Submitted URL: https://www.nucash.be/user/cm-l.php?sk=9d4ba5d4ebc99bb6db7c8d8ca96e1a480025949e&e=ef5b31e23c944b94b8db16b809c708074f83...
Effective URL: https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfile...
Submission: On March 02 via api from BE

Summary

This website contacted 17 IPs in 5 countries across 14 domains to perform 40 HTTP transactions. The main IP is 2606:4700:20::6819:3174, located in United States and belongs to CLOUDFLARENET, US. The main domain is 3winorama.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on November 17th 2019. Valid for: 6 months.
This is the only time 3winorama.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
13 cdn.cg-platform.com 3winorama.com
4 www.nucash.be www.nucash.be
3 static.orangebuddies.com www.nucash.be
2 va.v.liveperson.net lptag.liveperson.net
2 lptag.liveperson.net www.nucash.be
2 www.google-analytics.com www.googletagmanager.com
3winorama.com
2 3winorama.com 3winorama.com
1 accdn.lpsnmedia.net lptag.liveperson.net
1 lpcdn.lpsnmedia.net lptag.liveperson.net
1 coreg.netopartners.com
1 secure.3winorama.com
1 sample-api-v2.crazyegg.com script.crazyegg.com
1 script.crazyegg.com www.googletagmanager.com
1 cdn-origin.netoplay.com 3winorama.com
1 www.googletagmanager.com 3winorama.com
1 cdn.netoplay.com 3winorama.com
1 ajax.googleapis.com 3winorama.com
1 maxcdn.bootstrapcdn.com 3winorama.com
1 click.powerplaypoints.com 1 redirects
1 fonts.googleapis.com www.nucash.be
40 20

This site contains links to these domains. Also see Links.

Domain
www.geoscratchmania.com
www.winorama.com
Subject Issuer Validity Valid
www.cashbackkorting.nl
Sectigo RSA Domain Validation Secure Server CA
2019-05-06 -
2021-05-21
2 years crt.sh
static.orangebuddies.com
Sectigo RSA Domain Validation Secure Server CA
2019-06-17 -
2021-06-17
2 years crt.sh
*.storage.googleapis.com
GTS CA 1O1
2020-02-12 -
2020-05-06
3 months crt.sh
ssl373134.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-11-17 -
2020-05-25
6 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA
2019-09-14 -
2020-10-13
a year crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2020-01-30 -
2020-10-09
8 months crt.sh
ssl509026.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2020-01-31 -
2020-08-08
6 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-02-12 -
2020-05-06
3 months crt.sh
ssl945600.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2020-01-28 -
2020-08-05
6 months crt.sh
*.liveperson.net
COMODO RSA Organization Validation Secure Server CA
2017-12-17 -
2020-12-16
3 years crt.sh
*.crazyegg.com
DigiCert SHA2 Secure Server CA
2018-06-08 -
2020-08-05
2 years crt.sh
ssl388049.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-11-24 -
2020-06-01
6 months crt.sh
*.lpsnmedia.net
COMODO RSA Organization Validation Secure Server CA
2018-02-26 -
2021-02-25
3 years crt.sh
*.v.liveperson.net
COMODO RSA Organization Validation Secure Server CA
2018-05-08 -
2020-05-07
2 years crt.sh

This page contains 2 frames:

Primary Page: https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
Frame ID: DC9FB2D190BEDEF03128EEE7DB842FC9
Requests: 39 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.9.0.13-release_5023/storage.secure.min.html?loc=https%3A%2F%2F3winorama.com&site=70099149&env=prod
Frame ID: FAD924927C196CE3D7105C70DE10F89B
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www.nucash.be/user/cm-l.php?sk=9d4ba5d4ebc99bb6db7c8d8ca96e1a480025949e&e=ef5b31e23c944b94... Page URL
  2. http://click.powerplaypoints.com/click/5acb63b4c44b9?brandId=4&campaignId=41304&mediaId=1&affiliateProfileNam... HTTP 302
    https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaI... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /^https?:\/\/lptag\.liveperson\.net\/tag\/tag\.js/i

Overall confidence: 100%
Detected patterns
  • script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Overall confidence: 100%
Detected patterns
  • script /swfobject.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

40
Requests

100 %
HTTPS

72 %
IPv6

14
Domains

20
Subdomains

17
IPs

5
Countries

741 kB
Transfer

1525 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.nucash.be/user/cm-l.php?sk=9d4ba5d4ebc99bb6db7c8d8ca96e1a480025949e&e=ef5b31e23c944b94b8db16b809c708074f8343d9-18132&sid=110794&ftb=1 Page URL
  2. http://click.powerplaypoints.com/click/5acb63b4c44b9?brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400 HTTP 302
    https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set cm-l.php
www.nucash.be/user/
5 KB
2 KB
Document
General
Full URL
https://www.nucash.be/user/cm-l.php?sk=9d4ba5d4ebc99bb6db7c8d8ca96e1a480025949e&e=ef5b31e23c944b94b8db16b809c708074f8343d9-18132&sid=110794&ftb=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.137.118.22 Manchester, United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
78.137.118.22.srvlist.ukfast.net
Software
nginx /
Resource Hash
b9071bfc7aa0a1708f24aab917b307bb9fed526bdbf00254bba4f9b1cc23ba9f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
www.nucash.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Server
nginx
Date
Mon, 02 Mar 2020 17:34:28 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1566
Connection
keep-alive
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Xss-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
Set-Cookie
PHPSESSID=cd596pik142kh0i9836oih00q3; path=/; secure; HttpOnly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
layout.css
static.orangebuddies.com/templates/www.nucash.be/march16/css/
245 KB
51 KB
Stylesheet
General
Full URL
https://static.orangebuddies.com/templates/www.nucash.be/march16/css/layout.css
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cm-l.php?sk=9d4ba5d4ebc99bb6db7c8d8ca96e1a480025949e&e=ef5b31e23c944b94b8db16b809c708074f8343d9-18132&sid=110794&ftb=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
5bc9bfe7129b7fff288565fdd2bd30b2d9923507bf306429be1e1347203b1c83

