Submitted URL: https://mail.levif.be/optiext/optiextension.dll?ID=v32v3yIInLpqxVqSKKBCPZsz1gq076pqvHQUS3V7eBNa76QL8pg8gE92ASPVA_asYGi...
Effective URL: https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e...
Submission: On October 07 via api from BE — Scanned from DE

Summary

This website contacted 20 IPs in 7 countries across 15 domains to perform 67 HTTP transactions. The main IP is 18.66.147.98, located in United States and belongs to AMAZON-02, US. The main domain is weekend.levif.be. The Cisco Umbrella rank of the primary domain is 842188.
TLS certificate: Issued by Amazon on June 2nd 2022. Valid for: a year.
This is the only time weekend.levif.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
2 21 18.66.147.98 16509 (AMAZON-02)
1 1 108.138.7.100 16509 (AMAZON-02)
2 2606:4700:303... 13335 (CLOUDFLAR...)
7 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2600:9000:225... 16509 (AMAZON-02)
10 2600:9000:223... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
10 2600:9000:249... 16509 (AMAZON-02)
2 52.215.31.56 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 152.70.60.241 31898 (ORACLE-BM...)
1 52.222.236.126 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 23.54.112.182 16625 (AKAMAI-AS)
1 146.59.29.12 16276 (OVH)
1 91.212.185.95 49333 (ROULARTA-...)
1 52.210.172.254 16509 (AMAZON-02)
1 176.34.162.197 16509 (AMAZON-02)
1 13.32.99.92 16509 (AMAZON-02)
1 20.50.2.29 8075 (MICROSOFT...)
67 20
Apex Domain
Subdomains
Transfer
32 levif.be
mail.levif.be
weekend.levif.be — Cisco Umbrella Rank: 842188
c431.levif.be
863 KB
10 mijnmagazines.be
api.mijnmagazines.be — Cisco Umbrella Rank: 250959
325 KB
7 static-rmg.be
img.static-rmg.be — Cisco Umbrella Rank: 186040
612 KB
4 moatads.com
z.moatads.com — Cisco Umbrella Rank: 620
mb.moatads.com — Cisco Umbrella Rank: 888
geo.moatads.com — Cisco Umbrella Rank: 875
89 KB
3 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 5660
165 KB
3 roularta.be
sso.roularta.be — Cisco Umbrella Rank: 175941
myprivacy.roularta.be — Cisco Umbrella Rank: 257069
www.roularta.be — Cisco Umbrella Rank: 328544
17 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
129 KB
2 blueconic.net
roularta.blueconic.net — Cisco Umbrella Rank: 474112
2 KB
2 adshim.com
cdn.adshim.com — Cisco Umbrella Rank: 267012
88 KB
1 azurewebsites.net
rmgdapfnccsharpprd.azurewebsites.net — Cisco Umbrella Rank: 269247
132 B
1 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 7350
43 KB
1 gemius.pl
gabe.hit.gemius.pl — Cisco Umbrella Rank: 26911
16 KB
1 gscontxt.net
roularta-ams.gscontxt.net — Cisco Umbrella Rank: 279918
196 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 228
28 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 129
78 KB
67 15
Domain Requested by
21 weekend.levif.be 2 redirects weekend.levif.be
10 api.mijnmagazines.be weekend.levif.be
api.mijnmagazines.be
10 c431.levif.be weekend.levif.be
c431.levif.be
7 img.static-rmg.be weekend.levif.be
3 sdk.privacy-center.org weekend.levif.be
sdk.privacy-center.org
2 z.moatads.com sdk.privacy-center.org
z.moatads.com
2 securepubads.g.doubleclick.net www.googletagservices.com
2 roularta.blueconic.net c431.levif.be
2 cdn.adshim.com weekend.levif.be
cdn.adshim.com
1 rmgdapfnccsharpprd.azurewebsites.net c431.levif.be
1 ats-wrapper.privacymanager.io weekend.levif.be
1 geo.moatads.com z.moatads.com
1 mb.moatads.com z.moatads.com
1 www.roularta.be weekend.levif.be
1 gabe.hit.gemius.pl weekend.levif.be
1 myprivacy.roularta.be sdk.privacy-center.org
1 roularta-ams.gscontxt.net cdn.adshim.com
1 www.googletagservices.com cdn.adshim.com
1 www.googletagmanager.com weekend.levif.be
1 sso.roularta.be 1 redirects
1 mail.levif.be 1 redirects
67 21
Subject Issuer Validity Valid
*.knack.be
Amazon
2022-06-02 -
2023-07-01
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-11 -
2023-05-10
a year crt.sh
*.privacy-center.org
Amazon
2022-04-09 -
2023-05-08
a year crt.sh
b759.abonnements.be
Amazon
2022-06-08 -
2023-07-07
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
mijnmagazines.be
Amazon
2022-05-16 -
2023-06-14
a year crt.sh
*.blueconic.net
Amazon
2022-01-03 -
2023-02-01
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
*.gscontxt.net
DigiCert TLS RSA SHA256 2020 CA1
2021-12-08 -
2022-12-08
a year crt.sh
myprivacy.roularta.be
Amazon
2021-11-30 -
2022-12-28
a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA
2021-11-27 -
2022-11-29
a year crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA
2022-09-13 -
2023-09-25
a year crt.sh
*.roularta.be
Sectigo RSA Domain Validation Secure Server CA
2022-08-31 -
2023-09-28
a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-05
a year crt.sh
*.privacymanager.io
Amazon
2022-08-26 -
2023-09-24
a year crt.sh
*.azurewebsites.net
Microsoft Azure TLS Issuing CA 01
2022-03-14 -
2023-03-09
a year crt.sh

This page contains 3 frames:

Primary Page: https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&utm_medium=Email&utm_campaign=Newsletter-RNBWEEKFR
Frame ID: 7582EAC19830E82D75F9E6F888820E3A
Requests: 67 HTTP requests in this frame

Frame: https://myprivacy.roularta.be/global-cookies.6cf09ac372a356f0533b96b137599450056e2eb2.html
Frame ID: 81BD10E0B00C2D9A8AA8A880691FA3E4
Requests: 1 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 0E09AFFA1A213398C29BE58098109E3C
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Le « Grand Livre Secret des Gnomes, Lutins et Farfadets », un grimoire enchanteur

Page URL History Show full URLs

  1. https://mail.levif.be/optiext/optiextension.dll?ID=v32v3yIInLpqxVqSKKBCPZsz1gq076pqvHQUS3V7eBNa76Q... HTTP 302
    https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchan... HTTP 302
    https://sso.roularta.be/auth?scope=openid%20email%20profile%20address%20rmg_group%20extended_address... HTTP 302
    https://weekend.levif.be/auth/login/callback?error=login_required&error_description=End-User%20authen... HTTP 302
    https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchan... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • moatads\.com

