urlscan.io logo urlscan.io
SecurityTrails logo

online.winnenmetje.info Open in urlscan Pro
2600:9000:2240:8000:0:ad9f:f940:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://playabledownload.com/show.php?l=0&u=1274911&id=40741&tracking_id=
Effective URL: https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=70...
Submission: On March 19 via manual from FR — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 10 domains to perform 59 HTTP transactions. The main IP is 2600:9000:2240:8000:0:ad9f:f940:93a1, located in United States and belongs to AMAZON-02, US. The main domain is online.winnenmetje.info.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 22nd 2023. Valid for: 5 months.
This is the only time online.winnenmetje.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 35.204.59.16 396982 (GOOGLE-CL...)
1 25 34.78.252.25 396982 (GOOGLE-CL...)
15 2600:9000:224... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 13.32.99.92 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:e6:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:e6:... 13335 (CLOUDFLAR...)
59 10
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
playabledownload.com
1    35.204.59.16 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 16.59.204.35.bc.googleusercontent.com
m.mbuncha.com
25    34.78.252.25 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.252.78.34.bc.googleusercontent.com
nws20113.submittrk6.com
cdn.formulead.com
content2020.qubiqlabs.com
15    2600:9000:2240:8000:0:ad9f:f940:93a1 (United States)

ASN16509 (AMAZON-02, US)
online.winnenmetje.info
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    13.32.99.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-92.fra60.r.cloudfront.net
st.formulead.com
4    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:4700:e6::ac40:cf23 (United States)

ASN13335 (CLOUDFLARENET, US)
trk-consulatu.com
2    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2606:4700:e6::ac40:ce23 (United States)

ASN13335 (CLOUDFLARENET, US)
event.trk-consulatu.com
Apex Domain
Subdomains		 Transfer
26 formulead.com
st.formulead.com
cdn.formulead.com
963 KB
15 winnenmetje.info
online.winnenmetje.info
314 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
869 KB
5 trk-consulatu.com
trk-consulatu.com — Cisco Umbrella Rank: 41377
event.trk-consulatu.com — Cisco Umbrella Rank: 94728
3 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
45 KB
1 qubiqlabs.com
content2020.qubiqlabs.com
129 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 305
84 KB
1 submittrk6.com
nws20113.submittrk6.com
871 B
1 mbuncha.com
m.mbuncha.com
407 B
1 playabledownload.com
playabledownload.com — Cisco Umbrella Rank: 716025
758 B
59 10
Domain Requested by
23 cdn.formulead.com online.winnenmetje.info
st.formulead.com
cdn.formulead.com
15 online.winnenmetje.info playabledownload.com
online.winnenmetje.info
4 event.trk-consulatu.com trk-consulatu.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com cdn.formulead.com
www.gstatic.com
www.google.com
3 st.formulead.com online.winnenmetje.info
st.formulead.com
2 fonts.gstatic.com www.google.com
1 content2020.qubiqlabs.com online.winnenmetje.info
1 trk-consulatu.com st.formulead.com
1 ajax.googleapis.com online.winnenmetje.info
1 nws20113.submittrk6.com 1 redirects
1 m.mbuncha.com 1 redirects
1 playabledownload.com
59 13

This site contains links to these domains. Also see Links.

Domain
st.formulead.com
pridecor-pamins.com
Subject Issuer Validity Valid
*.playabledownload.com
GTS CA 1P5		 2023-01-26 -
2023-04-26		 3 months crt.sh
*.winnenmetje.info
Amazon RSA 2048 M02		 2023-02-22 -
2023-07-19		 5 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
st.formulead.com
Amazon RSA 2048 M02		 2023-02-17 -
2024-03-17		 a year crt.sh
*.formulead.com
R3		 2023-03-02 -
2023-05-31		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-01 -
2023-08-01		 a year crt.sh
*.qubiqlabs.com
R3		 2023-02-23 -
2023-05-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
Frame ID: 2047DAFE5E816C1E02E71E8751681542
Requests: 41 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu-&co=aHR0cHM6Ly9vbmxpbmUud2lubmVubWV0amUuaW5mbzo0NDM.&hl=nl&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&cb=8q5c2ejppmef
Frame ID: 5C81C658F051357F4B355ADEE1F6E26A
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Vul jouw gegevens in - DEELNAME IS 100% GRATIS.

Page URL History Show full URLs

  1. https://playabledownload.com/show.php?l=0&u=1274911&id=40741&tracking_id= Page URL
  2. https://m.mbuncha.com/click?pid=701&offer_id=79856&sub1=1198460204&sub5=1274911 HTTP 302
    https://nws20113.submittrk6.com/?aff_id=1377&c_id=U2FsdGVkX1%2BsOnmbt4ejzUHbSikWHOyThv3cvX2gzqQAzMG0qt2H&cli... HTTP 302
    https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

59
Requests

100 %
HTTPS

73 %
IPv6

10
Domains

13
Subdomains

10
IPs

4
Countries

2409 kB
Transfer

4117 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://playabledownload.com/show.php?l=0&u=1274911&id=40741&tracking_id= Page URL
  2. https://m.mbuncha.com/click?pid=701&offer_id=79856&sub1=1198460204&sub5=1274911 HTTP 302
    https://nws20113.submittrk6.com/?aff_id=1377&c_id=U2FsdGVkX1%2BsOnmbt4ejzUHbSikWHOyThv3cvX2gzqQAzMG0qt2H&click_id=64171d8853cc3e0001a33c1c&s1=701_1274911 HTTP 302
    https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
show.php
playabledownload.com/ 		615 B
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://playabledownload.com/show.php?l=0&u=1274911&id=40741&tracking_id=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7aa670311f7b9948-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 19 Mar 2023 14:34:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YkEH43k4n5rXjjqBUkVxebtLxge4rFUcoVpGM1qH3SKS%2BbnKrGPUaor3A%2FxOsqorWHMEPZHv9bcpjmTZBuSh8bvSMkQpvFcNbB5utOO%2BkYfcTa7DdvwZrrSB6bmTOC2XHDZKMRnH58M1%2FhLonf0Rv0Ow%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
Primary Request no_teaser.html
online.winnenmetje.info/n/09/11/nl/samsungs23/
Redirect Chain
  • https://m.mbuncha.com/click?pid=701&offer_id=79856&sub1=1198460204&sub5=1274911
  • https://nws20113.submittrk6.com/?aff_id=1377&c_id=U2FsdGVkX1%2BsOnmbt4ejzUHbSikWHOyThv3cvX2gzqQAzMG0qt2H&click_id=64171d8853cc3e0001a33c1c&s1=701_1274911
  • https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff...
18 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
Requested by
Host: playabledownload.com
URL: https://playabledownload.com/show.php?l=0&u=1274911&id=40741&tracking_id=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8000:0:ad9f:f940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
34b3a1a8997ad9078f60640f00f26db9eda248946deea386e7ab311aaefb2fb5

Request headers

Referer
https://playabledownload.com/show.php?l=0&u=1274911&id=40741&tracking_id=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
*
age
1223
content-type
text/html; charset=utf8
date
Sun, 19 Mar 2023 14:14:25 GMT
server
nginx/1.19.0
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-id
3g1-A2BrVlCnP47dobA5JPQnyBJmKIKvBuRUkCRhPvXvCWZ8tHncdg==
x-amz-cf-pop
FRA60-P1
x-cache
Hit from cloudfront