Request headers

Referer
https://www.nucash.be/user/cm-l.php?sk=9d4ba5d4ebc99bb6db7c8d8ca96e1a480025949e&e=ef5b31e23c944b94b8db16b809c708074f8343d9-18132&sid=110794&ftb=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 02 Mar 2020 17:34:29 GMT
content-encoding
gzip
last-modified
Fri, 17 Jan 2020 10:56:47 GMT
server
nginx/1.4.7
access-control-allow-origin
*
vary
Accept-Encoding
content-type
text/css
status
200
exit-page-cbk-new.css
www.nucash.be/general.assets/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://www.nucash.be/general.assets/css/exit-page-cbk-new.css
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cm-l.php?sk=9d4ba5d4ebc99bb6db7c8d8ca96e1a480025949e&e=ef5b31e23c944b94b8db16b809c708074f8343d9-18132&sid=110794&ftb=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.137.118.22 Manchester, United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
78.137.118.22.srvlist.ukfast.net
Software
nginx /
Resource Hash
ed5279e550ac7f7e7d13962a02507cc671ba8d5e41cd832edcc436687b2d1d28
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nucash.be/user/cm-l.php?sk=9d4ba5d4ebc99bb6db7c8d8ca96e1a480025949e&e=ef5b31e23c944b94b8db16b809c708074f8343d9-18132&sid=110794&ftb=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Mon, 02 Mar 2020 17:34:28 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000, public, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
706
X-Xss-Protection
1; mode=block
jquery.min.js
www.nucash.be/general.assets/js/
91 KB
33 KB
Script
General
Full URL
https://www.nucash.be/general.assets/js/jquery.min.js
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cm-l.php?sk=9d4ba5d4ebc99bb6db7c8d8ca96e1a480025949e&e=ef5b31e23c944b94b8db16b809c708074f8343d9-18132&sid=110794&ftb=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.137.118.22 Manchester, United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
78.137.118.22.srvlist.ukfast.net
Software
nginx /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nucash.be/user/cm-l.php?sk=9d4ba5d4ebc99bb6db7c8d8ca96e1a480025949e&e=ef5b31e23c944b94b8db16b809c708074f8343d9-18132&sid=110794&ftb=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 02 Mar 2020 17:34:29 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000, public, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33430
X-Xss-Protection
1; mode=block
logo.png
static.orangebuddies.com/templates/www.nucash.be/march16/assets/
21 KB
21 KB
Image
General
Full URL
https://static.orangebuddies.com/templates/www.nucash.be/march16/assets/logo.png
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cm-l.php?sk=9d4ba5d4ebc99bb6db7c8d8ca96e1a480025949e&e=ef5b31e23c944b94b8db16b809c708074f8343d9-18132&sid=110794&ftb=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
81bfc535b798aea06763ba112fd7edc6f88fee549f9e0a4a98b0cea84bef23e6

Request headers

Referer
https://www.nucash.be/user/cm-l.php?sk=9d4ba5d4ebc99bb6db7c8d8ca96e1a480025949e&e=ef5b31e23c944b94b8db16b809c708074f8343d9-18132&sid=110794&ftb=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 02 Mar 2020 17:34:29 GMT
last-modified
Wed, 02 Nov 2016 07:31:45 GMT
server
nginx/1.4.7
access-control-allow-origin
*
etag
"58199661-5511"
content-type
image/png
status
200
accept-ranges
bytes
content-length
21777
41317-ExitPage468x60.jpg
static.orangebuddies.com/image/banners/
23 KB
23 KB
Image
General
Full URL
https://static.orangebuddies.com/image/banners/41317-ExitPage468x60.jpg
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cm-l.php?sk=9d4ba5d4ebc99bb6db7c8d8ca96e1a480025949e&e=ef5b31e23c944b94b8db16b809c708074f8343d9-18132&sid=110794&ftb=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
00d463ef263a4035edbd0d348e12e7dec2a99fd76ec090d843e000e83eb8fcca

Request headers

Referer
https://www.nucash.be/user/cm-l.php?sk=9d4ba5d4ebc99bb6db7c8d8ca96e1a480025949e&e=ef5b31e23c944b94b8db16b809c708074f8343d9-18132&sid=110794&ftb=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 02 Mar 2020 17:34:29 GMT
last-modified
Wed, 17 Apr 2019 13:24:20 GMT
server
nginx/1.4.7
access-control-allow-origin
*
etag
"5cb72904-5cd9"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
23769
css
fonts.googleapis.com/
2 KB
601 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=PT+Sans+Narrow
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cm-l.php?sk=9d4ba5d4ebc99bb6db7c8d8ca96e1a480025949e&e=ef5b31e23c944b94b8db16b809c708074f8343d9-18132&sid=110794&ftb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bc2d206064e6dbc975bb0bf332fb48c7af9b04187b263713b4db2f61831cb8cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.nucash.be/user/cm-l.php?sk=9d4ba5d4ebc99bb6db7c8d8ca96e1a480025949e&e=ef5b31e23c944b94b8db16b809c708074f8343d9-18132&sid=110794&ftb=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 02 Mar 2020 17:34:29 GMT
server
ESF
date
Mon, 02 Mar 2020 17:34:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 02 Mar 2020 17:34:29 GMT
bar-loading.gif
www.nucash.be/general.assets/images/
3 KB
4 KB
Image
General
Full URL
https://www.nucash.be/general.assets/images/bar-loading.gif
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/general.assets/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.137.118.22 Manchester, United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
78.137.118.22.srvlist.ukfast.net
Software
nginx /
Resource Hash
a03a0e52f0f18d00375e4358ede5ec2ab934ea7a739e916c7c1caa702833e1b2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nucash.be/general.assets/css/exit-page-cbk-new.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 02 Mar 2020 17:34:29 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000, public, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3161
X-Xss-Protection
1; mode=block
Primary Request index.html
3winorama.com/lp/nl/Magicfairies/
Redirect Chain
  • http://click.powerplaypoints.com/click/5acb63b4c44b9?brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400
  • https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoCli...
9 KB
3 KB
Document
General
Full URL
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:3174 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5010314542a3b68b9444bebabf389e9aa0b5c4f9861a7f55765d28aceaa9ad0

