ZjU4ZDU4YWM0MWE1N2QxZTU1YmZmODUxMTBiYjg0NzcxZGQ1NTBhZWY4MGY3OGEyNDM4ZWQ3ZmNjMTcxNSJ9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

e7dce74d8bb8263c5479ba3014fe5f322e33dd03c4500007f96fb6760fde966d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 09414f159a918cde23e348ef6955e2f2
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

GET
H/1.1 200
OK eyJpdiI6IjB4d3B5NUZYZWpmMFRnOFh2MXdSMlE9PSIsInZhbHVlIjoianR5YWtXN0RaK1g3bGxQU3JHTGpWQT09IiwibWFjIjoiZTkyYzg5N2Q4Y2M3NjY0NmZlZDNmOWY1MGI5YjQxOGM5MTRlMGE3MjBmNjllNWNhMDI2ZTgxYzU5MWY4MTJiMSJ9
highactions.highco.be/actions/1321/forms/1321/files/ 10 KB
13 KB 52ms
51ms Image
image/png 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highactions.highco.be/actions/1321/forms/1321/files/eyJpdiI6IjB4d3B5NUZYZWpmMFRnOFh2MXdSMlE9PSIsInZhbHVlIjoianR5YWtXN0RaK1g3bGxQU3JHTGpWQT09IiwibWFjIjoiZTkyYzg5N2Q4Y2M3NjY0NmZlZDNmOWY1MGI5YjQxOGM5MTRlMGE3MjBmNjllNWNhMDI2ZTgxYzU5MWY4MTJiMSJ9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

4fda4219c829bbe80280ddd287e4bdc3d748cd609caaed52016f9377537a504b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 8d27a4e4b0f48a7714cc5412e1dc475d
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

GET
H/1.1 200
OK eyJpdiI6InpEcmlsazFRQ2w2cDBscTY3NUNwQ3c9PSIsInZhbHVlIjoiMnpoeDl5aEZFQmF1c1c4TUN5UnJUQT09IiwibWFjIjoiY2QzMjVmZjZkYzEyMjU3NmJkN2U5NDliZGE1MGY4MjJlODgzZWJhOTUyYTQ4MTg1MmMwZTI2NWZlMmIzZTVkMSJ9
highactions.highco.be/actions/1321/forms/1321/files/ 5 KB
7 KB 54ms
53ms Image
image/png 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highactions.highco.be/actions/1321/forms/1321/files/eyJpdiI6InpEcmlsazFRQ2w2cDBscTY3NUNwQ3c9PSIsInZhbHVlIjoiMnpoeDl5aEZFQmF1c1c4TUN5UnJUQT09IiwibWFjIjoiY2QzMjVmZjZkYzEyMjU3NmJkN2U5NDliZGE1MGY4MjJlODgzZWJhOTUyYTQ4MTg1MmMwZTI2NWZlMmIzZTVkMSJ9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

29d4fea924758d3bd27dc78ecc53b55f4695a3ebb4927cf683b04e9c3a49b61e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 4b5054a168dc8fa8f65ba397e3a07550
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

GET
H/1.1 200
OK eyJpdiI6IkpqT01Jd1duc082eEptb0ZLNmRVcWc9PSIsInZhbHVlIjoiTy9QeWR2T0RiOUYydS95bDZtYm5VZz09IiwibWFjIjoiY2I4MWEwNzU3ODk3ZmJmYzRkZWVlMzcyNjFiOTNlZTU1MzYzNmU2YmE2ODBmNTgzZGE3MTc2NGEzMzFlMmEyMSJ9
highactions.highco.be/actions/1321/forms/1321/files/ 194 KB
196 KB 48ms
48ms Image
image/jpeg 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highactions.highco.be/actions/1321/forms/1321/files/eyJpdiI6IkpqT01Jd1duc082eEptb0ZLNmRVcWc9PSIsInZhbHVlIjoiTy9QeWR2T0RiOUYydS95bDZtYm5VZz09IiwibWFjIjoiY2I4MWEwNzU3ODk3ZmJmYzRkZWVlMzcyNjFiOTNlZTU1MzYzNmU2YmE2ODBmNTgzZGE3MTc2NGEzMzFlMmEyMSJ9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

5fda57787e0d47f6005a42623fdb683609680256753c76467f859b16f22216a1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 64f32f7eac64c70ca933ca453ed32bd0
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