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization, Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS, PUT, DELETE, PATCH
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
730
Content-Type
text/html; charset=utf-8
Date
Sun, 19 Mar 2023 14:34:48 GMT
Location
https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
Server
nginx/1.19.0
Vary
Accept, Accept-Encoding
X-Powered-By
Express
style_min.css
online.winnenmetje.info/n/09/11/nl/samsungs23/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://online.winnenmetje.info/n/09/11/nl/samsungs23/css/style_min.css
Requested by
Host: online.winnenmetje.info
URL: https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8000:0:ad9f:f940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
c989a613f0839f75b394515232d9081102d336814bd688ccaf0d10358f6dc1db

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 14:34:48 GMT
content-encoding
br
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 16:59:32 GMT
server
nginx/1.19.0
x-amz-cf-pop
FRA60-P1
age
1185
etag
W/"6410a7f4-5be2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
x-amz-cf-id
nRssd6ji3EBPjx0kqfnTSzbKkC2nqGJpcrMXkwnBgjX5ChaZ53aPlQ==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.2/ 		84 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.2/jquery.min.js
Requested by
Host: online.winnenmetje.info
URL: https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://online.winnenmetje.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 01:32:38 GMT
x-content-type-options
nosniff
age
392530
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85656
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Mar 2024 01:32:38 GMT
top2_nl.png
online.winnenmetje.info/n/09/11/nl/samsungs23/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://online.winnenmetje.info/n/09/11/nl/samsungs23/images/top2_nl.png
Requested by
Host: online.winnenmetje.info
URL: https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8000:0:ad9f:f940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
cd222b195bce468797ce2de70ae6b01fc2376cc46d88461dc8a8ba66e37c9228

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 07:06:34 GMT
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 16:59:32 GMT
server
nginx/1.19.0
x-amz-cf-pop
FRA60-P1
age
26894
etag
"6410a7f4-19ab"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
6571
x-amz-cf-id
7W4fSeNbwefhDLVT4am4aaxI8auvNEpOYIlbtUs5_IKtd2KXWVzAGA==
black.png
online.winnenmetje.info/n/09/11/nl/samsungs23/images/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://online.winnenmetje.info/n/09/11/nl/samsungs23/images/black.png
Requested by
Host: online.winnenmetje.info
URL: https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8000:0:ad9f:f940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
cca8272c8da7be840697ee0c08bd3360312301ff86f77108a658f65cf8706b8f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 14:34:48 GMT
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 16:59:32 GMT
server
nginx/1.19.0
x-amz-cf-pop
FRA60-P1
age
1548
etag
"6410a7f4-c38c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
50060
x-amz-cf-id
YuK4RR8_Gs_wDGtETZZD7AOyLWsscZxrQ1holuZ5HkX75YUNLADxEg==
facebook.gif
st.formulead.com/assets/img/spinner/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.formulead.com/assets/img/spinner/facebook.gif
Requested by
Host: online.winnenmetje.info
URL: https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-92.fra60.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
f7cf0f5de5ccb7f5eecf209668e26e435b2344ebf4edf83a560823da8d2d47aa

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://online.winnenmetje.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 14:39:07 GMT
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
last-modified
Fri, 17 Mar 2023 14:26:52 GMT
server
nginx/1.19.0
x-amz-cf-pop
FRA60-P3
age
86141
etag
"641478ac-8f30"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
content-length
36656
x-amz-cf-id
EwNu2kK_BwFgH718ht83k_JJxbUvO4_QZxc4Y6cezKCIp6RvRHrisA==
cream.png
online.winnenmetje.info/n/09/11/nl/samsungs23/images/ 		0
58 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://online.winnenmetje.info/n/09/11/nl/samsungs23/images/cream.png
Requested by
Host: online.winnenmetje.info
URL: https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8000:0:ad9f:f940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 07:30:18 GMT
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 16:59:32 GMT
server
nginx/1.19.0
x-amz-cf-pop
FRA60-P1
age
25470
etag
"6410a7f4-e7cf"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
59343
x-amz-cf-id
6sXwOYHi33Zpy0nxeRHRywiPySAezMTQORccbujPQMT5fJovO6N6JA==
black.png
online.winnenmetje.info/n/09/11/nl/samsungs23/images/ 		0
49 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://online.winnenmetje.info/n/09/11/nl/samsungs23/images/black.png
Requested by
Host: online.winnenmetje.info
URL: https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8000:0:ad9f:f940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 14:34:48 GMT
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 16:59:32 GMT
server
nginx/1.19.0
x-amz-cf-pop
FRA60-P1
age
1548
etag
"6410a7f4-c38c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
50060
x-amz-cf-id
4e_HcYgWo-qkiY8kW-rlH8dCxlzU6tbb4sd76DCk4UaxXs8ySKNaCw==
lavender.png
online.winnenmetje.info/n/09/11/nl/samsungs23/images/ 		0
50 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://online.winnenmetje.info/n/09/11/nl/samsungs23/images/lavender.png
Requested by
Host: online.winnenmetje.info
URL: https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8000:0:ad9f:f940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 07:30:18 GMT
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 16:59:32 GMT
server
nginx/1.19.0
x-amz-cf-pop
FRA60-P1
age
25470
etag
"6410a7f4-c77e"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
51070
x-amz-cf-id
1GxqwJu2mb2Rt7Ej1nDsJ4ktqUwGuzGjXBVeFCwxHRYlk7n8W8Jy-g==
top_nl.png
online.winnenmetje.info/n/09/11/nl/samsungs23/images/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://online.winnenmetje.info/n/09/11/nl/samsungs23/images/top_nl.png
Requested by
Host: online.winnenmetje.info
URL: https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8000:0:ad9f:f940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 07:30:18 GMT
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 16:59:32 GMT
server
nginx/1.19.0
x-amz-cf-pop
FRA60-P1
age
25470
etag
"6410a7f4-18bb"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
6331
x-amz-cf-id
aDhDqZN7GthWEp30XXux_ihHVbfQnzzYuMh0gjP7UQJvkiSWO3na7A==
top2_nl.png
online.winnenmetje.info/n/09/11/nl/samsungs23/images/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://online.winnenmetje.info/n/09/11/nl/samsungs23/images/top2_nl.png
Requested by
Host: online.winnenmetje.info
URL: https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8000:0:ad9f:f940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 07:06:34 GMT
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 16:59:32 GMT
server
nginx/1.19.0
x-amz-cf-pop
FRA60-P1
age
26894
etag
"6410a7f4-19ab"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
6571
x-amz-cf-id
sOr-bCOiva-Z1TXPwBS2eTojbGqEqufqIx3m5Au-ANoR8dgkmd5j0A==
nav.svg
online.winnenmetje.info/n/09/11/nl/samsungs23/images/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://online.winnenmetje.info/n/09/11/nl/samsungs23/images/nav.svg
Requested by
Host: online.winnenmetje.info
URL: https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8000:0:ad9f:f940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 14:34:48 GMT
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 16:59:32 GMT
server
nginx/1.19.0
x-amz-cf-pop
FRA60-P1
age
1547
etag
"6410a7f4-3ba"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
954
x-amz-cf-id
EmAUKuTOVYqcq4lGM5WaqdRTEV30ktrx4Hb5dJ8cKdu8UeGb2cCU0w==
apple.svg
online.winnenmetje.info/n/09/11/nl/samsungs23/images/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://online.winnenmetje.info/n/09/11/nl/samsungs23/images/apple.svg
Requested by
Host: online.winnenmetje.info
URL: https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8000:0:ad9f:f940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 04:42:22 GMT
content-encoding
gzip
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 16:59:32 GMT
server
nginx/1.19.0
x-amz-cf-pop
FRA60-P1
age
35546
etag
W/"6410a7f4-1ad8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-cf-id
yOILQSuKltPPXiHZe6MtrSscaN5FzbKhvovBLkS_ZT6v32DRLwUnOA==
black.png
online.winnenmetje.info/n/09/11/nl/samsungs23/images/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://online.winnenmetje.info/n/09/11/nl/samsungs23/images/black.png
Requested by
Host: online.winnenmetje.info
URL: https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8000:0:ad9f:f940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
cca8272c8da7be840697ee0c08bd3360312301ff86f77108a658f65cf8706b8f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 14:34:48 GMT
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 16:59:32 GMT
server
nginx/1.19.0
x-amz-cf-pop
FRA60-P1
age
1548
etag
"6410a7f4-c38c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
50060
x-amz-cf-id
a9oDaShRSPbY-JPO12fcKrg8p18jvWv_l5vh-lNcybiVnGVnjVOjlw==
top2_nl.png
online.winnenmetje.info/n/09/11/nl/samsungs23/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://online.winnenmetje.info/n/09/11/nl/samsungs23/images/top2_nl.png
Requested by
Host: online.winnenmetje.info
URL: https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8000:0:ad9f:f940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
cd222b195bce468797ce2de70ae6b01fc2376cc46d88461dc8a8ba66e37c9228