Request headers

:method
GET
:authority
3winorama.com
:scheme
https
:path
/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.nucash.be/user/cm-l.php?sk=9d4ba5d4ebc99bb6db7c8d8ca96e1a480025949e&e=ef5b31e23c944b94b8db16b809c708074f8343d9-18132&sid=110794&ftb=1

Response headers

status
200
date
Mon, 02 Mar 2020 17:34:32 GMT
content-type
text/html
set-cookie
__cfduid=d615fa3a9f8b8034f2905b8b6a85bb8881583170472; expires=Wed, 01-Apr-20 17:34:32 GMT; path=/; domain=.3winorama.com; HttpOnly; SameSite=Lax
last-modified
Sun, 10 Nov 2019 08:50:19 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
56dcde7bdeff274e-FRA
content-encoding
br

Redirect headers

Date
Mon, 02 Mar 2020 17:34:32 GMT
Server
Apache/2.4.29 (Ubuntu)
RD
err: No redis
Set-Cookie
Click_5acb63b4c44b9=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%2210585%22%3B%7D; expires=Wed, 01-Apr-2020 17:34:32 GMT; Max-Age=2592000; path=/ Count=1; expires=Wed, 01-Apr-2020 17:34:32 GMT; Max-Age=2592000; path=/
Location
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
Content-Length
255
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.1/css/
111 KB
18 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.1/css/bootstrap.min.css
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
d699f303990ce9bd7d7c97e9bd3cad6a46ecf2532f475cf22ae58213237821b9

Request headers

Referer
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 02 Mar 2020 17:34:32 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:34:06 GMT
access-control-allow-origin
*
etag
"1544639646"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
18711
style.css
cdn.cg-platform.com/en/WR/MagicFairies/
6 KB
2 KB
Stylesheet
General
Full URL
https://cdn.cg-platform.com/en/WR/MagicFairies/style.css
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:b071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
608321ebf4e2970ce66c0321f74acccf3234e991af056287c4c4ea5054272a64

Request headers

Referer
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 02 Mar 2020 17:34:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
status
200
x-guploader-uploadid
AEnB2UoeniEURk6vIB0nnNbjAkJKCV2DVkUXv38CDQbA2uPOizQ1XOdXak4UaH6_Om_ANUPK3CRunPEU1J5hFJkdnVKSI-pKvQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
4
x-goog-stored-content-encoding
identity
last-modified
Thu, 15 Feb 2018 14:58:16 GMT
server
cloudflare
etag
W/"447a236e1bce7b1d702b45e4b67d6435"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=ROl6/g==, md5=RHojbhvOex1wK0Xktn1kNQ==
content-type
text/css
x-goog-generation
1518706696108136
cache-control
public, max-age=14400
x-goog-stored-content-length
5868
cf-ray
56dcde7cc83ddfc7-FRA
expires
Mon, 02 Mar 2020 18:34:32 GMT
lang-nav.css
cdn.cg-platform.com/common-images/language-bar/
2 KB
581 B
Stylesheet
General
Full URL
https://cdn.cg-platform.com/common-images/language-bar/lang-nav.css
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:b071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b043774247fb8ef1fb01d5fd3b357807daffe900b34956341bad9f1cd806fc09

Request headers

Referer
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 02 Mar 2020 17:34:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
status
200
x-guploader-uploadid
AEnB2UrO1DsJ2BRuRysO8OwEetI3dLrtDPRvBhZTm0BPrmdauP5inOYNQl1FWFeAPG8s8-FQh7wnW7IyHvc2_D_3FwyEDODD_A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Wed, 07 Aug 2019 14:03:16 GMT
server
cloudflare
etag
W/"9b1bec21f97296ab1966996a26a61f5f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=RHRWtw==, md5=mxvsIflylqsZZplqJqYfXw==
content-type
text/css
x-goog-generation
1565186596416309
cache-control
public, max-age=14400
x-goog-stored-content-length
1816
cf-ray
56dcde7cc83fdfc7-FRA
expires
Mon, 02 Mar 2020 18:34:32 GMT
swfobject.js
cdn.cg-platform.com/script/
10 KB
4 KB
Script
General
Full URL
https://cdn.cg-platform.com/script/swfobject.js
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:b071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c798a1ed77d81808ccd071c777ab901965f0ed613cf47867f5e737d6671f905

Request headers

Referer
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 02 Mar 2020 17:34:32 GMT
content-encoding
br
cf-cache-status
HIT
age
25197206
status
200
x-guploader-uploadid
AEnB2Ur8Oz3Z_RJE3e5jGJriN3dc4VvXayn0hEYou-YnHRpewBWf0MJCO4HqweRngAYN0ng50IBFFpDkO7jCl6NrAZ3eHZZidw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Thu, 18 Jan 2018 10:08:59 GMT
server
cloudflare
etag
W/"d51ac3392c9563764592fddfca470ea1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=BopeQQ==, md5=1RrDOSyVY3ZFkv3fykcOoQ==
content-type
application/javascript
x-goog-generation
1516270139434877
cache-control
max-age=14400, 3456000
x-goog-stored-content-length
10070
cf-ray
56dcde7cc841dfc7-FRA
expires
Fri, 15 May 2020 02:21:06 GMT
arrow.png
cdn.cg-platform.com/common-images/language-bar/
15 KB
15 KB
Image
General
Full URL
https://cdn.cg-platform.com/common-images/language-bar/arrow.png
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:b071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36b4ac8575fe56f4e0122f9496501b52cc58e58566a45aa41797a1091dd51e5c