Page Statistics

67
Requests

100 %
HTTPS

43 %
IPv6

15
Domains

21
Subdomains

20
IPs

7
Countries

2451 kB
Transfer

5628 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mail.levif.be/optiext/optiextension.dll?ID=v32v3yIInLpqxVqSKKBCPZsz1gq076pqvHQUS3V7eBNa76QL8pg8gE92ASPVA_asYGiSmdyiiad2NlfrRI9QFn7KC9sXCk5ZvRrDIl1K HTTP 302
    https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR HTTP 302
    https://sso.roularta.be/auth?scope=openid%20email%20profile%20address%20rmg_group%20extended_address&audience=rmg_domain&state=eyJyZWRpcmVjdFRvIjoiaHR0cHM6Ly93ZWVrZW5kLmxldmlmLmJlL2tpZHMvbGUtZ3JhbmQtbGl2cmUtc2VjcmV0LWRlcy1nbm9tZXMtbHV0aW5zLWV0LWZhcmZhZGV0cy11bi1ncmltb2lyZS1lbmNoYW50ZXVyLz9jZWxfaGFzaD05NmQyZTYxZTkyNzZkZTIwMjliNzNiNjViN2IwNGM2MThlZmQ1NzQzJmNodHM9MTY2NTE2NDgyNCZ1dG1fc291cmNlPU5ld3NsZXR0ZXItMjAyMjEwMDcmYW1wO3V0bV9tZWRpdW09RW1haWwmYW1wO3V0bV9jYW1wYWlnbj1OZXdzbGV0dGVyLVJOQldFRUtGUiIsInR5cGUiOiJsb2dpbiIsInJhbmRvbXNoaXp6bGUiOjE2NjUxNTc2MjQxMTl9&client_id_for_mailing=6aqbj7ahsn5qfxmwgfk8m5y33rct9d9k&registration_type=memberRegistration&response_type=code&redirect_uri=https%3A%2F%2Fweekend.levif.be%2Fauth%2Flogin%2Fcallback&client_id=usem8wwh8r3e2c6nvce4pw47dxr73rhs&prompt=none HTTP 302
    https://weekend.levif.be/auth/login/callback?error=login_required&error_description=End-User%20authentication%20is%20required&state=eyJyZWRpcmVjdFRvIjoiaHR0cHM6Ly93ZWVrZW5kLmxldmlmLmJlL2tpZHMvbGUtZ3JhbmQtbGl2cmUtc2VjcmV0LWRlcy1nbm9tZXMtbHV0aW5zLWV0LWZhcmZhZGV0cy11bi1ncmltb2lyZS1lbmNoYW50ZXVyLz9jZWxfaGFzaD05NmQyZTYxZTkyNzZkZTIwMjliNzNiNjViN2IwNGM2MThlZmQ1NzQzJmNodHM9MTY2NTE2NDgyNCZ1dG1fc291cmNlPU5ld3NsZXR0ZXItMjAyMjEwMDcmYW1wO3V0bV9tZWRpdW09RW1haWwmYW1wO3V0bV9jYW1wYWlnbj1OZXdzbGV0dGVyLVJOQldFRUtGUiIsInR5cGUiOiJsb2dpbiIsInJhbmRvbXNoaXp6bGUiOjE2NjUxNTc2MjQxMTl9&guest_guid=02792e76-f540-4e46-9301-502df3da725c HTTP 302
    https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/
Redirect Chain
  • https://mail.levif.be/optiext/optiextension.dll?ID=v32v3yIInLpqxVqSKKBCPZsz1gq076pqvHQUS3V7eBNa76QL8pg8gE92ASPVA_asYGiSmdyiiad2NlfrRI9QFn7KC9sXCk5ZvRrDIl1K
  • https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20...
  • https://sso.roularta.be/auth?scope=openid%20email%20profile%20address%20rmg_group%20extended_address&audience=rmg_domain&state=eyJyZWRpcmVjdFRvIjoiaHR0cHM6Ly93ZWVrZW5kLmxldmlmLmJlL2tpZHMvbGUtZ3Jhbm...
  • https://weekend.levif.be/auth/login/callback?error=login_required&error_description=End-User%20authentication%20is%20required&state=eyJyZWRpcmVjdFRvIjoiaHR0cHM6Ly93ZWVrZW5kLmxldmlmLmJlL2tpZHMvbGUtZ...
  • https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20...
156 KB
34 KB
Document
General
Full URL
https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
/
Resource Hash
bd9fe0f67dc4727630f5d811240c136112fab3c6a410ee31e2182825ae32d77c
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
298
content-encoding
gzip
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Fri, 07 Oct 2022 15:42:06 GMT
link
<https://weekend.levif.be/wp-json/>; rel="https://api.w.org/" <https://weekend.levif.be/wp-json/wp/v2/posts/243348>; rel="alternate"; type="application/json" <https://weekend.levif.be/?p=243348>; rel=shortlink
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-id
i1XtLXyaDWtPIvdarNN1stnVRIp7eenWBYqwlwVnP9TaH34hHyc8Rg==
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