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 07:06:34 GMT
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 16:59:32 GMT
server
nginx/1.19.0
x-amz-cf-pop
FRA60-P1
age
26894
etag
"6410a7f4-19ab"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
6571
x-amz-cf-id
pacBdNcSEcUkxLZmzHwfeXhS_553O0ME1lrvYcwd3ncnLhts847aZQ==
main.min.css
cdn.formulead.com/css/ 		715 KB
93 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.formulead.com/css/main.min.css
Requested by
Host: online.winnenmetje.info
URL: https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.252.25 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.252.78.34.bc.googleusercontent.com
Software
nginx/1.19.0 / Express
Resource Hash
c7f793450cd51bd2fa1f72d1132475237503b2b6006ae05a27667bfb20f150c1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://online.winnenmetje.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 14:34:48 GMT
Content-Encoding
gzip
X-Powered-By
Express
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 10 Mar 2023 11:11:20 GMT
Server
nginx/1.19.0
ETag
W/"b2a52-186cb37d7c0"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/css; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
public, max-age=2678400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
helpers.js
st.formulead.com/assets/js/ 		73 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.formulead.com/assets/js/helpers.js
Requested by
Host: online.winnenmetje.info
URL: https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-92.fra60.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
dbb03fb27d121533fc511d5696741557101d5fcc8a57b54a2c82cf7d687f2b4a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://online.winnenmetje.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 14:41:32 GMT
content-encoding
gzip
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
last-modified
Fri, 17 Mar 2023 14:26:52 GMT
server
nginx/1.19.0
x-amz-cf-pop
FRA60-P3
age
86235
etag
W/"641478ac-12389"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
x-amz-cf-id
dKTACd-k9zNSd82d0TauUCUgJdfC_BLYh8AVvIscZcVkufC4sWjosA==
p.js
cdn.formulead.com/p/58eb5f2e7ab7260100f6bfa6/ 		1 MB
430 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.formulead.com/p/58eb5f2e7ab7260100f6bfa6/p.js
Requested by
Host: online.winnenmetje.info
URL: https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.252.25 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.252.78.34.bc.googleusercontent.com
Software
nginx/1.19.0 / Express
Resource Hash
669ae5271914bf97068fcba0c72ca5fca5fb34a1e1b44d61e8c1c4620a5bdcb3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://online.winnenmetje.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Mar 2023 14:34:48 GMT
Content-Encoding
gzip
Server
nginx/1.19.0
X-Powered-By
Express
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Vary
Accept-Encoding
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
logo.png
online.winnenmetje.info/n/09/11/nl/samsungs23/images/ 		957 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://online.winnenmetje.info/n/09/11/nl/samsungs23/images/logo.png
Requested by
Host: online.winnenmetje.info
URL: https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8000:0:ad9f:f940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
40166f5a8f5e16f109c530b37a0324e08ddb19e3e71f5b7cc9b340446a2c4c6a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 14:34:48 GMT
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 16:59:32 GMT
server
nginx/1.19.0
x-amz-cf-pop
FRA60-P1
age
1547
etag
"6410a7f4-3bd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
957
x-amz-cf-id
YyWJa-Qmm4pzpyVqgKWjoIhNZe-in_L6G5yrlJEG9Ds53TMVRrtrYg==
nav.svg
online.winnenmetje.info/n/09/11/nl/samsungs23/images/ 		954 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://online.winnenmetje.info/n/09/11/nl/samsungs23/images/nav.svg
Requested by
Host: online.winnenmetje.info
URL: https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8000:0:ad9f:f940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
9d6e0f573ea8892ab9741436df1700cedf3de03fa1372fdef77497c5d1ef4c66

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 14:34:48 GMT
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 16:59:32 GMT
server
nginx/1.19.0
x-amz-cf-pop
FRA60-P1
age
1547
etag
"6410a7f4-3ba"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
954
x-amz-cf-id
eh2UzD__b4vVJSpEQU9DU95FZ4ZJpQalc7NkiGm3mNQXX5h3Prxe9Q==
bioep.min.js
st.formulead.com/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.formulead.com/assets/js/bioep.min.js
Requested by
Host: st.formulead.com
URL: https://st.formulead.com/assets/js/helpers.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-92.fra60.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
823c5ec9dc0a09f8dac71a858266b1b0f285def7c99ffc4e599a94107134ab7b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://online.winnenmetje.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 14:41:32 GMT
content-encoding
gzip
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
last-modified
Fri, 17 Mar 2023 14:26:52 GMT
server
nginx/1.19.0
x-amz-cf-pop
FRA60-P3
age
86235
etag
W/"641478ac-14c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
x-amz-cf-id
-qR_yQIK13tyTv0r_f2h3Z66JZBZJerOEMm9TgTGnyOqk5rNenVYhA==
country
cdn.formulead.com/v/ 		50 B
895 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.formulead.com/v/country
Requested by
Host: st.formulead.com
URL: https://st.formulead.com/assets/js/helpers.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.252.25 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.252.78.34.bc.googleusercontent.com
Software
nginx/1.19.0 / Express
Resource Hash
7a3a010a858bfee878298ca5f0b13bec2c109c50990801e429c27ab75c395a8d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://online.winnenmetje.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Mar 2023 14:34:48 GMT
Server
nginx/1.19.0
X-Powered-By
Express
ETag
W/"32-sgUcQaVEi9OWKDSaImLHFoG6Ib8"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://online.winnenmetje.info
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Content-Length
50
api.js
www.google.com/recaptcha/ 		884 B
907 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu-
Requested by
Host: cdn.formulead.com
URL: https://cdn.formulead.com/p/58eb5f2e7ab7260100f6bfa6/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a5360c219b36f42ed8442af8826197dc979ab137d1658707df30ea2449676f30
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://online.winnenmetje.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 14:34:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
585
x-xss-protection
1; mode=block
expires
Sun, 19 Mar 2023 14:34:49 GMT
feed
cdn.formulead.com/p/58eb5f2e7ab7260100f6bfa6/ 		19 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.formulead.com/p/58eb5f2e7ab7260100f6bfa6/feed?sc_domain=online.winnenmetje.info&cl_ip=37.48.94.47&qb_placement_id=58eb5f2e7ab7260100f6bfa6&qb_offer_id=5ea18b3c47bb09aed837e8ee&qb_flow_id=5ea18b3c47bb09aed837e8ee&qb_vendor_id=570e5c924ce290010026cc24&qb_country=NL&ql_session_id=O_QwgMdybbj1XWuQTSbkbeIMTrpyu6x5&p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c&sc_url=https%3A%2F%2Fonline.winnenmetje.info%2Fn%2F09%2F11%2Fnl%2Fsamsungs23%2Fno_teaser.html&sc_campaign_page=no_teaser.html&sc_campaign_path=%2Fn%2F09%2F11%2Fnl%2Fsamsungs23%2F&sc_campaign_domain=https%3A%2F%2Fonline.winnenmetje.info&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fn%2F09%2F11%2Fnl%2Fsamsungs23%2Fno_teaser.html&stp=1&feed_type=initial
Requested by
Host: cdn.formulead.com
URL: https://cdn.formulead.com/p/58eb5f2e7ab7260100f6bfa6/p.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.252.25 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.252.78.34.bc.googleusercontent.com
Software
nginx/1.19.0 / Express
Resource Hash
de3da4421144c90ab65dc02e17baa385ddf4ba615771d310ba34220efc1092a1