Request headers

Referer
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 02 Mar 2020 17:34:32 GMT
cf-cache-status
HIT
age
10
status
200
x-guploader-uploadid
AEnB2UqRu20N-GqZLTwXke4gsnvJ8koH6FzsYRLkAtol6eRvB5ejHC0J6NUdGKB_czwKidhV8ZXUKq-UqmKR5xVdfu7T3vp2aw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
15098
last-modified
Thu, 18 Jan 2018 12:50:48 GMT
server
cloudflare
etag
"1b44ac40ceda5043e8923c634b56336e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=0WlKPQ==, md5=G0SsQM7aUEPokjxjS1Yzbg==
content-type
image/png
x-goog-generation
1516279848913504
cache-control
public, max-age=14400
x-goog-stored-content-length
15098
accept-ranges
bytes
cf-ray
56dcde7cc842dfc7-FRA
expires
Mon, 02 Mar 2020 18:34:22 GMT
logo.png
cdn.cg-platform.com/en/WR/MagicFairies/
9 KB
10 KB
Image
General
Full URL
https://cdn.cg-platform.com/en/WR/MagicFairies/logo.png
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:b071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5d7d3dc6a3c7a30f02805235644fc7d4008146202309306dcea1f6c294c20fe

Request headers

Referer
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 02 Mar 2020 17:34:32 GMT
cf-cache-status
REVALIDATED
status
200
x-guploader-uploadid
AEnB2UqCGIwjF90Ml7gCE3PANSOQ-K_ci0zqVb5yjHszQe72sPE9XljrsJQNeIPaVgVeuSdmNyFlJHoD3UtiHsW02MyLBf6kEg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
9522
last-modified
Thu, 15 Feb 2018 14:57:36 GMT
server
cloudflare
etag
"4c28978e02f613758d5c7689d5bd5d86"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=YYQsEw==, md5=TCiXjgL2E3WNXHaJ1b1dhg==
content-type
image/png
x-goog-generation
1518706656318174
cache-control
public, max-age=14400
x-goog-stored-content-length
9522
accept-ranges
bytes
cf-ray
56dcde7cc844dfc7-FRA
expires
Mon, 02 Mar 2020 18:34:32 GMT
btn-header.png
cdn.cg-platform.com/en/WR/MagicFairies/
989 B
1 KB
Image
General
Full URL
https://cdn.cg-platform.com/en/WR/MagicFairies/btn-header.png
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:b071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fec625cb265cf5543af03196946a95f4c2aaaa5e088425f65bf87b834ff0ed2a

Request headers

Referer
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 02 Mar 2020 17:34:32 GMT
cf-cache-status
REVALIDATED
status
200
x-guploader-uploadid
AEnB2UqNqe66RdtUiJv81eSpucQcP-SwcJhde3bxLbU9GsXJHJYNMecPRNAENh-w1NuyO04GiSQUQ2gdKf1Maqwy49lsQlADqg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
989
last-modified
Thu, 15 Feb 2018 14:57:35 GMT
server
cloudflare
etag
"c7a55d1b06e941ec1c25bfe017959408"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=C8d4GA==, md5=x6VdGwbpQewcJb/gF5WUCA==
content-type
image/png
x-goog-generation
1518706655837524
cache-control
public, max-age=14400
x-goog-stored-content-length
989
accept-ranges
bytes
cf-ray
56dcde7d9a75dfc7-FRA
expires
Mon, 02 Mar 2020 18:34:32 GMT
main.png
cdn.cg-platform.com/en/WR/MagicFairies/
254 KB
255 KB
Image
General
Full URL
https://cdn.cg-platform.com/en/WR/MagicFairies/main.png
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:b071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96adc292e999fe79090ded059c51be8f88f864dcd2328f90ce86f4ccb3b5c642

Request headers

Referer
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 02 Mar 2020 17:34:32 GMT
cf-cache-status
REVALIDATED
status
200
x-guploader-uploadid
AEnB2UryepdJFTf4ZYgGNWXhFDlDKlUgvHtO8idP2lv0leXu_nN19WYO-CpoX-zdvArRHkxLuBrc5y5HbB9WUgjIT8KWzVPWiw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
260548
last-modified
Tue, 06 Mar 2018 12:44:58 GMT
server
cloudflare
etag
"1c7a6f986d35ce75dece6009cb5caeeb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=GOmk+Q==, md5=HHpvmG01znXezmAJy1yu6w==
content-type
image/png
x-goog-generation
1520340298934315
cache-control
public, max-age=14400
x-goog-stored-content-length
260548
accept-ranges
bytes
cf-ray
56dcde7d9a7ddfc7-FRA
expires
Mon, 02 Mar 2020 18:34:32 GMT
pay-EN.EUR.USD-FR.USD.png
cdn.cg-platform.com/en/WR/MagicFairies/
7 KB
7 KB
Image
General
Full URL
https://cdn.cg-platform.com/en/WR/MagicFairies/pay-EN.EUR.USD-FR.USD.png
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:b071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9faa79e0a39b3d48f934f8e63e2bbb8c42a1985e401e2a70c9286d973dff2740