content-length
14
date
Fri, 07 Oct 2022 15:47:04 GMT
location
https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
server
CloudFront
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-id
UxO4iDC899TNJoLm1XvpvnTjPeF5gE9VfmEtl_m9vcrktcsfiPekdg==
x-amz-cf-pop
FRA60-P4
x-cache
LambdaGeneratedResponse from cloudfront
index.css
weekend.levif.be/app/plugins/rmg-clevercast/build/
1 KB
1 KB
Stylesheet
General
Full URL
https://weekend.levif.be/app/plugins/rmg-clevercast/build/index.css?ver=7517952a3f86f67fb26470d0dd7197f1
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
/
Resource Hash
db835824e62fa7ad3b28a9fd1e9c869db8f85df780ca52c763fbb2b16bd4998a
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 07:27:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
age
3745155
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 25 Aug 2022 07:26:09 GMT
etag
W/"63072411-503"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
MDl0twrh-BqPAJhSj8Y4v4nbS2KZ5RihCBGiHB9MI5jkWLJn7zvRxQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
sbi-styles.min.css
weekend.levif.be/app/plugins/instagram-feed-pro/css/
56 KB
13 KB
Stylesheet
General
Full URL
https://weekend.levif.be/app/plugins/instagram-feed-pro/css/sbi-styles.min.css?ver=5.9
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
/
Resource Hash
5ecda8167d8a63b4584bff6cc7f85c372ce0cd8dc5d5103865ec1d8aa2884939
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 20 May 2022 10:23:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
age
12115385
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 19 May 2022 10:24:20 GMT
etag
W/"62861ad4-dfd9"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
kuHn324RMfsuCuBnIaxXHZAAG8JfejiiYrtJyYXy_j0y9O403KZpSQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.9e54e95b9d7eab53c61f.css
weekend.levif.be/app/themes/rmg-wp-news-theme/dist/
525 KB
75 KB
Stylesheet
General
Full URL
https://weekend.levif.be/app/themes/rmg-wp-news-theme/dist/main.9e54e95b9d7eab53c61f.css
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
/
Resource Hash
54b6fafd34622fb49c172aede575e7fdeaf4922546210a030e34078215a55fb8
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 12:47:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
age
97190
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 06 Oct 2022 12:45:25 GMT
etag
W/"633ecde5-833b6"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
SrWyKKxOA82FWNcP24aZEVozW2A8kJtCLXSZVmnBKSXpw_IMRr9f2g==
expires
Thu, 31 Dec 2037 23:55:55 GMT
adshim.js
cdn.adshim.com/a927a7a2-b388-4073-9126-68f5b5597617/
17 KB
7 KB
Script
General
Full URL
https://cdn.adshim.com/a927a7a2-b388-4073-9126-68f5b5597617/adshim.js
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2c4a186fa2c3161fb94823bc719d18400166f246e0d8de0e28a9eabd3d2104c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 15:47:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 20 Jul 2022 19:12:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5525
etag
W/"a79feedc646ea4c52842223733401a98"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qdmSigrsiuvd8GhdUrcwrpkcZ%2BVXsxgJqG%2B6vPzwLQIibIV0qmHOiTt2NE4xsBczVIAJ0SpDZawMTv%2B9LF%2FEIyF1khCVzvPDI2HdxG1iwbs3R8Ao64HreNz1FlRBGeeS2jE8ZHFhJq%2FZMFrPtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-adshim-version
5160544503857152
cache-control
public, max-age=300
cf-ray
7567c5f0fe856993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rmgAds-OVDTHWQE.js
weekend.levif.be/app/plugins/rmg-adshim/public/assets/
4 KB
2 KB
Script
General
Full URL
https://weekend.levif.be/app/plugins/rmg-adshim/public/assets/rmgAds-OVDTHWQE.js
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
/
Resource Hash
e812607f142e801d1401b788e049ac002b72a2a00135c2ded5e23a4be71b5a91
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 12:46:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
age
97218
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 06 Oct 2022 12:45:26 GMT
etag
W/"633ecde6-105d"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
Ebwpa0Y_7sGrkElZ2bDRGIT9FKEeJbuc5QGyBcFMOm5E6DV5Eo4SLQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
lgldg15-jpg.jpg
img.static-rmg.be/a/view/q75/w962/h503/4738536/
64 KB
65 KB
Image
General
Full URL
https://img.static-rmg.be/a/view/q75/w962/h503/4738536/lgldg15-jpg.jpg
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / img.static-smb/0.1
Resource Hash
95152fe51c2f3934db14b6c913ef5976e1ef3c48063be44e69a087294c95b281
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 15:47:05 GMT
strict-transport-security
max-age=300; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
img.static-smb/0.1
content-transfer-encoding
binary
content-disposition
inline; filename="4738536.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pragma
referrer-policy
strict-origin
last-modified
Fri, 07 Oct 2022 15:47:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MR4c%2BCxjMaxNY3CsGuwvCg6I2IFWvJugHSrw30h6IwqAQZn5nvocXDwop8%2FglrCZ%2F1KMWnZVq51aPQYURZLGPrI0o1UWrl9OOqvCHmiTdt5bB6jT9l%2BI1t2ReP6XrcwPe773v%2Br6xhZExcWapbGg"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
cf-ray
7567c5f10c96699f-FRA
expires
Fri, 21 Oct 2022 15:47:04 GMT
loader.js
sdk.privacy-center.org/0c7f196f-0b85-4850-bfd5-f5512ebf3f5d/
55 KB
15 KB
Script
General
Full URL
https://sdk.privacy-center.org/0c7f196f-0b85-4850-bfd5-f5512ebf3f5d/loader.js?target=weekend.levif.be
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ea00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
405642792d904d916247192d0354ce6b6c0f3319436faa11892128feff7e179e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 15:46:27 GMT
content-encoding
gzip
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-didomi-remote-config-source
Lambda
server
CloudFront
x-amz-cf-pop
FRA60-P3
age
37
etag
"99bda99ce36cadcec2fe3b40f44b1c42"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200, public
content-length
14555
x-amz-cf-id
sfcEAjY87ppQe6COuLGdQQuO7YlrMn4Vi7KeqGuCTY3rVkIAVWbF6Q==
script.js
c431.levif.be/
166 KB
48 KB
Script
General
Full URL
https://c431.levif.be/script.js
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:7000:f:6d28:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
- /
Resource Hash
f8233d8ef40c1ac2ab01081ef07eecf30f5211d59042a2108301724f59023891
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 15:44:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P2
age
162
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
48813
x-xss-protection
1; mode=block
last-modified
Fri, 07 Oct 2022 15:32:53 GMT
server
-
etag
947b12c101c4d9ee2b19a3b3798b3889
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=600
x-robots-tag
noindex, nofollow
x-amz-cf-id
URZhwV6W3KitpM3fMVcvg1JluHKSQTOcAAhk_5SSV30rVj89uO-cVQ==
expires
Fri, 07 Oct 2022 15:54:22 GMT
gtm.js
www.googletagmanager.com/
241 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TNT28CW
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dfe90ee185b1261cd22d569a06a351db0f209ec4f601bfabd1276b93061f2bba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 15:47:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
79316
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 07 Oct 2022 15:47:04 GMT
rmg-auth.js
weekend.levif.be/app/plugins/rmg-wp-account/assets/
12 KB
4 KB
Script
General
Full URL
https://weekend.levif.be/app/plugins/rmg-wp-account/assets/rmg-auth.js?ver=1.9.1
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
/
Resource Hash
ae953bfc4c90287bbc5aac20a4bf30473efd11c879dd503c0f49eb0d91e6ec22
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 20:41:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
age
68729
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 06 Oct 2022 12:48:57 GMT
etag
W/"633eceb9-2fb6"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
vUCzfW9mbwU8q4dBZm63Z5oemUDdST3sdazDV1zXjc4m2OjgDl_lrg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
index.71774ca10fa9a2caccb0.js
weekend.levif.be/app/plugins/one-brand-header/build/
2 KB
2 KB
Script
General
Full URL
https://weekend.levif.be/app/plugins/one-brand-header/build/index.71774ca10fa9a2caccb0.js?ver=1665157200
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
/
Resource Hash
adb8abd6f28f61a3a194fb2879c0cb5e2a28e4b8dd132f670ce5daa0d4ab6e7a
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 15:37:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
age
560
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 06 Oct 2022 20:39:40 GMT
etag
W/"633f3d0c-87e"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
FnJIVMqR_TJmlaMmB3RYKHtyGfBuZwIAZSm5eqhDroMCy0ERK7UHVA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
rmgNotifications.js
weekend.levif.be/app/plugins/rmg-notifications/public/js/
1 KB
1 KB
Script
General
Full URL
https://weekend.levif.be/app/plugins/rmg-notifications/public/js/rmgNotifications.js?ver=1.9.1
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
/
Resource Hash
c15ca0eb4ea15b9f29bdc61d2c675bd4ab9c5267890229256555d0c0e33c1cf7
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 20:41:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
age
68735
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 06 Oct 2022 20:39:41 GMT
etag
W/"633f3d0d-579"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
oPhnarhhwHMRNbPGPVfbFA_tWG6R9uiwLXepb7p7TWGGvNAcmn1w-w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.cf1b94394dec4f723a0f.js
weekend.levif.be/app/themes/rmg-wp-news-theme/dist/
213 KB
70 KB
Script
General
Full URL
https://weekend.levif.be/app/themes/rmg-wp-news-theme/dist/main.cf1b94394dec4f723a0f.js
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
/
Resource Hash
596d342b4a2edca1883b0e57a3d81c69486ec97a2befc385a14fdde86f2b9b27
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 07:27:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
age
3745150
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 25 Aug 2022 07:26:09 GMT
etag
W/"63072411-352eb"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
CGSTJ8tPxbvcKLJSQcsHuYWQnQHVPzYcLWtsJ4HySKCpmNKLuD1QfA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
lazyload.min.js
weekend.levif.be/app/plugins/wp-rocket/assets/js/lazyload/17.5/
8 KB
4 KB
Script
General
Full URL
https://weekend.levif.be/app/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
/
Resource Hash
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 20 May 2022 06:05:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
age
12130915
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 19 May 2022 10:26:37 GMT
etag
W/"62861b5d-2063"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
kmGJJl_4YkbiBTV6g7bgafBMpl8ZjI7dhqoIHNjS0GzGlVxw08loNA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/
64 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
lab-grotesque-regular.f6611d6d0ff1aa998fb1.woff2
weekend.levif.be/app/themes/rmg-wp-news-theme/dist/fonts/
44 KB
45 KB
Font
General