Request headers

Referer
https://online.winnenmetje.info/
X-Session-Id
s:O_QwgMdybbj1XWuQTSbkbeIMTrpyu6x5.Cu1liDfKxNEGgUKj/ToKT8DBRpQBHtP7pK08h0lrXKw
accept-language
nl-NL,nl;q=0.9
X-iivmxswc
e3c699d3387dc5ac38014fd7da668d7d9a8d826e9d61491fde901ad44e34a630
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
X-Request-Id
4aff564dbc4c87418f0b30e3

Response headers

Date
Sun, 19 Mar 2023 14:34:49 GMT
Content-Encoding
gzip
Server
nginx/1.19.0
X-Powered-By
Express
ETag
W/"4a82-Gn7FPJXsAn2nAXn2/AeWzRpQSiI"
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://online.winnenmetje.info
Access-Control-Expose-Headers
Content-Length
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
reverse-dns-lookup
cdn.formulead.com/v/ 		17 B
860 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.formulead.com/v/reverse-dns-lookup
Requested by
Host: cdn.formulead.com
URL: https://cdn.formulead.com/p/58eb5f2e7ab7260100f6bfa6/p.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.252.25 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.252.78.34.bc.googleusercontent.com
Software
nginx/1.19.0 / Express
Resource Hash
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03

Request headers

Referer
https://online.winnenmetje.info/
accept-language
nl-NL,nl;q=0.9
X-Lead-Id
4aff564dbc4c87418f0b30e3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Mar 2023 14:34:49 GMT
Server
nginx/1.19.0
X-Powered-By
Express
ETag
W/"11-UIVUdQWNarX1D9mk06okyEMbpS8"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://online.winnenmetje.info
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Content-Length
17
feed
cdn.formulead.com/p/58eb5f2e7ab7260100f6bfa6/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.formulead.com/p/58eb5f2e7ab7260100f6bfa6/feed?sc_domain=online.winnenmetje.info&cl_ip=37.48.94.47&qb_placement_id=58eb5f2e7ab7260100f6bfa6&qb_offer_id=5ea18b3c47bb09aed837e8ee&qb_flow_id=5ea18b3c47bb09aed837e8ee&qb_vendor_id=570e5c924ce290010026cc24&qb_country=NL&ql_session_id=O_QwgMdybbj1XWuQTSbkbeIMTrpyu6x5&p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c&sc_url=https%3A%2F%2Fonline.winnenmetje.info%2Fn%2F09%2F11%2Fnl%2Fsamsungs23%2Fno_teaser.html&sc_campaign_page=no_teaser.html&sc_campaign_path=%2Fn%2F09%2F11%2Fnl%2Fsamsungs23%2F&sc_campaign_domain=https%3A%2F%2Fonline.winnenmetje.info&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fn%2F09%2F11%2Fnl%2Fsamsungs23%2Fno_teaser.html&stp=1&feed_type=initial
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.252.25 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.252.78.34.bc.googleusercontent.com
Software
nginx/1.19.0 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-iivmxswc,x-request-id,x-session-id
Access-Control-Request-Method
GET
Origin
https://online.winnenmetje.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://online.winnenmetje.info
Access-Control-Expose-Headers
Content-Length
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
Date
Sun, 19 Mar 2023 14:34:49 GMT
ETag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Server
nginx/1.19.0
Vary
Accept-Encoding
X-Powered-By
Express
reverse-dns-lookup
cdn.formulead.com/v/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.formulead.com/v/reverse-dns-lookup
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.252.25 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.252.78.34.bc.googleusercontent.com
Software
nginx/1.19.0 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-lead-id
Access-Control-Request-Method
GET
Origin
https://online.winnenmetje.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://online.winnenmetje.info
Access-Control-Expose-Headers
Content-Length
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
Date
Sun, 19 Mar 2023 14:34:49 GMT
ETag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Server
nginx/1.19.0
Vary
Accept-Encoding
X-Powered-By
Express
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ 		406 KB
406 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__nl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1b10365299f2fe24226d8da27e11a412076f716338c4be7f0d5214b51480e8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://online.winnenmetje.info/
Origin
https://online.winnenmetje.info
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 17:42:21 GMT
x-content-type-options
nosniff
age
507148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
415415
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 02:02:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Mar 2024 17:42:21 GMT
feed
cdn.formulead.com/p/58eb5f2e7ab7260100f6bfa6/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.formulead.com/p/58eb5f2e7ab7260100f6bfa6/feed?stp=1&feed_type=full
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.252.25 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.252.78.34.bc.googleusercontent.com
Software
nginx/1.19.0 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-iivmxswc,x-request-id,x-session-id
Access-Control-Request-Method
GET
Origin
https://online.winnenmetje.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://online.winnenmetje.info
Access-Control-Expose-Headers
Content-Length
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
Date
Sun, 19 Mar 2023 14:34:49 GMT
ETag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Server
nginx/1.19.0
Vary
Accept-Encoding
X-Powered-By
Express
z75dnkdk4q
trk-consulatu.com/scripts/push/script/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-consulatu.com/scripts/push/script/z75dnkdk4q?url=online.winnenmetje.info
Requested by
Host: st.formulead.com
URL: https://st.formulead.com/assets/js/helpers.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f650f16ef6f31361ac2f0e1be0cfe9c7b9d973675dee847d3c1db0629384e86
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://online.winnenmetje.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 14:34:49 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1313
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 19 Mar 2023 14:12:56 GMT
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsbqJl5IMY%2BT%2FXBdYutiJ2J6PZNlRDu9%2BGGXjtWBgGlSms3Lw%2FD%2Fekq3V2W6X2ah2Xa%2FHzbUvzIH3n4j1swryywClrS9PzNFJYY%2FA%2BcyFEoXqASvUDwXOKbUJ3RL5uPiYS%2FcnJiQgBTzu8f1FE0n5A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
7aa6703b38883732-FRA
expires
0
MyriadPro-Light.otf
cdn.formulead.com/fonts/ 		92 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.formulead.com/fonts/MyriadPro-Light.otf
Requested by
Host: cdn.formulead.com
URL: https://cdn.formulead.com/css/main.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.252.25 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.252.78.34.bc.googleusercontent.com
Software
nginx/1.19.0 / Express
Resource Hash
3baac57c715df47fb3e202482ee7de1fdf6bf179e655ebc9a7837c579c4e6ecd