Request headers

Referer
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 02 Mar 2020 17:34:32 GMT
cf-cache-status
REVALIDATED
status
200
x-guploader-uploadid
AEnB2UqzMq8tEnSoCHvKe6-oT0JKlQznX7MYjzlAnMI2QZvBpqzAjBhu-6_4mAWZiK0252T_Xiy6O2AtsiKso2ziyQa1MYNwGg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
7059
last-modified
Thu, 15 Feb 2018 14:57:36 GMT
server
cloudflare
etag
"a9add0d489cef20ea51f1cc9320d000b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=Be9UTQ==, md5=qa3Q1InO8g6lHxzJMg0ACw==
content-type
image/png
x-goog-generation
1518706656392572
cache-control
public, max-age=14400
x-goog-stored-content-length
7059
accept-ranges
bytes
cf-ray
56dcde7d9a80dfc7-FRA
expires
Mon, 02 Mar 2020 18:34:32 GMT
sec-EN-desktop.png
cdn.cg-platform.com/en/WR/MagicFairies/
5 KB
5 KB
Image
General
Full URL
https://cdn.cg-platform.com/en/WR/MagicFairies/sec-EN-desktop.png
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:b071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8090278ad104345d81e5734a4318fe138636cdd4a59fd83a3e321b7130d2f9fc

Request headers

Referer
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 02 Mar 2020 17:34:32 GMT
cf-cache-status
REVALIDATED
status
200
x-guploader-uploadid
AEnB2UqtCckZD5bV5fzBiCt70sE3tVdthjxpgdMzRngR7FlX4zQIco64idEWxWLPN-uI1t1ny5CCGqqpN45qaf1wCCWFcgtRDg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
5099
last-modified
Thu, 15 Feb 2018 14:57:37 GMT
server
cloudflare
etag
"7939013724a62e1968f032c6fa19282d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=+Mt4Ig==, md5=eTkBNySmLhlo8DLG+hkoLQ==
content-type
image/png
x-goog-generation
1518706657067651
cache-control
public, max-age=14400
x-goog-stored-content-length
5099
accept-ranges
bytes
cf-ray
56dcde7d9a82dfc7-FRA
expires
Mon, 02 Mar 2020 18:34:32 GMT
email-decode.min.js
3winorama.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
833 B
Script
General
Full URL
https://3winorama.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:3174 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 02 Mar 2020 17:34:32 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Wed, 26 Feb 2020 11:08:35 GMT
server
cloudflare
etag
W/"5e5651b3-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
56dcde7cff85274e-FRA
expires
Wed, 04 Mar 2020 17:34:32 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/
91 KB
32 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 31 Jan 2020 00:54:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2738404
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
32954
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Jan 2021 00:54:28 GMT
utils.js
cdn.cg-platform.com/script/
26 KB
7 KB
Script
General
Full URL
https://cdn.cg-platform.com/script/utils.js
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:b071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f8cf783efe6827d379cf91adcc6032c9448923e05a648905bd8075650e39cb6

Request headers

Referer
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 02 Mar 2020 17:34:32 GMT
content-encoding
br
cf-cache-status
HIT
age
61
status
200
x-guploader-uploadid
AEnB2Up50zXu4zwogfBX05bbLB5y835B5aZcYv5AzcxExHG__84z8Svn-keA3dRIGsVmg4jvolD_8__d0bhyQ_PcxcVg3aAwLg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Sun, 01 Mar 2020 15:37:29 GMT
server
cloudflare
etag
W/"433a6d420fb27fe774a4154f1a02030e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=5aJOuA==, md5=QzptQg+yf+d0pBVPGgIDDg==
content-type
text/javascript
x-goog-generation
1583077049866630
cache-control
public, max-age=14400
x-goog-stored-content-length
26913
cf-ray
56dcde7d1933dfc7-FRA
expires
Mon, 02 Mar 2020 18:33:31 GMT
popups.js
cdn.netoplay.com/assets/js/
0
0
Script
General
Full URL
https://cdn.netoplay.com/assets/js/popups.js?v=5
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:10::6814:56a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

gtm.js
www.googletagmanager.com/
79 KB
27 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MM92NX
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b0da8352e0d31f7e250c2716f0d915a70e19a82f0c2a43ebf58c778fa67f580d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 02 Mar 2020 17:34:32 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27139
x-xss-protection
0
last-modified
Mon, 02 Mar 2020 17:08:35 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 02 Mar 2020 17:34:32 GMT
sprite.jpg
cdn.cg-platform.com/common-images/language-bar/
19 KB
20 KB
Image
General
Full URL
https://cdn.cg-platform.com/common-images/language-bar/sprite.jpg?v=1
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:b071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c8283feede6f0c2f427ba3487f7951b62ef19e4e98c817e00c4bce570398188

Request headers

Referer
https://cdn.cg-platform.com/common-images/language-bar/lang-nav.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 02 Mar 2020 17:34:32 GMT
cf-cache-status
DYNAMIC
age
2626
status
200
x-guploader-uploadid
AEnB2UpPTx0DLwm9R-lEYbCUSaFsXzFOM8glqUEsq8xCrAX6QMjO2H-RF44IjO7Om5PC2tKBRdflq8DUqXKwtl0FkzB13xUSYg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
19700
last-modified
Tue, 21 Aug 2018 07:15:42 GMT
server
cloudflare
etag
"1b7f70f2e6e5f79ef6e742eff31282cd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=k2wyQg==, md5=G39w8ubl957250Lv8xKCzQ==
content-type
image/jpeg
x-goog-generation
1534835742086992
cache-control
public, max-age=3600
x-goog-stored-content-length
19700
accept-ranges
bytes
cf-ray
56dcde7d9a86dfc7-FRA
expires
Mon, 02 Mar 2020 17:50:46 GMT
fairy.png
cdn.cg-platform.com/en/WR/MagicFairies/
38 KB
38 KB
Image
General
Full URL
https://cdn.cg-platform.com/en/WR/MagicFairies/fairy.png
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:b071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a03e3a5ec0ba9f97c1ffe1b95e446777be3fb6c7a5d81926f9f3683d7918196