Full URL
https://weekend.levif.be/app/themes/rmg-wp-news-theme/dist/fonts/lab-grotesque-regular.f6611d6d0ff1aa998fb1.woff2
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/app/themes/rmg-wp-news-theme/dist/main.9e54e95b9d7eab53c61f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
/
Resource Hash
f8b4fde7be3fa99a858afd07083567eb8bc37a638eb2ca3ee1b8d67d5dcba395
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://weekend.levif.be/app/themes/rmg-wp-news-theme/dist/main.9e54e95b9d7eab53c61f.css
Origin
https://weekend.levif.be
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 20 May 2022 06:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
12130844
x-cache
Hit from cloudfront
content-length
45560
x-xss-protection
1; mode=block
last-modified
Thu, 19 May 2022 10:26:04 GMT
etag
"62861b3c-b1f8"
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
qtmy9COqJ42s8tsJ0eqfT-u0Op-ogn0URNeGMHs4Vgurzj-oJ8EQ9w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
lab-grotesque-bold.9cb2e5a0384043222154.woff2
weekend.levif.be/app/themes/rmg-wp-news-theme/dist/fonts/
47 KB
47 KB
Font
General
Full URL
https://weekend.levif.be/app/themes/rmg-wp-news-theme/dist/fonts/lab-grotesque-bold.9cb2e5a0384043222154.woff2
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/app/themes/rmg-wp-news-theme/dist/main.9e54e95b9d7eab53c61f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
/
Resource Hash
2c667cdbe90922576bac69bbd0fa8f61d0c410748bf29b5bccea09b21123f1a0
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://weekend.levif.be/app/themes/rmg-wp-news-theme/dist/main.9e54e95b9d7eab53c61f.css
Origin
https://weekend.levif.be
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 20 May 2022 06:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
12130844
x-cache
Hit from cloudfront
content-length
47856
x-xss-protection
1; mode=block
last-modified
Thu, 19 May 2022 10:26:34 GMT
etag
"62861b5a-baf0"
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
90jp6nOsZ3wCnLunTpgBXUV0af1Dvy4EmKc48RCBQM7ZCeDGRZCSDw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/
200 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5671cd8233a772b726dfa7630fa98d63d3970abda1175081a64152975079ce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/png
state
weekend.levif.be/wp-json/rmg-sso/v1/
40 B
2 KB
XHR
General
Full URL
https://weekend.levif.be/wp-json/rmg-sso/v1/state
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/app/plugins/rmg-wp-account/assets/rmg-auth.js?ver=1.9.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
/
Resource Hash
3a4fba74090136a37f89d09f7c2c4b2df860369992b435c547288f339f6d3955
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 07 Oct 2022 15:47:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
pragma
no-cache
allow
GET
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-robots-tag
noindex
link
<https://weekend.levif.be/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-amz-cf-id
vFEpOnIFOZolkaORlKW_8fTVeweDV5fY0PaKa7nysOzIf-AhM2NaoA==
tasman-regular.2d997011ad7e02ed4f1a.woff2
weekend.levif.be/app/themes/rmg-wp-news-theme/dist/fonts/
61 KB
62 KB
Font
General
Full URL
https://weekend.levif.be/app/themes/rmg-wp-news-theme/dist/fonts/tasman-regular.2d997011ad7e02ed4f1a.woff2
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/app/themes/rmg-wp-news-theme/dist/main.9e54e95b9d7eab53c61f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
/
Resource Hash
858e06a7549f59381b7d1b810b8377e4db440ec235c86a41b7069587128723cb
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://weekend.levif.be/app/themes/rmg-wp-news-theme/dist/main.9e54e95b9d7eab53c61f.css
Origin
https://weekend.levif.be
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 20 May 2022 07:35:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
12125523
x-cache
Hit from cloudfront
content-length
62608
x-xss-protection
1; mode=block
last-modified
Thu, 19 May 2022 10:26:04 GMT
etag
"62861b3c-f490"
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
QW-vtxXJedt5CQrouWrMUR8NQOH9oKwLkPRI5TLRgWPLOrWzsf1XBQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
nib-pro-bold.9236c385fadf2c39cb40.woff2
weekend.levif.be/app/themes/rmg-wp-news-theme/dist/fonts/
82 KB
82 KB
Font
General
Full URL
https://weekend.levif.be/app/themes/rmg-wp-news-theme/dist/fonts/nib-pro-bold.9236c385fadf2c39cb40.woff2
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/app/themes/rmg-wp-news-theme/dist/main.9e54e95b9d7eab53c61f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
/
Resource Hash
bef267f0983880cf389d017be13219ca18d9205d2059898fdad103f94cea0da9
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://weekend.levif.be/app/themes/rmg-wp-news-theme/dist/main.9e54e95b9d7eab53c61f.css
Origin
https://weekend.levif.be
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 20 May 2022 01:13:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
12148401
x-cache
Hit from cloudfront
content-length
83488
x-xss-protection
1; mode=block
last-modified
Thu, 19 May 2022 10:24:17 GMT
etag
"62861ad1-14620"
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
QKof07BNcdJ0ruhkVx0ZmaBr8PFe4XcWd2qEhcsD-RILy4AeWpTrcA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
lab-grotesque-medium.5378edcb8c3859e66f08.woff2
weekend.levif.be/app/themes/rmg-wp-news-theme/dist/fonts/
45 KB
46 KB
Font
General
Full URL
https://weekend.levif.be/app/themes/rmg-wp-news-theme/dist/fonts/lab-grotesque-medium.5378edcb8c3859e66f08.woff2
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/app/themes/rmg-wp-news-theme/dist/main.9e54e95b9d7eab53c61f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
/
Resource Hash
8575c83bcd649c28701830bc98d0051adba45ba685776092d2417c9240ee0c67
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://weekend.levif.be/app/themes/rmg-wp-news-theme/dist/main.9e54e95b9d7eab53c61f.css
Origin
https://weekend.levif.be
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 20 May 2022 06:16:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
12130241
x-cache
Hit from cloudfront
content-length
46416
x-xss-protection
1; mode=block
last-modified
Thu, 19 May 2022 10:26:34 GMT
etag
"62861b5a-b550"
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
rMzI_I3uBifREU-sMAZwMnzJL1YrDt3Pifu9DSIPluX3koJlZqkr8Q==
expires
Thu, 31 Dec 2037 23:55:55 GMT
tasman-semibold.bc4c54dbc9746c19f4b8.woff2
weekend.levif.be/app/themes/rmg-wp-news-theme/dist/fonts/
65 KB
65 KB
Font
General
Full URL
https://weekend.levif.be/app/themes/rmg-wp-news-theme/dist/fonts/tasman-semibold.bc4c54dbc9746c19f4b8.woff2
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/app/themes/rmg-wp-news-theme/dist/main.9e54e95b9d7eab53c61f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
/
Resource Hash
6b01d0fa53ea12df56a8e232560fd8f7cda6c5f73f00c0b197c05f236137208a
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://weekend.levif.be/app/themes/rmg-wp-news-theme/dist/main.9e54e95b9d7eab53c61f.css
Origin
https://weekend.levif.be
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 20 May 2022 06:16:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
12130241
x-cache
Hit from cloudfront
content-length
66220
x-xss-protection
1; mode=block
last-modified
Thu, 19 May 2022 10:26:04 GMT
etag
"62861b3c-102ac"
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
P9B-QuPAMdqVI2gH7TUpbAyzXS1WjzypTWSjKm9RzhHwWysSqYrZew==
expires
Thu, 31 Dec 2037 23:55:55 GMT
lab-grotesque-black.b9ddeb290192ba3c96dc.woff2
weekend.levif.be/app/themes/rmg-wp-news-theme/dist/fonts/
47 KB
48 KB
Font
General
Full URL
https://weekend.levif.be/app/themes/rmg-wp-news-theme/dist/fonts/lab-grotesque-black.b9ddeb290192ba3c96dc.woff2
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/app/themes/rmg-wp-news-theme/dist/main.9e54e95b9d7eab53c61f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
/
Resource Hash
c41dc37fea212372d1f53109304ebae695e644f9ce083dcab08d5978c8c3020f
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://weekend.levif.be/app/themes/rmg-wp-news-theme/dist/main.9e54e95b9d7eab53c61f.css
Origin
https://weekend.levif.be
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 20 May 2022 03:56:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
12138649
x-cache
Hit from cloudfront
content-length
47924
x-xss-protection
1; mode=block
last-modified
Thu, 19 May 2022 10:24:17 GMT
etag
"62861ad1-bb34"
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
HXuBN7GcZgCwVI9fLSizPzl2m1mJAGp3zJ1EXQD1HWEr65nJYQEIJg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
index.js
api.mijnmagazines.be/packages/navigation/
23 KB
10 KB
Script
General
Full URL
https://api.mijnmagazines.be/packages/navigation/index.js?t=1665157624500
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/app/plugins/one-brand-header/build/index.71774ca10fa9a2caccb0.js?ver=1665157200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4c00:9:ab3f:43c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f182631817c2bf9e6e855f6d0dd4556649b69e0c3a3a5d44510c9b36f02cd1c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 15:47:03 GMT
content-encoding
gzip
via
1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
last-modified
Wed, 05 Oct 2022 09:19:10 GMT
x-amz-cf-pop
FRA56-P7
age
1
etag
W/"633d4c0e-5dc4"
access-control-allow-methods
GET, OPTIONS, POST, PUT, PATCH, DELETE
content-type
application/javascript
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
max-age=315360000
access-control-allow-headers
content-type, authorization
x-amz-cf-id
qnx4YtBTcvolaf_5fcBSW1XMItViC4bh7SiaApqTbocBoGVY9Fym6w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
sdk.6cf09ac372a356f0533b96b137599450056e2eb2.js
sdk.privacy-center.org/
466 KB
93 KB
Script
General
Full URL
https://sdk.privacy-center.org/sdk.6cf09ac372a356f0533b96b137599450056e2eb2.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/0c7f196f-0b85-4850-bfd5-f5512ebf3f5d/loader.js?target=weekend.levif.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ea00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c9b4691b62c21f3a2ef4afa8c882898726998c5f375bb9b573882a2d764d14e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 13:48:38 GMT
content-encoding
gzip
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
last-modified
Thu, 06 Oct 2022 13:44:55 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1665063617/ctime:1665063617/gid:0/gname:root/md5:166ed6f9fc65707cd5e17770b3b22836/mode:33188/mtime:1665063617/uid:0/uname:root
x-amz-cf-pop
FRA60-P3
age
93507
etag
W/"166ed6f9fc65707cd5e17770b3b22836"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
qW7GJKguZs6g0xxfqf2EJvtI19CVkrWzfWqEOvpz3w6Cs1AeSKU3eg==
cs
roularta.blueconic.net/DG/663b69d1-fd3d-43a1-a668-6e15ee4f674f/
16 B
705 B
Script
General
Full URL
https://roularta.blueconic.net/DG/663b69d1-fd3d-43a1-a668-6e15ee4f674f/cs?&callback=bc_json698
Requested by
Host: c431.levif.be