Request headers

Referer
https://cdn.formulead.com/css/main.min.css
Origin
https://online.winnenmetje.info
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 14:34:49 GMT
Content-Encoding
gzip
X-Powered-By
Express
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 10 Mar 2023 11:11:20 GMT
Server
nginx/1.19.0
ETag
W/"17034-186cb37d7c0"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
font/otf
Access-Control-Allow-Origin
https://online.winnenmetje.info
Access-Control-Expose-Headers
Content-Length
Cache-Control
public, max-age=2678400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
MyriadPro-Regular_3.otf
cdn.formulead.com/fonts/ 		94 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.formulead.com/fonts/MyriadPro-Regular_3.otf
Requested by
Host: cdn.formulead.com
URL: https://cdn.formulead.com/css/main.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.252.25 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.252.78.34.bc.googleusercontent.com
Software
nginx/1.19.0 / Express
Resource Hash
2c009f056c5faa4d1182a1707c8d64fb5a8688c70202d76a819385b8505f4aae

Request headers

Referer
https://cdn.formulead.com/css/main.min.css
Origin
https://online.winnenmetje.info
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 14:34:49 GMT
Content-Encoding
gzip
X-Powered-By
Express
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 10 Mar 2023 11:11:20 GMT
Server
nginx/1.19.0
ETag
W/"176f0-186cb37d7c0"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
font/otf
Access-Control-Allow-Origin
https://online.winnenmetje.info
Access-Control-Expose-Headers
Content-Length
Cache-Control
public, max-age=2678400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Roboto-Bold.ttf
cdn.formulead.com/fonts/ 		166 KB
167 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.formulead.com/fonts/Roboto-Bold.ttf
Requested by
Host: cdn.formulead.com
URL: https://cdn.formulead.com/css/main.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.252.25 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.252.78.34.bc.googleusercontent.com
Software
nginx/1.19.0 / Express
Resource Hash
c9cc991deb5d27f267830a19f2301eb164d9e61ec08669c1a1a291c5620ff40a

Request headers

Referer
https://cdn.formulead.com/css/main.min.css
Origin
https://online.winnenmetje.info
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 14:34:49 GMT
Last-Modified
Fri, 10 Mar 2023 11:11:20 GMT
Server
nginx/1.19.0
X-Powered-By
Express
ETag
W/"2996c-186cb37d7c0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
font/ttf
Access-Control-Allow-Origin
https://online.winnenmetje.info
Access-Control-Expose-Headers
Content-Length
Cache-Control
public, max-age=2678400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Content-Length
170348
MyriadPro-Bold_3.otf
cdn.formulead.com/fonts/ 		95 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.formulead.com/fonts/MyriadPro-Bold_3.otf
Requested by
Host: cdn.formulead.com
URL: https://cdn.formulead.com/css/main.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.252.25 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.252.78.34.bc.googleusercontent.com
Software
nginx/1.19.0 / Express
Resource Hash
c7282a35ccf4f8ce0793ce80875d76272894423e5e4fc63d01ce510740b2e39f

Request headers

Referer
https://cdn.formulead.com/css/main.min.css
Origin
https://online.winnenmetje.info
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 14:34:49 GMT
Content-Encoding
gzip
X-Powered-By
Express
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 10 Mar 2023 11:11:20 GMT
Server
nginx/1.19.0
ETag
W/"17c34-186cb37d7c0"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
font/otf
Access-Control-Allow-Origin
https://online.winnenmetje.info
Access-Control-Expose-Headers
Content-Length
Cache-Control
public, max-age=2678400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
feed
cdn.formulead.com/p/58eb5f2e7ab7260100f6bfa6/ 		64 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.formulead.com/p/58eb5f2e7ab7260100f6bfa6/feed?stp=1&feed_type=full
Requested by
Host: cdn.formulead.com
URL: https://cdn.formulead.com/p/58eb5f2e7ab7260100f6bfa6/p.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.252.25 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.252.78.34.bc.googleusercontent.com
Software
nginx/1.19.0 / Express
Resource Hash
5aaa8168aea82125e44bdec9faf5482b6f63f94a1db69672b99d0b280b0ab2c4

Request headers

Referer
https://online.winnenmetje.info/
X-Session-Id
s:O_QwgMdybbj1XWuQTSbkbeIMTrpyu6x5.Cu1liDfKxNEGgUKj/ToKT8DBRpQBHtP7pK08h0lrXKw
accept-language
nl-NL,nl;q=0.9
X-iivmxswc
e3c699d3387dc5ac38014fd7da668d7d9a8d826e9d61491fde901ad44e34a630
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
X-Request-Id
4aff564dbc4c87418f0b30e3