Request headers

Referer
https://cdn.cg-platform.com/en/WR/MagicFairies/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 02 Mar 2020 17:34:32 GMT
cf-cache-status
REVALIDATED
status
200
x-guploader-uploadid
AEnB2UrpDBHK3oZxSjPebF4IU1R1sx0kWh5mgMfripkVM0NjUoyaM5DYaWtzzkU9nwow8MEKVbOaZY9hkFEpdUpD6JDxstDPyA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
38581
last-modified
Thu, 15 Feb 2018 14:57:35 GMT
server
cloudflare
etag
"a24e3362ddd28cd65ee7ce853123cadd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=zGs5Qw==, md5=ok4zYt3SjNZe586FMSPK3Q==
content-type
image/png
x-goog-generation
1518706655855262
cache-control
public, max-age=14400
x-goog-stored-content-length
38581
accept-ranges
bytes
cf-ray
56dcde7d9a8adfc7-FRA
expires
Mon, 02 Mar 2020 18:34:32 GMT
butterfly.png
cdn.cg-platform.com/en/WR/MagicFairies/
3 KB
3 KB
Image
General
Full URL
https://cdn.cg-platform.com/en/WR/MagicFairies/butterfly.png
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:b071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f7001311cfb13460ca46ec2315d0d496a075ecc99652db685be2a1e0790144b

Request headers

Referer
https://cdn.cg-platform.com/en/WR/MagicFairies/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 02 Mar 2020 17:34:32 GMT
cf-cache-status
REVALIDATED
status
200
x-guploader-uploadid
AEnB2Uo8u80m9khEQIq8fRZG940-kiMeNYNisGuUZPnoYOU43Zgdx1yo2SOwbkGTVbc2F53V9F72LOMa58Wan4maWRNGYCCLDQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
2689
last-modified
Thu, 15 Feb 2018 14:57:35 GMT
server
cloudflare
etag
"d6212542d80644a966ae23eb00301e4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=ObmRiw==, md5=1iElQtgGRKlmriPrADAeTA==
content-type
image/png
x-goog-generation
1518706655848642
cache-control
public, max-age=14400
x-goog-stored-content-length
2689
accept-ranges
bytes
cf-ray
56dcde7d9a9adfc7-FRA
expires
Mon, 02 Mar 2020 18:34:32 GMT
visitorCountry.php
cdn-origin.netoplay.com/
354 B
544 B
Script
General
Full URL
https://cdn-origin.netoplay.com/visitorCountry.php?language=en
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:10::6814:56a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.5.9-1ubuntu4.29
Resource Hash
a30e59a8b11c20c245c8d757e8e2d17c80f82d9e80739630e1c6aa0a5fe740d0

Request headers

Referer
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 02 Mar 2020 17:34:32 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/5.5.9-1ubuntu4.29
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cf-ray
56dcde7e0e2e642b-FRA
content-length
189
analytics.js
www.google-analytics.com/
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MM92NX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
6141
date
Mon, 02 Mar 2020 15:52:11 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Mon, 02 Mar 2020 17:52:11 GMT
6704.js
script.crazyegg.com/pages/scripts/0078/
132 KB
40 KB
Script
General
Full URL
https://script.crazyegg.com/pages/scripts/0078/6704.js?439769
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MM92NX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c434d1ab5c371183f35b542ac8ac77c7cbd2c860e4ceceee2693994dee5158bb

Request headers

Referer
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 02 Mar 2020 17:34:32 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 02 Mar 2020 13:42:27 GMT
server
cloudflare
age
13891
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
56dcde7e0d441766-FRA
access-control-allow-origin
*
content-length
40226
tag.js
lptag.liveperson.net/tag/
18 KB
7 KB
Script
General
Full URL
https://lptag.liveperson.net/tag/tag.js?site=70099149
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cm-l.php?sk=9d4ba5d4ebc99bb6db7c8d8ca96e1a480025949e&e=ef5b31e23c944b94b8db16b809c708074f8343d9-18132&sid=110794&ftb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
cc490a8ef7deb4c7fba66f332ad8cdd39433675b95d2bd341300ab7b718f8e4e

Request headers

Referer
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 02 Mar 2020 17:34:32 GMT
content-encoding
gzip
last-modified
Tue, 21 Aug 2018 07:47:45 GMT
server
ws
etag
"5b7bc3a1-198d"
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length
6541
collect
www.google-analytics.com/r/
35 B
111 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=919550486&t=pageview&_s=1&dl=https%3A%2F%2F3winorama.com%2Flp%2Fnl%2FMagicfairies%2Findex.html%3FInc%3D23206311%26brandId%3D4%26campaignId%3D41304%26mediaId%3D1%26affiliateProfileName%3D120_400%26ABClicks%3D1%26shorten_link%3D5acb63b4c44b9%26shorten_target%3D10585%26netoClickId%3D&dp=https%3A%2F%2F3winorama.com%2Flp%2Fnl%2FMagicfairies%2Findex.html%3FInc%3D23206311%26brandId%3D4%26campaignId%3D41304%26mediaId%3D1%26affiliateProfileName%3D120_400%26ABClicks%3D1%26shorten_link%3D5acb63b4c44b9%26shorten_target%3D10585%26netoClickId%3D&ul=en-us&de=UTF-8&dt=Winorama&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1100472564&gjid=1246758009&cid=877558978.1583170473&tid=UA-27702367-3&_gid=163806863.1583170473&_r=1&gtm=2wg2j0MM92NX&cd1=4&cd3=120_400&cd4=1&cd6=41304&z=1270629654
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 02 Mar 2020 17:34:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
.jsonp
lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/
235 KB
85 KB
Script
General
Full URL
https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Requested by
Host: www.nucash.be
URL: https://www.nucash.be/user/cm-l.php?sk=9d4ba5d4ebc99bb6db7c8d8ca96e1a480025949e&e=ef5b31e23c944b94b8db16b809c708074f8343d9-18132&sid=110794&ftb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
ed3e2cb8f804c3d29c82ada1b523f21f21df03ec68f12b594e8910d09e20c33c