URL: https://c431.levif.be/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.31.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-31-56.eu-west-1.compute.amazonaws.com
Software
- /
Resource Hash
2206a104ea4231650c17d1b5725c2eec32a999c971f685ed3cfc5579f76f71bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Oct 2022 15:47:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
LV.svg
api.mijnmagazines.be/svg/publication/logo/
3 KB
2 KB
Image
General
Full URL
https://api.mijnmagazines.be/svg/publication/logo/LV.svg
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4c00:9:ab3f:43c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
90e42bf09c417ebba2cfa8356a4887a14c735b14fd37ca5b56288b64325c6287
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 04:11:50 GMT
strict-transport-security
max-age=300; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
content-encoding
gzip
via
1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
3843314
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 22 Aug 2022 16:46:07 GMT
server
nginx
etag
W/"6303b2cf-be5"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=315360000
x-amz-cf-id
uRPASEvTs49IZwquuiJGs1elFONZ8U7_3CVsTdNycRN0R_-5sCqpyw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
FP.svg
api.mijnmagazines.be/svg/publication/logo/
8 KB
4 KB
Image
General
Full URL
https://api.mijnmagazines.be/svg/publication/logo/FP.svg
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4c00:9:ab3f:43c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
05f01d522aff3ef4db12f8a7d5787a3b309cc6ea7d5d1ad135ab1ad711e2ad4f
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 05:14:31 GMT
strict-transport-security
max-age=300; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
content-encoding
gzip
via
1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
2975553
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 01 Sep 2022 10:40:15 GMT
server
nginx
etag
W/"63108c0f-1f6a"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=315360000
x-amz-cf-id
zH5mdbdxKDiQRyRCh2hd-Vp5H-uJ12nDNL99dfMR9xy75AZVURF5dw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.26986ad07342a5429e4d.svg
weekend.levif.be/app/themes/rmg-wp-news-theme/dist/images/
3 KB
2 KB
Image
General
Full URL
https://weekend.levif.be/app/themes/rmg-wp-news-theme/dist/images/logo.26986ad07342a5429e4d.svg
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
/
Resource Hash
fa322e5b2a51f5d0168e83559a6d8a563f8dfaf94a2d823b3ac20ee107a34ff7
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 19 May 2022 22:34:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
age
12157952
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 19 May 2022 10:26:04 GMT
etag
W/"62861b3c-c6c"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=315360000
x-amz-cf-id
shzHFbHOmAM9BXUxR6kQfqf3q66odTTkFVaQz1eUxAjuMgjYFR-V3w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
avatar-73099-jpg.jpg
img.static-rmg.be/a/view/q75/w150/h150/4372056/
5 KB
5 KB
Image
General
Full URL
https://img.static-rmg.be/a/view/q75/w150/h150/4372056/avatar-73099-jpg.jpg
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / img.static-smb/0.1
Resource Hash
9884bd2c0982a8487b3137b258e142ed34c5c3e6bb0f0c66c26dcfe3d7b87794
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 15:47:04 GMT
strict-transport-security
max-age=300; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
img.static-smb/0.1
content-transfer-encoding
binary
content-disposition
inline; filename="4372056.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pragma
referrer-policy
strict-origin
last-modified
Fri, 07 Oct 2022 15:47:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yu0FqbKp%2BGhrj24ZYmye3muOwqfl6n5S2zxHF9MtEfYywkUIJXiK7ys1T2IuEVpmSQsgZWDTtBium6mS5iR2ObXDW8CZOL%2BwdiuAp%2FnGG%2BkEV%2B8ydm2q3%2Bm7YIVIYltWzAwcBNJxPe4rCHgDe07V"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
cf-ray
7567c5f1de8f699f-FRA
expires
Fri, 21 Oct 2022 15:47:04 GMT
gettyimages-108313831-jpg.jpg
img.static-rmg.be/a/view/q75/w104/h133/f72.35,38.33/4742149/
4 KB
4 KB
Image
General
Full URL
https://img.static-rmg.be/a/view/q75/w104/h133/f72.35,38.33/4742149/gettyimages-108313831-jpg.jpg
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / img.static-smb/0.1
Resource Hash
7c7e9a929e0ab7ee1d7592978ff8882cf63f45b294c5677d24551832e7623c43
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 15:47:04 GMT
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=300; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1114
cf-polished
origSize=4134, status=webp_bigger
x-powered-by
img.static-smb/0.1
content-transfer-encoding
binary
content-disposition
inline; filename="4742149.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pragma
referrer-policy
strict-origin
cf-bgj
imgq:85,h2pri
last-modified
Fri, 07 Oct 2022 15:28:30 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BaJyTjjnZYqztrsWSz8gQSgsPU3NjxXnhxLJGYvR3zxXI8bW8atAgLFcoBvUw0MMFcH70umH91zexeQ9KIDZ8XPZqXZ2TivAYHIB72yYVjqi9g6AxpXhRnz7GNp5hrFv8lOjQDDiSJM2MpRwsrI7"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
cf-ray
7567c5f1de95699f-FRA
expires
Fri, 21 Oct 2022 15:28:30 GMT
belgaimage-46081702-jpg.jpg
img.static-rmg.be/a/view/q75/w104/h133/f51.85,41.62/4736923/
3 KB
4 KB
Image
General
Full URL
https://img.static-rmg.be/a/view/q75/w104/h133/f51.85,41.62/4736923/belgaimage-46081702-jpg.jpg
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / img.static-smb/0.1
Resource Hash
5afb173671fe3618db64767f79a1dcb012348ed963d6fad32adf9e70390e3dfc
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 15:47:04 GMT
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=300; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
138929
cf-polished
qual=85, origFmt=jpeg, origSize=3167
x-powered-by
img.static-smb/0.1
content-transfer-encoding
binary
content-disposition
inline; filename="belgaimage-46081702-jpg.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pragma
referrer-policy
strict-origin
cf-bgj
imgq:85,h2pri
last-modified
Thu, 06 Oct 2022 01:11:35 GMT
server
cloudflare
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGSTQ58r4tWuhrbrtkNbJGL2dMvxo2WTGBWniDM3b3grmBd2i8zco55JrybQnmnTJCAB8N93YUEP76kAOELvVkWCDykFV6uODveBz3fOVTWq8Vq9G7DnI%2F1ganWYe4AnHs1r759pWQ%2FHSmnt%2Fn6y"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=1209600
cf-ray
7567c5f1de9a699f-FRA
expires
Thu, 20 Oct 2022 01:11:35 GMT
artonpaper2021-1906-jpg.jpg
img.static-rmg.be/a/view/q75/w104/h133/f50.00,50.00/4741670/
4 KB
4 KB
Image
General
Full URL
https://img.static-rmg.be/a/view/q75/w104/h133/f50.00,50.00/4741670/artonpaper2021-1906-jpg.jpg
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / img.static-smb/0.1
Resource Hash
856e1ebd449057e6923280b492a30f6e144d6d8dc85ad7d131a5ce089e7e6572
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 15:47:04 GMT
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=300; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25135
cf-polished
origSize=3820, status=webp_bigger
x-powered-by
img.static-smb/0.1
content-transfer-encoding
binary
content-disposition
inline; filename="4741670.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pragma
referrer-policy
strict-origin
cf-bgj
imgq:85,h2pri
last-modified
Fri, 07 Oct 2022 08:48:09 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAyKRvZ%2BoMKg9Sr1hdT%2Fd0jhj9iIqj7RV2pp4FlyIO0QGnW0Ij3%2B3IPv0G6%2FLOrLOUxwq9xyzlgMaCg8V%2FLXC0E0FZ%2Ba0ePqJBnjuoJjiGPnnarC3NBenvjkRwxPqb0wQfJ0jGTm4SCWsJ6y8TOF"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
cf-ray
7567c5f1de9e699f-FRA
expires
Fri, 21 Oct 2022 08:48:09 GMT
gettyimages-840268916-jpg.jpg
img.static-rmg.be/a/view/q75/w104/h133/f50.00,50.00/4740566/
4 KB
5 KB
Image
General
Full URL
https://img.static-rmg.be/a/view/q75/w104/h133/f50.00,50.00/4740566/gettyimages-840268916-jpg.jpg
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / img.static-smb/0.1
Resource Hash
da8b12a13f0939b6a76427b37de5c9bf7e02a0765013ce9543eac5b880da563b
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 15:47:04 GMT
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=300; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1080
cf-polished
origSize=4525, status=webp_bigger
x-powered-by
img.static-smb/0.1
content-transfer-encoding
binary
content-disposition
inline; filename="4740566.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pragma
referrer-policy
strict-origin
cf-bgj
imgq:85,h2pri
last-modified
Fri, 07 Oct 2022 15:29:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=inaa4yXJ6PaMma5n4LgBOVm3IJO6RkvVJmcYeMCDZiDiKgLmwvxtkpvfdTUFsYigKq1qaHpc7YsNp15G6QQP5GJdIolNqO5BqZN0s%2F8lq4hdsgqHfMFFJH8Q%2Be32dcBw5kGS52jLADoMGxPzbf5r"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
cf-ray
7567c5f1dea2699f-FRA
expires
Fri, 21 Oct 2022 15:29:03 GMT
gpt.js
www.googletagservices.com/tag/js/
80 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cdn.adshim.com
URL: https://cdn.adshim.com/a927a7a2-b388-4073-9126-68f5b5597617/adshim.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12ae50d6556f3f9bf60dba7cdffea62aa8f4ac158613b9daebf1aa3de73cc64b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 15:47:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27702
x-xss-protection
0
server
sffe
etag
"1356 / 9 of 1000 / last-modified: 1665140982"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 07 Oct 2022 15:47:04 GMT
prebid.e83eb4fc.js
cdn.adshim.com/a927a7a2-b388-4073-9126-68f5b5597617/
259 KB
81 KB
Script
General
Full URL
https://cdn.adshim.com/a927a7a2-b388-4073-9126-68f5b5597617/prebid.e83eb4fc.js
Requested by
Host: cdn.adshim.com
URL: https://cdn.adshim.com/a927a7a2-b388-4073-9126-68f5b5597617/adshim.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69e9806fb75efd30e925e76384d46093d9f9cbfd00bfd9bac5351fd251c44d7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 15:47:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 20 Jul 2022 19:12:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2584
etag
W/"b5d61fe3d1f1f8793658b9502b71a5d2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHovQuKmQbAfljHMM56k3P1ymNwIw8Yj19CFXzi7%2FI9zYnS0%2BLzJrucbTELtdP54PnZIdRitRboQgbYnGEzIJUhiuWP31l38NmaJ5HCnrx5ZzFn8wkHIVEF8ALW6g79pqobrpNV5jVdwc2arjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-adshim-version
5160544503857152
cache-control
private, max-age=604800, immutable
cf-ray
7567c5f1e8736993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
channels.cgi
roularta-ams.gscontxt.net/main/
118 B
196 B
Script
General
Full URL
https://roularta-ams.gscontxt.net/main/channels.cgi?url=https%3A%2F%2Fweekend.levif.be%2Fkids%2Fle-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur%2F
Requested by
Host: cdn.adshim.com
URL: https://cdn.adshim.com/a927a7a2-b388-4073-9126-68f5b5597617/adshim.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
152.70.60.241 Amsterdam, Netherlands, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
e780eb5334d0adaa8cfae623f43f2ba5c3fcd521b84a8f462674173d60496388