Response headers

Date
Sun, 19 Mar 2023 14:34:53 GMT
Content-Encoding
gzip
Server
nginx/1.19.0
X-Powered-By
Express
ETag
W/"101c4-CKF2O9UoWuS29TtZfG2nRd6Uvh4"
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://online.winnenmetje.info
Access-Control-Expose-Headers
Content-Length
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
nl.gif
content2020.qubiqlabs.com/cp/_assets/images/exitintent/ 		129 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content2020.qubiqlabs.com/cp/_assets/images/exitintent/nl.gif
Requested by
Host: online.winnenmetje.info
URL: https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.252.25 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.252.78.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
83e9819d39f2e415367d6c8cab682812fc61a93755297943e4a2b3018ea3215b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://online.winnenmetje.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 14:34:49 GMT
Last-Modified
Tue, 14 Mar 2023 16:57:53 GMT
Server
nginx/1.19.0
ETag
"6410a791-2048c"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
132236
anchor
www.google.com/recaptcha/api2/ Frame 5C81 		47 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu-&co=aHR0cHM6Ly9vbmxpbmUud2lubmVubWV0amUuaW5mbzo0NDM.&hl=nl&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&cb=8q5c2ejppmef
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__nl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a315d33eccdb5c2747cd76d86973225eb99da87a41791f3bcb14b83f87adf263
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AALKGPjGSkIBu_WotvG_Ng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://online.winnenmetje.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
25928
content-security-policy
script-src 'report-sample' 'nonce-AALKGPjGSkIBu_WotvG_Ng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 19 Mar 2023 14:34:49 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
errors
cdn.formulead.com/t/ 		16 B
739 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.formulead.com/t/errors
Requested by
Host: cdn.formulead.com
URL: https://cdn.formulead.com/p/58eb5f2e7ab7260100f6bfa6/p.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.252.25 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.252.78.34.bc.googleusercontent.com
Software
nginx/1.19.0 / Express
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://online.winnenmetje.info/
X-Session-Id
s:O_QwgMdybbj1XWuQTSbkbeIMTrpyu6x5.Cu1liDfKxNEGgUKj/ToKT8DBRpQBHtP7pK08h0lrXKw
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Sun, 19 Mar 2023 14:34:49 GMT
Server
nginx/1.19.0
X-Powered-By
Express
ETag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://online.winnenmetje.info
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Content-Length
16
errors
cdn.formulead.com/t/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.formulead.com/t/errors
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.252.25 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.252.78.34.bc.googleusercontent.com
Software
nginx/1.19.0 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-session-id
Access-Control-Request-Method
POST
Origin
https://online.winnenmetje.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://online.winnenmetje.info
Access-Control-Expose-Headers
Content-Length
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
Date
Sun, 19 Mar 2023 14:34:49 GMT
ETag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Server
nginx/1.19.0
Vary
Accept-Encoding
X-Powered-By
Express
fingerprint-cache
cdn.formulead.com/v/ 		16 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.formulead.com/v/fingerprint-cache?vl_fp=ab92bdeba6ad6800c0c16b0035411691&vl_fp_cljs=3031889441
Requested by
Host: cdn.formulead.com
URL: https://cdn.formulead.com/p/58eb5f2e7ab7260100f6bfa6/p.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.252.25 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.252.78.34.bc.googleusercontent.com
Software
nginx/1.19.0 / Express
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://online.winnenmetje.info/
accept-language
nl-NL,nl;q=0.9
X-Lead-Id
4aff564dbc4c87418f0b30e3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Mar 2023 14:34:49 GMT
Server
nginx/1.19.0
X-Powered-By
Express
ETag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://online.winnenmetje.info
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Content-Length
16
fingerprint-cache
cdn.formulead.com/v/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.formulead.com/v/fingerprint-cache?vl_fp=ab92bdeba6ad6800c0c16b0035411691&vl_fp_cljs=3031889441
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.252.25 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.252.78.34.bc.googleusercontent.com
Software
nginx/1.19.0 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-lead-id
Access-Control-Request-Method
GET
Origin
https://online.winnenmetje.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://online.winnenmetje.info
Access-Control-Expose-Headers
Content-Length
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
Date
Sun, 19 Mar 2023 14:34:49 GMT
ETag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Server
nginx/1.19.0
Vary
Accept-Encoding
X-Powered-By
Express
styles__ltr.css
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ Frame 5C81 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu-&co=aHR0cHM6Ly9vbmxpbmUud2lubmVubWV0amUuaW5mbzo0NDM.&hl=nl&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&cb=8q5c2ejppmef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 16:06:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167291
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 02:02:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Mar 2024 16:06:38 GMT
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ Frame 5C81 		406 KB
406 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__nl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu-&co=aHR0cHM6Ly9vbmxpbmUud2lubmVubWV0amUuaW5mbzo0NDM.&hl=nl&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&cb=8q5c2ejppmef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1b10365299f2fe24226d8da27e11a412076f716338c4be7f0d5214b51480e8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 17:42:21 GMT
x-content-type-options
nosniff
age
507148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
415415
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 02:02:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Mar 2024 17:42:21 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 5C81 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 08:02:07 GMT
x-content-type-options
nosniff
age
541963
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 20 Mar 2023 08:02:07 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5C81 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu-&co=aHR0cHM6Ly9vbmxpbmUud2lubmVubWV0amUuaW5mbzo0NDM.&hl=nl&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&cb=8q5c2ejppmef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 15:27:04 GMT
x-content-type-options
nosniff
age
256066
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Mar 2024 15:27:04 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5C81 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu-&co=aHR0cHM6Ly9vbmxpbmUud2lubmVubWV0amUuaW5mbzo0NDM.&hl=nl&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&cb=8q5c2ejppmef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 18:28:44 GMT
x-content-type-options
nosniff
age
331566
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Mar 2024 18:28:44 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 5C81 		102 B
133 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=nl&v=Trd6gj1dhC_fx0ma_AWHc1me
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu-&co=aHR0cHM6Ly9vbmxpbmUud2lubmVubWV0amUuaW5mbzo0NDM.&hl=nl&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&cb=8q5c2ejppmef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cd3e87dbfa8a9b38ec85e484e2e4c266ced758fca4b8d1ddabc8b5e21a0d80a0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu-&co=aHR0cHM6Ly9vbmxpbmUud2lubmVubWV0amUuaW5mbzo0NDM.&hl=nl&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&cb=8q5c2ejppmef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 14:34:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
x-xss-protection
1; mode=block
expires
Sun, 19 Mar 2023 14:34:50 GMT
yld80zxvem
event.trk-consulatu.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-consulatu.com/register/event_log/yld80zxvem
Requested by
Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/z75dnkdk4q?url=online.winnenmetje.info
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ce23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://online.winnenmetje.info/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Sun, 19 Mar 2023 14:34:50 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VCNm5%2F2hP2jxCUE%2FgwgNOrJnWnJazFhIxBF48R9MqM4YYAO%2FWgSG5szx5s207PAyNhGSvZlrbuvQOD1aWpasYWaYbac7AIKKmnF93sPTgNeYOIyQ1JFXsye31%2BZnDfBHFgXN6qQsEO3JrM5CphQpv%2F1lAo5q7g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://online.winnenmetje.info
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
7aa670413dae996f-FRA
x-pushplatformapp-params
yld80zxvem
event.trk-consulatu.com/register/event_log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-consulatu.com/register/event_log/yld80zxvem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ce23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://online.winnenmetje.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://online.winnenmetje.info
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7aa6703feb8c996f-FRA
content-length
0
date
Sun, 19 Mar 2023 14:34:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ceLlLkwS0Vy4dRkVfkBjQl4MQTr6WkM4kPzX%2FxPLcA1M%2Bgjk4wkbLRaJCWnlOa5OWhnrQ51iNKT3UdX24%2BRMQtQ3b2009pzAH1aQ%2BvFR5zhQk%2BCzs%2FDtN6jR8ICVDE2VDunk7KhxfEsw90JA%2BFnHOxyERNasqg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
yld80zxvem
event.trk-consulatu.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-consulatu.com/register/event_log/yld80zxvem
Requested by
Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/z75dnkdk4q?url=online.winnenmetje.info
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ce23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://online.winnenmetje.info/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Sun, 19 Mar 2023 14:34:50 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K78MlQclobi8psFmwCB1%2FOrlFgYmjqd4GcIwwB2Oo7pLBzVzoqAetIyaA6ZnUJQlRTzRqwvVYu5%2B%2FVhwz9YxZQtQAoXWDw%2Bi1O3qRT7CDG449tDNH57LY8wyHN4FHLuyLrRj4d6SR0NVV6zyFXy2miVqzp0BOA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://online.winnenmetje.info
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
7aa670414dc2996f-FRA
x-pushplatformapp-params
yld80zxvem
event.trk-consulatu.com/register/event_log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-consulatu.com/register/event_log/yld80zxvem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ce23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://online.winnenmetje.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://online.winnenmetje.info
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7aa6703ffba1996f-FRA
content-length
0
date
Sun, 19 Mar 2023 14:34:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2QEiDTrikK%2BlSe6f7%2BFpq4ui7sKPQbOcVKpIChPzkhgQ4zWKGafFlsz%2F2u54UoUxVNzwZvDDouIxzZ9EqU%2FOm2TZ1OWWM5UWs1DNAU0AzWanJHA31Z5YfTPIwHCespRqJIH5jNEqUXBMHdxwh7kBiBshvP3JKw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
reload
www.google.com/recaptcha/api2/ Frame 5C81 		32 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu-
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__nl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
63fc7c7748991c08be419c3130cae61784ecd3500d1e1a25e63736b23c83258b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu-&co=aHR0cHM6Ly9vbmxpbmUud2lubmVubWV0amUuaW5mbzo0NDM.&hl=nl&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&cb=8q5c2ejppmef
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sun, 19 Mar 2023 14:34:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18648
x-xss-protection
1; mode=block
expires
Sun, 19 Mar 2023 14:34:50 GMT
recaptcha3
cdn.formulead.com/v/ 		170 B
1014 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.formulead.com/v/recaptcha3?token=03AFY_a8VZXMyOI1SW8HaUeJeSGaRZT6PbifhRzf8sbX4-nC-GLKBuEBErOCe3qlOaAv8arspiOR9GthnZbGE6Dxao3KDIjO8tduTANW-IGR7g1cIliKucTKpMEH5_3wqdqQU2U3IRDO-2rFoo0C_zJ2TvMU61U4Fjwr0Mt0l-KLP476hG66RjFFgMbRMOPQvZjSknen5Lpn6KBGypIfJfXMehDYDLhZTpPzhUMCj2VWCdK8iPlfsMQ90tlrZtmWe0eQguhJEm5q_eJQtUmcZ6y9tDYvd8n5xBnq4CDTT2pA7wmgt8f5xvTRIqSxmCNDpiqKjlOSiUvSfsmSp_seu-J9dJNhbbwZvCnrPFsOHia7jPCbXUWnWYcXbhnio3yI9s4dReYGzrRxwDpqn6Rn_n-Cde9sJV3Q3WTXCPH-thMiIUbB-ye4skWSDFDI9BNJBSaaya6d8TBvlNcbPJyD5G0IkxEmD91uducD2FxChY0GEDs6BTtz9hU7xEbGgoc67CATsYZE9jzUcXwuAYNb-_7I540dOp4LFm6NifIyIH_FKia-ogCWIbMY9vnfkqM-Ht8ReaCRz39tJz&step=1
Requested by
Host: cdn.formulead.com
URL: https://cdn.formulead.com/p/58eb5f2e7ab7260100f6bfa6/p.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.252.25 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.252.78.34.bc.googleusercontent.com
Software
nginx/1.19.0 / Express
Resource Hash
f51b676fab57a5c706ea37c1a08ac915f9759d24a98e3d39d3aec933eccbca38