Request headers

Referer
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 02 Mar 2020 17:34:32 GMT
content-encoding
gzip
server
ws
x-cache-status
HIT
access-control-allow-methods
GET, POST, PATCH
content-type
application/x-javascript
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
all
sample-api-v2.crazyegg.com/n/786704/
60 B
778 B
XHR
General
Full URL
https://sample-api-v2.crazyegg.com/n/786704/all?v=7&user_script_version=1583156543
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0078/6704.js?439769
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.243.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-243-242.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
3834133d2732a3e8f48d3653d521c10845d6618320288ec2b19642c0473d277b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
Origin
https://3winorama.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 02 Mar 2020 17:34:33 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.12.1
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET
Content-Type
text/html;charset=utf-8
Access-Control-Allow-Origin
*
Cache-control
no-cache="set-cookie"
Connection
keep-alive
Content-Length
60
X-XSS-Protection
1; mode=block
/
secure.3winorama.com/server/clickstats/
0
44 B
Image
General
Full URL
https://secure.3winorama.com/server/clickstats/?brandId=4&deviceCategory=1&campaignId=41304&mediaId=1&affiliateProfileName=120_400&referer=https%3A%2F%2F3winorama.com%2Flp%2Fnl%2FMagicfairies%2Findex.html%3Fshorten_link%3D5acb63b4c44b9%26shorten_target%3D10585%26netoClickId%3D%26Inc%3D23206311%26brandId%3D4%26campaignId%3D41304%26mediaId%3D1%26affiliateProfileName%3D120_400%26ABClicks%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:3174 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 02 Mar 2020 17:34:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain
status
200
cf-ray
56dcde7f5928274e-FRA
content-length
0
23206311
coreg.netopartners.com/traffic/registration/minisite/
0
345 B
Image
General
Full URL
https://coreg.netopartners.com/traffic/registration/minisite/23206311
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:305 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.3.10-1ubuntu3.26
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 02 Mar 2020 17:34:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/5.3.10-1ubuntu3.26
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
status
200
cf-ray
56dcde7f8afedfdb-FRA
storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.9.0.13-release_5023/ Frame FAD9
0
0
Document
General
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.9.0.13-release_5023/storage.secure.min.html?loc=https%3A%2F%2F3winorama.com&site=70099149&env=prod
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash

Request headers

:method
GET
:authority
lpcdn.lpsnmedia.net
:scheme
https
:path
/le_secure_storage/3.9.0.13-release_5023/storage.secure.min.html?loc=https%3A%2F%2F3winorama.com&site=70099149&env=prod
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=

Response headers

status
200
date
Mon, 02 Mar 2020 17:34:32 GMT
content-type
text/html
last-modified
Tue, 18 Feb 2020 15:26:16 GMT
content-encoding
gzip
server
ws
vary
Origin
access-control-allow-methods
GET, POST, PATCH
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials
true
expires
Mon, 02 Mar 2020 17:44:32 GMT
cache-control
max-age=600
zones
accdn.lpsnmedia.net/api/account/70099149/configuration/le-campaigns/
18 KB
2 KB
Script
General
Full URL
https://accdn.lpsnmedia.net/api/account/70099149/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
fd6c2b2109ce8bbc91af21093a27633fe27ccd6ba5a7f6fed6fd98e989949eba

Request headers

Referer
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 02 Mar 2020 17:34:32 GMT
content-encoding
gzip
server
ws
x-cache-status
HIT
vary
Accept
content-type
application/javascript
status
200
expires
Mon, 02 Mar 2020 17:34:52 GMT
70099149
va.v.liveperson.net/api/js/
238 B
1 KB
Script
General
Full URL
https://va.v.liveperson.net/api/js/70099149?&cb=lpCb37959x45743&t=sp&ts=1583170472843&pid=804444604&tid=9094946373&pt=Winorama&u=https%3A%2F%2F3winorama.com%2Flp%2Fnl%2FMagicfairies%2Findex.html%3FInc%3D23206311%26brandId%3D4%26campaignId%3D41304%26mediaId%3D1%26affiliateProfileName%3D120_400%26ABClicks%3D1%26shorten_link%3D5acb63b4c44b9%26shorten_target%3D10585%26netoClickId%3D&df=0&os=1&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
495c6affcd4c9102c694e25ff33a00beb9d5c61b473dd7d387db0937169742af

Request headers

Referer
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 02 Mar 2020 17:34:33 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/json
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
70099149
va.v.liveperson.net/api/js/
109 B
829 B
Script
General
Full URL
https://va.v.liveperson.net/api/js/70099149?sid=5Co1XRV5T2G6eF4wWutOmA&cb=lpCb54568x3018&t=pl&ts=1583170473146&pid=804444604&tid=9094946373&vid=hiMmZiNmE1OTA4NTcxMDYw
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
901eac436d0a524b1a5250fbd220e0f38659ed5bbfa04969e59963b044b2de84