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length
118
Content-Type
application/javascript
navigation.css
api.mijnmagazines.be/packages/navigation/
22 KB
7 KB
Stylesheet
General
Full URL
https://api.mijnmagazines.be/packages/navigation/navigation.css?v=53
Requested by
Host: api.mijnmagazines.be
URL: https://api.mijnmagazines.be/packages/navigation/index.js?t=1665157624500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4c00:9:ab3f:43c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cb08b000d2eba5baf63db8d522d2db6c71def6d60053428b2b96a69224371f1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 15:20:18 GMT
content-encoding
gzip
via
1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
1606
x-cache
Hit from cloudfront
last-modified
Wed, 05 Oct 2022 09:19:10 GMT
etag
W/"633d4c0e-59d2"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST, PUT, PATCH, DELETE
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
access-control-allow-headers
content-type, authorization
x-amz-cf-id
VR2LDP4rK2V5nywgvrImo7bTc4qvGQ00G7VmhcWjXkPeJ01O0X5HrA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
navigation.js
api.mijnmagazines.be/packages/navigation/
314 KB
114 KB
Script
General
Full URL
https://api.mijnmagazines.be/packages/navigation/navigation.js?v=53
Requested by
Host: api.mijnmagazines.be
URL: https://api.mijnmagazines.be/packages/navigation/index.js?t=1665157624500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4c00:9:ab3f:43c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
37fb62bf218dc8473a810f86dd804e2ab39336a389004b50f3dc8dbc582ca989