GET
H/1.1 200
OK eyJpdiI6Ik9INmJyVGtua2JxN1NRMDRQbCtlS2c9PSIsInZhbHVlIjoiY3FHVG1VUzdxSGNHRDcxNHFvb2MyUT09IiwibWFjIjoiZjY1MDE4YjBiNTdkYWQ4ZGQ1NTE0YmJkYWJmYTA5MDI5YzUxMDA1MjVjN2FmM2UwZDYzZmZiYzIzZmE4OGJmNiJ9
highactions.highco.be/actions/1321/forms/1321/files/ 72 KB
74 KB 67ms
66ms Image
image/jpeg 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highactions.highco.be/actions/1321/forms/1321/files/eyJpdiI6Ik9INmJyVGtua2JxN1NRMDRQbCtlS2c9PSIsInZhbHVlIjoiY3FHVG1VUzdxSGNHRDcxNHFvb2MyUT09IiwibWFjIjoiZjY1MDE4YjBiNTdkYWQ4ZGQ1NTE0YmJkYWJmYTA5MDI5YzUxMDA1MjVjN2FmM2UwZDYzZmZiYzIzZmE4OGJmNiJ9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

b98dc5d67401b6555a461d153130232c63ff3a830fe7f76eb2de606c3c687e6f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 7dc38ce50fb5e5a78adba806a68a4500
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

GET
H/1.1 200
OK eyJpdiI6IitabEZ3WnNCTUUrSThUeUd3UUtTVEE9PSIsInZhbHVlIjoiS1ROa3ZUNFlDUTYzK093RStMYmNjQT09IiwibWFjIjoiZGNiZTAxNjQ3MzNmOTA5ZWE5YmE1OTU1NWZjNDAzZjRmZjA2ZGNmODVjYzY5Mjc3YTY4NWIxMGJiYTg5MzJjNiJ9
highactions.highco.be/actions/1321/forms/1321/files/ 6 MB
6 MB 91ms
91ms Image
image/gif 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highactions.highco.be/actions/1321/forms/1321/files/eyJpdiI6IitabEZ3WnNCTUUrSThUeUd3UUtTVEE9PSIsInZhbHVlIjoiS1ROa3ZUNFlDUTYzK093RStMYmNjQT09IiwibWFjIjoiZGNiZTAxNjQ3MzNmOTA5ZWE5YmE1OTU1NWZjNDAzZjRmZjA2ZGNmODVjYzY5Mjc3YTY4NWIxMGJiYTg5MzJjNiJ9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

eb26bf3e4607ee95e28998d3f50a55e6db919a7047b55d13c9c90df394accfee

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 7da0f6433a00bba67f142d3d9979cfe7
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

GET
H/1.1 200
OK eyJpdiI6IkhnN3pCK1Nsek15Wll4SCs0OHNvOGc9PSIsInZhbHVlIjoiclVJSHlaR3p2OTFtSis4SXRaQ29wUT09IiwibWFjIjoiMjljNmNkZDU1OGE2ZTJkZTQ0OTU5MjE4NDIyMGM5YjVmNWNmNDJjYmViMWNlNzI2OThiNjMxODllMWYyODM4YyJ9
highactions.highco.be/actions/1321/forms/1321/files/ 6 MB
6 MB 59ms
57ms Image
image/gif 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highactions.highco.be/actions/1321/forms/1321/files/eyJpdiI6IkhnN3pCK1Nsek15Wll4SCs0OHNvOGc9PSIsInZhbHVlIjoiclVJSHlaR3p2OTFtSis4SXRaQ29wUT09IiwibWFjIjoiMjljNmNkZDU1OGE2ZTJkZTQ0OTU5MjE4NDIyMGM5YjVmNWNmNDJjYmViMWNlNzI2OThiNjMxODllMWYyODM4YyJ9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

c652c72df4df859a239ae6558471c4d19e2bd3f625c8587fc598c4dbc2ecaea5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 613f17ee92d3c14222b2d7d4063815ec
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

GET
H/1.1 200
OK eyJpdiI6InZJRElyVDBUVTRib0dqUW9KMjVYQ1E9PSIsInZhbHVlIjoid1hNY0xRV1J1V0l4SDhUdkY4SnphQT09IiwibWFjIjoiZmEwNDQ0NzNhYjJiZTQwNjUzYWIwYWVhN2IzNDQ0YTQzZTMxNDU5MGM2NTU1OGRmNjdmODM1NGM3OTE2ODQ2NyJ9
highactions.highco.be/actions/1321/forms/1321/files/ 2 MB
2 MB 72ms
72ms Image
image/gif 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highactions.highco.be/actions/1321/forms/1321/files/eyJpdiI6InZJRElyVDBUVTRib0dqUW9KMjVYQ1E9PSIsInZhbHVlIjoid1hNY0xRV1J1V0l4SDhUdkY4SnphQT09IiwibWFjIjoiZmEwNDQ0NzNhYjJiZTQwNjUzYWIwYWVhN2IzNDQ0YTQzZTMxNDU5MGM2NTU1OGRmNjdmODM1NGM3OTE2ODQ2NyJ9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