Request headers

Referer
https://3winorama.com/lp/nl/Magicfairies/index.html?Inc=23206311&brandId=4&campaignId=41304&mediaId=1&affiliateProfileName=120_400&ABClicks=1&shorten_link=5acb63b4c44b9&shorten_target=10585&netoClickId=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 02 Mar 2020 17:34:33 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/json
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer object| brandInfo object| swfobject string| defaultBrandInfo function| $ function| jQuery object| platformWindow function| get_url_parameter function| getAllUrlParams object| Cookies object| Preferences function| getParamsFromFunction function| getParamsFromCookie function| checkInArray function| checkClick function| getStringCookieProperties function| OpenGamesWindowIt function| OpenGamesWindow function| openLiveChat function| printPixel function| registerUser function| isDepositor function| getVIPLevel function| fireEvent function| isReal object| lpMTagConfig function| lpAddMonitorTag function| getMobileDomain object| isMobile object| jQuery110204210172625213815 object| google_tag_manager string| GoogleAnalyticsObject function| ga object| lpTag object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| CE2 string| __INDIVIDUAL_ONE_VERSION_ev-store_ENFORCE_SINGLETON undefined| __INDIVIDUAL_ONE_VERSION_ev-store function| countryCode function| getCurrencySymbol function| getCurrencyString function| getCurrencyForPlatform function| getServerDate function| extraParameters string| swfVer string| str function| _typeof function| _extends

4 Cookies

Domain/Path Name / Value
.3winorama.com/ Name: _gat_UA-27702367-3
Value: 1
.3winorama.com/ Name: _ga
Value: GA1.2.877558978.1583170473
.3winorama.com/ Name: _gid
Value: GA1.2.163806863.1583170473
.3winorama.com/ Name: __cfduid
Value: d615fa3a9f8b8034f2905b8b6a85bb8881583170472

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3winorama.com
accdn.lpsnmedia.net
ajax.googleapis.com
cdn-origin.netoplay.com
cdn.cg-platform.com
cdn.netoplay.com
click.powerplaypoints.com
coreg.netopartners.com
fonts.googleapis.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
maxcdn.bootstrapcdn.com
sample-api-v2.crazyegg.com
script.crazyegg.com
secure.3winorama.com
static.orangebuddies.com
va.v.liveperson.net
www.google-analytics.com
www.googletagmanager.com
www.nucash.be
178.249.101.23
2001:4de0:ac19::1:b:1a
208.89.12.87
2606:4700:10::6814:56a
2606:4700:20::6819:305
2606:4700:20::6819:3174
2606:4700:3030::681b:b071
2606:4700::6813:9408
2a00:1450:4001:818::200a
2a00:1450:4001:81a::200e
2a00:1450:4001:81b::2008
2a00:1450:4001:81b::200a
2a02:21a8:0:3::ca6b:ba66
2a03:6400:10:0:178:249:97:98
2a03:6400:10:0:178:249:97:99
35.205.71.224
50.16.243.242
78.137.118.22
00d463ef263a4035edbd0d348e12e7dec2a99fd76ec090d843e000e83eb8fcca
1f8cf783efe6827d379cf91adcc6032c9448923e05a648905bd8075650e39cb6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c798a1ed77d81808ccd071c777ab901965f0ed613cf47867f5e737d6671f905
36b4ac8575fe56f4e0122f9496501b52cc58e58566a45aa41797a1091dd51e5c
3834133d2732a3e8f48d3653d521c10845d6618320288ec2b19642c0473d277b
3f7001311cfb13460ca46ec2315d0d496a075ecc99652db685be2a1e0790144b
495c6affcd4c9102c694e25ff33a00beb9d5c61b473dd7d387db0937169742af
4a03e3a5ec0ba9f97c1ffe1b95e446777be3fb6c7a5d81926f9f3683d7918196
5bc9bfe7129b7fff288565fdd2bd30b2d9923507bf306429be1e1347203b1c83
608321ebf4e2970ce66c0321f74acccf3234e991af056287c4c4ea5054272a64
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6c8283feede6f0c2f427ba3487f7951b62ef19e4e98c817e00c4bce570398188
8090278ad104345d81e5734a4318fe138636cdd4a59fd83a3e321b7130d2f9fc
81bfc535b798aea06763ba112fd7edc6f88fee549f9e0a4a98b0cea84bef23e6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
901eac436d0a524b1a5250fbd220e0f38659ed5bbfa04969e59963b044b2de84
96adc292e999fe79090ded059c51be8f88f864dcd2328f90ce86f4ccb3b5c642
9faa79e0a39b3d48f934f8e63e2bbb8c42a1985e401e2a70c9286d973dff2740
a03a0e52f0f18d00375e4358ede5ec2ab934ea7a739e916c7c1caa702833e1b2
a30e59a8b11c20c245c8d757e8e2d17c80f82d9e80739630e1c6aa0a5fe740d0
b043774247fb8ef1fb01d5fd3b357807daffe900b34956341bad9f1cd806fc09
b0da8352e0d31f7e250c2716f0d915a70e19a82f0c2a43ebf58c778fa67f580d
b9071bfc7aa0a1708f24aab917b307bb9fed526bdbf00254bba4f9b1cc23ba9f
bc2d206064e6dbc975bb0bf332fb48c7af9b04187b263713b4db2f61831cb8cc
c434d1ab5c371183f35b542ac8ac77c7cbd2c860e4ceceee2693994dee5158bb
cc490a8ef7deb4c7fba66f332ad8cdd39433675b95d2bd341300ab7b718f8e4e
d699f303990ce9bd7d7c97e9bd3cad6a46ecf2532f475cf22ae58213237821b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5010314542a3b68b9444bebabf389e9aa0b5c4f9861a7f55765d28aceaa9ad0
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ed3e2cb8f804c3d29c82ada1b523f21f21df03ec68f12b594e8910d09e20c33c
ed5279e550ac7f7e7d13962a02507cc671ba8d5e41cd832edcc436687b2d1d28
f5d7d3dc6a3c7a30f02805235644fc7d4008146202309306dcea1f6c294c20fe
fd6c2b2109ce8bbc91af21093a27633fe27ccd6ba5a7f6fed6fd98e989949eba
fec625cb265cf5543af03196946a95f4c2aaaa5e088425f65bf87b834ff0ed2a