Request headers

Referer
https://online.winnenmetje.info/
accept-language
nl-NL,nl;q=0.9
X-Lead-Id
4aff564dbc4c87418f0b30e3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Mar 2023 14:34:50 GMT
Server
nginx/1.19.0
X-Powered-By
Express
ETag
W/"aa-zSF8cY25Y09FhqHqQBOIxETaDu0"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://online.winnenmetje.info
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Content-Length
170
recaptcha3
cdn.formulead.com/v/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.formulead.com/v/recaptcha3?token=03AFY_a8VZXMyOI1SW8HaUeJeSGaRZT6PbifhRzf8sbX4-nC-GLKBuEBErOCe3qlOaAv8arspiOR9GthnZbGE6Dxao3KDIjO8tduTANW-IGR7g1cIliKucTKpMEH5_3wqdqQU2U3IRDO-2rFoo0C_zJ2TvMU61U4Fjwr0Mt0l-KLP476hG66RjFFgMbRMOPQvZjSknen5Lpn6KBGypIfJfXMehDYDLhZTpPzhUMCj2VWCdK8iPlfsMQ90tlrZtmWe0eQguhJEm5q_eJQtUmcZ6y9tDYvd8n5xBnq4CDTT2pA7wmgt8f5xvTRIqSxmCNDpiqKjlOSiUvSfsmSp_seu-J9dJNhbbwZvCnrPFsOHia7jPCbXUWnWYcXbhnio3yI9s4dReYGzrRxwDpqn6Rn_n-Cde9sJV3Q3WTXCPH-thMiIUbB-ye4skWSDFDI9BNJBSaaya6d8TBvlNcbPJyD5G0IkxEmD91uducD2FxChY0GEDs6BTtz9hU7xEbGgoc67CATsYZE9jzUcXwuAYNb-_7I540dOp4LFm6NifIyIH_FKia-ogCWIbMY9vnfkqM-Ht8ReaCRz39tJz&step=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.252.25 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.252.78.34.bc.googleusercontent.com
Software
nginx/1.19.0 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-lead-id
Access-Control-Request-Method
GET
Origin
https://online.winnenmetje.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://online.winnenmetje.info
Access-Control-Expose-Headers
Content-Length
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
Date
Sun, 19 Mar 2023 14:34:50 GMT
ETag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Server
nginx/1.19.0
Vary
Accept-Encoding
X-Powered-By
Express
page
cdn.formulead.com/t/ 		16 B
739 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.formulead.com/t/page
Requested by
Host: cdn.formulead.com
URL: https://cdn.formulead.com/p/58eb5f2e7ab7260100f6bfa6/p.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.252.25 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.252.78.34.bc.googleusercontent.com
Software
nginx/1.19.0 / Express
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://online.winnenmetje.info/
X-Session-Id
s:O_QwgMdybbj1XWuQTSbkbeIMTrpyu6x5.Cu1liDfKxNEGgUKj/ToKT8DBRpQBHtP7pK08h0lrXKw
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Sun, 19 Mar 2023 14:34:53 GMT
Server
nginx/1.19.0
X-Powered-By
Express
ETag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://online.winnenmetje.info
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Content-Length
16
page
cdn.formulead.com/t/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.formulead.com/t/page
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.252.25 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.252.78.34.bc.googleusercontent.com
Software
nginx/1.19.0 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-session-id
Access-Control-Request-Method
POST
Origin
https://online.winnenmetje.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://online.winnenmetje.info
Access-Control-Expose-Headers
Content-Length
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
Date
Sun, 19 Mar 2023 14:34:51 GMT
ETag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Server
nginx/1.19.0
Vary
Accept-Encoding
X-Powered-By
Express
vdt
cdn.formulead.com/t/ 		16 B
739 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.formulead.com/t/vdt
Requested by
Host: cdn.formulead.com
URL: https://cdn.formulead.com/p/58eb5f2e7ab7260100f6bfa6/p.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.252.25 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.252.78.34.bc.googleusercontent.com
Software
nginx/1.19.0 / Express
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type
application/json
Referer
https://online.winnenmetje.info/
x-zqhkygow
aea095746b412c304b1e8a6705197b520a6c7e7252cffb4fdf171bc20ff2b2b5
X-Session-Id
s:O_QwgMdybbj1XWuQTSbkbeIMTrpyu6x5.Cu1liDfKxNEGgUKj/ToKT8DBRpQBHtP7pK08h0lrXKw
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
x-ofvuinwk
dc44476e7e1557a214a6eb0884c10ff4da31e602966f973648f042eb39e89d39

Response headers

Pragma
no-cache
Date
Sun, 19 Mar 2023 14:34:51 GMT
Server
nginx/1.19.0
X-Powered-By
Express
ETag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://online.winnenmetje.info
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Content-Length
16
vdt
cdn.formulead.com/t/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.formulead.com/t/vdt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.252.25 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.252.78.34.bc.googleusercontent.com
Software
nginx/1.19.0 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ofvuinwk,x-session-id,x-zqhkygow
Access-Control-Request-Method
POST
Origin
https://online.winnenmetje.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://online.winnenmetje.info
Access-Control-Expose-Headers
Content-Length
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
Date
Sun, 19 Mar 2023 14:34:51 GMT
ETag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Server
nginx/1.19.0
Vary
Accept-Encoding
X-Powered-By
Express