2f5a8d852deb59869ad8ed77cb1411df9cd0b8e85cf3589cc30f942fbfe79d8d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 2db273ebdfa34d685ef4af9967050269
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

GET
H/1.1 200
OK eyJpdiI6IjF1STFqd1MvKy9Ybmh3ZmZnR3NqT0E9PSIsInZhbHVlIjoiS2RRZGdUUFZaVitTK2JPbjdscktEZz09IiwibWFjIjoiOTJiMjlkYjc2ZTU5ODUwYjc2Mjc0Mjg2MjQ0NWQwOTEzMjM1M2VhMTdlMDJmOTQ2Yzk5OTc5YjVkMzcxNTMzNyJ9
highactions.highco.be/actions/1321/forms/1321/files/ 2 MB
2 MB 62ms
62ms Image
image/gif 185.2.54.216
COMBELL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highactions.highco.be/actions/1321/forms/1321/files/eyJpdiI6IjF1STFqd1MvKy9Ybmh3ZmZnR3NqT0E9PSIsInZhbHVlIjoiS2RRZGdUUFZaVitTK2JPbjdscktEZz09IiwibWFjIjoiOTJiMjlkYjc2ZTU5ODUwYjc2Mjc0Mjg2MjQ0NWQwOTEzMjM1M2VhMTdlMDJmOTQ2Yzk5OTc5YjVkMzcxNTMzNyJ9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.2.54.216 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

Highactions.highco.be

Software

nginx /

Resource Hash

a3e1f0a5fe1699065eecf13356e2165c13cef22ff0d1f33a9bbf39940d90eec4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 10:57:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' promolife.matomo.cloud esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be portal.promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com *.highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: data:; style-src 'unsafe-inline' 'self' esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' https://promolife.be/ https://www.promolife.be https://portal.promolife.be/;
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1;mode=block
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
X-Request-ID: 5c829e470d88cc8b7423dc9a0bf3b161
pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: sameorigin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
expires: -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.fpjs.io
URL: https://cdn.fpjs.io/@2/fp.js

Domain: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-93461950-17&cid=164733156.1678013851&jid=1864485445&gjid=1359612476&_gid=1642843398.1678013851&_u=YEBAAEAAAAAAACAAI~&z=1571585734

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wd-cashback.ch/	1970-01-20 19:42:53	Name: _ga Value: GA1.2.164733156.1678013851
.wd-cashback.ch/	1970-01-20 10:08:20	Name: _gid Value: GA1.2.1642843398.1678013851
.wd-cashback.ch/	1970-01-20 10:06:53	Name: _gat_tracker0 Value: 1
wd-cashback.ch/	1970-01-20 19:32:49	Name: _pk_id.5.bb8a Value: 772693b396ad3288.1678013851.
wd-cashback.ch/	1970-01-20 10:06:55	Name: _pk_ses.5.bb8a Value: 1