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 15:43:31 GMT
content-encoding
gzip
via
1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
213
x-cache
Hit from cloudfront
last-modified
Wed, 05 Oct 2022 09:19:10 GMT
etag
W/"633d4c0e-4e9b0"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST, PUT, PATCH, DELETE
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
access-control-allow-headers
content-type, authorization
x-amz-cf-id
JVumcQaV8A39vwgX_rL5wEV3STXz_tjhRbdZc-kKnhsiMQse2huMsw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
lgldg46-jpg.jpg
img.static-rmg.be/a/view/q75/w/h/4738534/
524 KB
525 KB
Image
General
Full URL
https://img.static-rmg.be/a/view/q75/w/h/4738534/lgldg46-jpg.jpg
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / img.static-smb/0.1
Resource Hash
35ed21bf278b3268731ed32f96a4a6bbbecd010b3b6d112a62f10035d682bdf8
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 15:47:05 GMT
strict-transport-security
max-age=300; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
img.static-smb/0.1
content-transfer-encoding
binary
content-disposition
inline; filename="4738534.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pragma
referrer-policy
strict-origin
last-modified
Fri, 07 Oct 2022 15:47:05 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Be0S%2Fy%2BaOyrIq4hKxWwnfTy8cX3GkJO1DXV%2ByqmH5WiXnLmPML2fR5JmEvyaRZHb7lVZdcZh8BEFNxiWrRRBmsXXSW%2B0zzusDrEnHLL01mycJlUB5z2OsyfIEzyDXpmIO1PdnaqVFN2VUtMTVKQr"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
cf-ray
7567c5f28f6f996e-FRA
expires
Fri, 21 Oct 2022 15:47:05 GMT
global-cookies.6cf09ac372a356f0533b96b137599450056e2eb2.html
myprivacy.roularta.be/ Frame 81BD
26 KB
9 KB
Document
General
Full URL
https://myprivacy.roularta.be/global-cookies.6cf09ac372a356f0533b96b137599450056e2eb2.html
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk.6cf09ac372a356f0533b96b137599450056e2eb2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35de6ec8e0b6a96014e5685355d0db6176485a6f9a6f87f4f13d02d5a2eb6ca0