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless function| $ function| jQuery function| getURLParameter function| ans function| countdown string| server_id object| head object| widget object| qubiq_container object| link string| host string| script_protocol string| protocol string| hostname object| title string| placement_id string| url object| helpers object| script function| addCSSRule object| sheet function| getScriptTagParams object| imported function| parseQueryString function| getUrlParameters function| validateValue function| decompressParameter function| newgetURLParameter boolean| onPageLoad string| pathname string| href string| country string| aff_code string| aff_sub string| aff_sub2 string| aff_sub3 string| aff_sub4 string| aff_sub5 string| aff_fbp string| aff_fbpe string| aff_id string| aff_source string| aff_offer_id string| aff_tid string| aff_goal_id2 string| aff_inc string| sc_oid string| sc_tid string| ld_first_name string| ld_last_name string| ld_zip_code string| ld_email string| ld_gender string| ld_address_line1 string| ld_phone_cell string| ld_dob string| qb_lead_id string| ql_vendor_id string| cl_device string| qb_content_id string| aff_adv_id string| qb_flow_id string| qb_lead_uts string| ql_session_id string| qb_vendor_id string| p_id string| utm_campaign string| request_id string| aff_ttp object| aff_p object| aff_c object| vl_fbpxid boolean| consent_given boolean| fullLead function| ajax undefined| scriptTagParams object| globalTimeout function| waitForGlobal function| noConsentNeeded function| appendScripts function| checkForConsent function| checkIfConsentGiven function| triggerOnStepChange function| triggerOnFullLead function| triggerAffTrigger function| triggerOnAffP function| triggerOnVlFb object| bioEp string| __qubiq_request_id string| __qubiq_placement_id string| __qubiq_offer_id string| __qubiq_flow_id string| __qubiq_sid object| __qubiq_additions string| __qubiq_PYU4SV5 string| __qubiq_submit_host function| setImmediate function| clearImmediate function| _ function| P function| globalizeURI string| __qubiq_script_src string| qubiq_val string| qubiq_source string| qubiq_source_initial string| qubiq_dest string| qubiq_script_host number| qubiq_session_start function| qubiq_profile_add function| qubiq_enqueueData function| qubiq_profile_get object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| __qubiq_aliases object| recaptcha object| closure_lm_490930 function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore function| qubiq_tf

8 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AO5OVO8hdDutKm-pN5Ghpx_GcEilDHfTUVTpDed4UvbrL_vKqyhdhL_zyVibU0JOaotxpX8pJOWW7bUZVCXc6_c
m.mbuncha.com/ Name: afclick
Value: 64171d8853cc3e0001a33c1c
m.mbuncha.com/ Name: afoffers
Value: {"79856":1679236488}
nws20113.submittrk6.com/ Name: hexa.sid
Value: s%3Ag4C1LJd1efgly6kfS1vooJ8m3nlQRinD.jO0amZOBt9ymMPfOCcllMLnYpgYcshGU%2ByM5xxEzY5Q
cdn.formulead.com/ Name: plc
Value: 58eb5f2e7ab7260100f6bfa6
cdn.formulead.com/ Name: stp
Value: 1
cdn.formulead.com/ Name: ck_tsp
Value: 2023-03-19T14%3A34%3A49.317Z
cdn.formulead.com/ Name: sip
Value: 37.48.94.47

1 Console Messages

Source Level URL
Text
other error URL: https://online.winnenmetje.info/n/09/11/nl/samsungs23/no_teaser.html?p_id=58eb5f2e7ab7260100f6bfa6&aff_offer_id=20113&aff_sub=701_1274911&request_id=13da7324ef5ca6079b9c999a5417cb5b&aff_id=1377&aff_code=ASM&aff_adv_id=2&aff_inc=samsung&aff_sub2=64171d8853cc3e0001a33c1c&aff_click_id=64171d8853cc3e0001a33c1c
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.formulead.com
content2020.qubiqlabs.com
event.trk-consulatu.com
fonts.gstatic.com
m.mbuncha.com
nws20113.submittrk6.com
online.winnenmetje.info
playabledownload.com
st.formulead.com
trk-consulatu.com
www.google.com
www.gstatic.com
13.32.99.92
2600:9000:2240:8000:0:ad9f:f940:93a1
2606:4700:e6::ac40:ce23
2606:4700:e6::ac40:cf23
2a00:1450:4001:806::2003
2a00:1450:4001:829::200a
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a06:98c1:3121::3
34.78.252.25
35.204.59.16
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2c009f056c5faa4d1182a1707c8d64fb5a8688c70202d76a819385b8505f4aae
34b3a1a8997ad9078f60640f00f26db9eda248946deea386e7ab311aaefb2fb5
3baac57c715df47fb3e202482ee7de1fdf6bf179e655ebc9a7837c579c4e6ecd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40166f5a8f5e16f109c530b37a0324e08ddb19e3e71f5b7cc9b340446a2c4c6a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aaa8168aea82125e44bdec9faf5482b6f63f94a1db69672b99d0b280b0ab2c4
63fc7c7748991c08be419c3130cae61784ecd3500d1e1a25e63736b23c83258b
669ae5271914bf97068fcba0c72ca5fca5fb34a1e1b44d61e8c1c4620a5bdcb3
7a3a010a858bfee878298ca5f0b13bec2c109c50990801e429c27ab75c395a8d
823c5ec9dc0a09f8dac71a858266b1b0f285def7c99ffc4e599a94107134ab7b
83e9819d39f2e415367d6c8cab682812fc61a93755297943e4a2b3018ea3215b
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9d6e0f573ea8892ab9741436df1700cedf3de03fa1372fdef77497c5d1ef4c66
9f650f16ef6f31361ac2f0e1be0cfe9c7b9d973675dee847d3c1db0629384e86
a1b10365299f2fe24226d8da27e11a412076f716338c4be7f0d5214b51480e8e
a315d33eccdb5c2747cd76d86973225eb99da87a41791f3bcb14b83f87adf263
a5360c219b36f42ed8442af8826197dc979ab137d1658707df30ea2449676f30
c7282a35ccf4f8ce0793ce80875d76272894423e5e4fc63d01ce510740b2e39f
c7f793450cd51bd2fa1f72d1132475237503b2b6006ae05a27667bfb20f150c1
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c989a613f0839f75b394515232d9081102d336814bd688ccaf0d10358f6dc1db
c9cc991deb5d27f267830a19f2301eb164d9e61ec08669c1a1a291c5620ff40a
cca8272c8da7be840697ee0c08bd3360312301ff86f77108a658f65cf8706b8f
cd222b195bce468797ce2de70ae6b01fc2376cc46d88461dc8a8ba66e37c9228
cd3e87dbfa8a9b38ec85e484e2e4c266ced758fca4b8d1ddabc8b5e21a0d80a0
dbb03fb27d121533fc511d5696741557101d5fcc8a57b54a2c82cf7d687f2b4a
de3da4421144c90ab65dc02e17baa385ddf4ba615771d310ba34220efc1092a1
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f51b676fab57a5c706ea37c1a08ac915f9759d24a98e3d39d3aec933eccbca38
f7cf0f5de5ccb7f5eecf209668e26e435b2344ebf4edf83a560823da8d2d47aa