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.fpjs.io/@2/fp.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	error	URL: https://www.google-analytics.com/analytics.js(Line 33) Message: Refused to connect to 'https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-93461950-17&cid=164733156.1678013851&jid=1864485445&gjid=1359612476&_gid=1642843398.1678013851&_u=YEBAAEAAAAAAACAAI~&z=1571585734' because it violates the following Content Security Policy directive: "default-src 'self' portal.promolife.be promolife.matomo.cloud cdn.cookielaw.org www.highco-data.be .cookiefirst.com eu.api.fpjs.io tls-eun1.fpapi.io .highco.be esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
network	error	URL: https://consent.cookiefirst.com/sites/wd-cashback.ch-106922e3-328c-41c2-b02b-bac188b4c3fb/consent.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api.highco.be/api/ipinfos Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network	error	URL: https://highactions.highco.be/api/actions/1321/consumers?auth=&pp_token=eyJpdiI6InM2Q3p5b0tORWQ5akJ2VHVDNjJMUGc9PSIsInZhbHVlIjoiREJjTWZBcmxCb1RXaUk3QnE3dk1WQ0FJcUNldE1sblJ4MzFqOTkwcU90cTc4R0ZRaEpEU1I5Q0dTOGV5cTlRQzdvMHp4ek5obVp4TlI0am1lMjhSZFVVREZYSTdMZ29xS1U2eHVMTGsxUUhkRTRpSTBwa3RBVE43QWs3bzZkWnBJc3dJMWFpUGxwK1hSOGpmZmd6aENObkFWNnpKS2wwV05mLzZjdHZDaXNhQWhTQzNZbXVMWVVON1VJM2VrYXhoIiwibWFjIjoiNTZiYjY1MzJhMzlmMDQxZjUzNjZlZjkwZDI4NzA4ZDBmYTg3MzVkMTk4N2JkYjVhMDA3Yzg0NjhhYmIyNTYwMSJ9&locale=de_CH&session=eyJpdiI6IkgxZzVvaTFWOFFKR0ZaQWp2QUdPRHc9PSIsInZhbHVlIjoiY1UwSTRHUXNmY1U4eUZJV1pCZHJaYkN0aGMvbEFLdGJ1cXpxNXVud2RuOWR6MWVwWWxTNGJOTEdyN3VUZUlxL1VPRktXdTY3Z0VqQ3JlV3QyZWxMemc9PSIsIm1hYyI6ImY1MjZiZjU0Mjc2YzFiMDEwMzMwYjM1ZDY1Nzg5NGVlNDcyNGZiMTgxMjZiYjYzOWIwYjBiZTRmMjI3YzlmNDkifQ%3D%3D&_token=yoibi3WzRxsbtPhKzF7EfWSidakgiUE3dPVpf7S7&text=&fp=eyJpdiI6ImE5L283U21kQm9URzF0L2hoc2JXd2c9PSIsInZhbHVlIjoiOE90dkttNFZvRFdiWmRBWXc1d3J0azJkVzhoTEgwMjZzN2ErVjJFeXY0YXphSHlGTG9SRkhjbE5DbjVCWFBWUFFpMDFrbXlXVEF6Mmx1Y20xRE9ZR1JkaWdPWGRPR0xFNFVSMTF0Q2JXcVdQMk82c0poYmFmUExFM2lreVJuU0YiLCJtYWMiOiI0NTkxMTYwZTFmYTE4NjZlNDM1Y2I3MTJiNDFmOWJmMjkyNjljZTlkYmZjMmRhYWI1ZWEwYmQ5YjgwN2E1YzQ0In0%3D&original_fp=v1.e2f33cbe74ead473eecc2977876e617b Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' portal.promolife.be promolife.matomo.cloud cdn.cookielaw.org www.highco-data.be .cookiefirst.com eu.api.fpjs.io tls-eun1.fpapi.io .highco.be esironal.github.io www.googleapis.com api.highco.be cdn.datatables.net www.google-analytics.com doubleclick.net promolife.be graph.facebook.com api.twitter.com www.linkedin.com accounts.google.com; script-src 'self' 'unsafe-inline' cdn.matomo.cloud cdn.cookielaw.org www.googletagmanager.com .cookiebot.com .highco.be cdn.fpjs.io consent.cookiefirst.com unpkg.com cdnjs.cloudflare.com code.jquery.com stackpath.bootstrapcdn.com .highco.be ajax.googleapis.com cdn.jsdelivr.net esironal.github.io maxcdn.bootstrapcdn.com www.google-analytics.com promolife.be cdn.datatables.net 'unsafe-eval'; img-src https: blob: data: http://www.highco-data.be; style-src 'unsafe-inline' 'self' www.highco-data.be consent.cookiefirst.com esironal.github.io use.fontawesome.com stackpath.bootstrapcdn.com highactions.highco.be api.autoaddress.ie maxcdn.bootstrapcdn.com portal.highco-data.be cdnjs.cloudflare.com fonts.googleapis.com cdn.datatables.net codemirror.net; font-src 'self' .highco.be fonts.googleapis.com use.fontawesome.com maxcdn.bootstrapcdn.com portal.highco-data.be fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' consentcdn.cookiebot.com https://promolife.be/ https://www.promolife.be/;
Public-Key-Pins	pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; max-age=3600; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.autoaddress.ie
api.highco.be
cdn.fpjs.io
cdn.matomo.cloud
code.jquery.com
consent.cookiefirst.com
form.highactions.highco.be
highactions.highco.be
maxcdn.bootstrapcdn.com
portal.highco-data.be
promolife.be
promolife.matomo.cloud
stats.g.doubleclick.net
wd-cashback.ch
www.google-analytics.com
cdn.fpjs.io
stats.g.doubleclick.net
18.195.235.189
185.2.52.98
185.2.54.216
2001:4860:4802:34::178
2001:4de0:ac18::1:a:2a
2400:52e0:1e00::1082:1
2600:9000:21f3:9600:c:7d55:b3c0:93a1
2606:4700::6812:acf
76.223.94.117
91.183.134.201
91.183.134.203
0589d359b8dcdf0915db62c847f500a8ded9d98c87176ea82e6109bdb8c8069b
0c19fe9ce7810dd8640764c7a94489e7d9435a46e453653c308685ce1ad023c8
0ee35b92c9a4cd4e03a437b7d2d3800bf8f5ec08d138759c41665580bb3e2c20
19ac66b45f25d355469bc33d3ca96190c1dec6f293d9de2e9a7231358b8b72a4
276a762c4154253554174aa2acdb8f9287729c55a2b247a0da04fb92ddf71f74
29d4fea924758d3bd27dc78ecc53b55f4695a3ebb4927cf683b04e9c3a49b61e
2f5a8d852deb59869ad8ed77cb1411df9cd0b8e85cf3589cc30f942fbfe79d8d
3984a1401555a3993b695a4310c38be51123599346e0f7487277cd24da0b661e
4ab069b5f4af16b092dd95ec4488e492a6e02352794f305536c8cb40240b8e3f
4c27dbee00ac2aa90cf1f3bad168426b9eead912dac15040a6421d40f155fba6
4fda4219c829bbe80280ddd287e4bdc3d748cd609caaed52016f9377537a504b
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
57356b4bf5617d546ffd061aab43d9d55cded343f6072c7154516a5e94d0f404
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5fda57787e0d47f6005a42623fdb683609680256753c76467f859b16f22216a1
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
699ed0b6b04ef1a2b410c9b7e30bb4cedc855c4b00fdc3927b0c727ea4de40c6
720d49f9c2970210ae259b2a6df4687ed1a836ac36beaa021b3055524e68cff2
77bfadab52b22b3e95be56a1a4c1c9cba0f921c393ebe790bc5f6ba126b78b14
79c311dc8b7ce60b4bda3bccbdae55ae748bf4e2027fc1bab77e7cdbd4f4e37d
7d41db8bcd52dded60cc1b36ecde46ec5f39ab5abcc3c80519b1e12f6bd4f2f4
844a600ab668cfcdefc6b8b9c206771d58bda7047f94a5d3e82e3510291ed0b3
9b62796ba711f0f34ab70ac02cdd8ac60383be8de04520f52e2fd1aff7fb1d46
9e178abaada4c85b35e7d012f2d667beb22c83d6b4f42810efcf3731fd632979
a39c089f19fb86bb3be99343746551fe441c481351eb5f86c54344969395319f
a3e1f0a5fe1699065eecf13356e2165c13cef22ff0d1f33a9bbf39940d90eec4
ad244f23c34cfd98cd45881d30cce3ba7111ee97da99f00066907a5082839d21
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b98dc5d67401b6555a461d153130232c63ff3a830fe7f76eb2de606c3c687e6f
bd4a6ccd3e8218a906fa0525444a0a8b8ae49410d62ae1c58b67be74b4439b83
befbba9a62193e1f706f556fc6c81ffcc618c632f2ed42374a650e7c1821301d
c652c72df4df859a239ae6558471c4d19e2bd3f625c8587fc598c4dbc2ecaea5
ce46e83a89f7529396ecd06192d6a3383389805bf60ef7e22ebb573f9bb07467
d426bebbaeccbed9b6bbdcde4820c41bd4413672cccaa162dc0b37f94ce01261
d55e3385a8c2063d4b0f3a88c1acd01173f86009702067790613a08e55d7597f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7dce74d8bb8263c5479ba3014fe5f322e33dd03c4500007f96fb6760fde966d
eb26bf3e4607ee95e28998d3f50a55e6db919a7047b55d13c9c90df394accfee
f6ae41614045742bd247c36bc6c98a80f1aece1fa74f177ec2dbe9b9412d3689
f859694f9e2de1c8632f291aae0915322dc124c0f79d5e5b363e0c6122f3a379

wd-cashback.ch Open in urlscan Pro 185.2.54.216 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

97 %HTTPS

45 %IPv6

12 Domains

15 Subdomains

12 IPs

5 Countries

18220 kBTransfer

19654 kBSize

5 Cookies

7 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wd-cashback.ch Open in urlscan Pro
185.2.54.216 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

97 %
HTTPS

45 %
IPv6

12
Domains

15
Subdomains

12
IPs

5
Countries

18220 kB
Transfer

19654 kB
Size

5
Cookies

60 HTTP transactions
0 data transactions