Request headers

Referer
https://weekend.levif.be/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
93453
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 06 Oct 2022 13:49:32 GMT
etag
W/"8d3721556bf353e4d543a51faa815d8d"
last-modified
Thu, 06 Oct 2022 13:46:11 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
x-amz-cf-id
RpCe2qgT4LGSU0iOgDjMc4xfH6tU4z-g8rkOOnpShw3Q9syL0FUZIA==
x-amz-cf-pop
FRA56-P4
x-amz-meta-s3cmd-attrs
atime:1665063623/ctime:1665063623/gid:0/gname:root/md5:8d3721556bf353e4d543a51faa815d8d/mode:33188/mtime:1665063623/uid:0/uname:root
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
697
c431.levif.be/DG/663b69d1-fd3d-43a1-a668-6e15ee4f674f/rest/rpc/
54 KB
12 KB
XHR
General
Full URL
https://c431.levif.be/DG/663b69d1-fd3d-43a1-a668-6e15ee4f674f/rest/rpc/697?referer=https%3A%2F%2Fweekend.levif.be%2Fkids%2Fle-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur%2F%3Fcel_hash%3D96d2e61e9276de2029b73b65b7b04c618efd5743%26chts%3D1665164824%26utm_source%3DNewsletter-20221007%26amp%3Butm_medium%3DEmail%26amp%3Butm_campaign%3DNewsletter-RNBWEEKFR&bcsessionid=&bctempid=&overruleReferrer=&time=2022-10-07T15%3A47%3A04%2B00%3A00&ts=1665157624806
Requested by
Host: c431.levif.be
URL: https://c431.levif.be/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:7000:f:6d28:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
- /
Resource Hash
89d4b2da063118dea06880bff42d489b7fdaff394b53c4e4e931c78b0b6b4def
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://weekend.levif.be/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 07 Oct 2022 15:47:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
11553
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://weekend.levif.be
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
pi9UXfwCMDHXZ8DBF330E4gqFIVF1bv9aNYUXlAnLaRu8l0pE5cmYg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
pubads_impl_2022100301.js
securepubads.g.doubleclick.net/gpt/
379 KB
128 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7923a3da2630ae9e964c387bb82a9fb9f0d64aad95dbd62a6ef71ccbad7572a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 08:22:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113052
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130906
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 08:35:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 06 Oct 2023 08:22:52 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
114 B
736 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=weekend.levif.be
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1589c57b1f740146bc67bfc83a8eb7c939f8cbd5ed35a48682891abdafebff5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 15:47:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
expires
Fri, 07 Oct 2022 15:47:04 GMT
MMA.svg
api.mijnmagazines.be/svg/icon/
643 B
1 KB
Image
General
Full URL
https://api.mijnmagazines.be/svg/icon/MMA.svg
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4c00:9:ab3f:43c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e0207f5bf5e1e7c06ad6710de446ef8a87461f1124bbbbd69d24ee1c536d62f6
Security Headers
Name Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 11:52:58 GMT
strict-transport-security
max-age=300; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
content-encoding
gzip
via
1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
9950046
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 14 Jun 2022 11:51:57 GMT
server
nginx
etag
W/"62a8765d-283"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=315360000
x-amz-cf-id
Srf6y0Gs3eN54v885HaK09yJmlZjRSx4gN09BbXc4JHZCu7SB5ijgw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
ibm-plex-sans-semibold.8a093845.woff2
api.mijnmagazines.be/packages/fonts/
58 KB
59 KB
Font
General
Full URL
https://api.mijnmagazines.be/packages/fonts/ibm-plex-sans-semibold.8a093845.woff2
Requested by
Host: api.mijnmagazines.be
URL: https://api.mijnmagazines.be/packages/navigation/navigation.css?v=53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4c00:9:ab3f:43c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
572ef6180698d1ab46b7cc657300ff9c93f2bca2d214739e20d839029f8f4455

Request headers

Referer
https://api.mijnmagazines.be/packages/navigation/navigation.css?v=53
Origin
https://weekend.levif.be
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 12:56:31 GMT
via
1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
1219833
x-cache
Hit from cloudfront
content-length
59692
last-modified
Fri, 23 Sep 2022 12:55:04 GMT
server
nginx
etag
"632daca8-e92c"
access-control-allow-methods
GET, OPTIONS, POST, PUT, PATCH, DELETE
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
content-type, authorization
x-amz-cf-id
L2YmdziDoVS3DuSayoGDpbvYFmcuFCeuXBHZlckm9F7fhTvqq13w5Q==
expires
Thu, 31 Dec 2037 23:55:55 GMT
basier-square-regular.301dd7df.woff2
api.mijnmagazines.be/packages/fonts/
18 KB
18 KB
Font
General
Full URL
https://api.mijnmagazines.be/packages/fonts/basier-square-regular.301dd7df.woff2
Requested by
Host: api.mijnmagazines.be
URL: https://api.mijnmagazines.be/packages/navigation/navigation.css?v=53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4c00:9:ab3f:43c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2b5bf43394003fdce868dec10b6095c3bee0f302c6934905cffe2664c8493b2e

Request headers

Referer
https://api.mijnmagazines.be/packages/navigation/navigation.css?v=53
Origin
https://weekend.levif.be
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 12:56:31 GMT
via
1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
1219833
x-cache
Hit from cloudfront
content-length
18356
last-modified
Fri, 23 Sep 2022 12:55:54 GMT
server
nginx
etag
"632dacda-47b4"
access-control-allow-methods
GET, OPTIONS, POST, PUT, PATCH, DELETE
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
content-type, authorization
x-amz-cf-id
MMPiOPq_un17WP4-bEtJICl65D0BKT2aXAoRVUoP-WiaCi7sdwB8mA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
ui-gdpr-en.6cf09ac372a356f0533b96b137599450056e2eb2.js
sdk.privacy-center.org/
273 KB
57 KB
Script
General
Full URL
https://sdk.privacy-center.org/ui-gdpr-en.6cf09ac372a356f0533b96b137599450056e2eb2.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk.6cf09ac372a356f0533b96b137599450056e2eb2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ea00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b7e015f7b801490b03798cee21f651821f637d873b868f5af3ec9269f209f1c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 13:48:39 GMT
content-encoding
gzip
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
last-modified
Thu, 06 Oct 2022 13:45:01 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1665063617/ctime:1665063617/gid:0/gname:root/md5:ab632cc4326aa28d7da35e7408db5425/mode:33188/mtime:1665063617/uid:0/uname:root
x-amz-cf-pop
FRA60-P3
age
93506
etag
W/"ab632cc4326aa28d7da35e7408db5425"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
V_5MTSdPeCpeT_4ERPWUvQ3NYrSBvjlXiYK4c6sucJ9sjYmJTO_Vmw==
moatheader.js
z.moatads.com/roulartaheader380117297998/
250 KB
87 KB
Script
General
Full URL
https://z.moatads.com/roulartaheader380117297998/moatheader.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk.6cf09ac372a356f0533b96b137599450056e2eb2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.54.112.182 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8c4e7a55f83721fcd112837af6beb4f7986568384368ac7ccaf729380837a0b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 15:47:04 GMT
content-encoding
gzip
last-modified
Wed, 21 Sep 2022 18:30:44 GMT
server
AmazonS3
x-amz-request-id
9F2VVJ9H1DYATXBM
etag
"adb16a969d09f4e94cad1a160e61e72b"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=63910
accept-ranges
bytes
content-length
88546
x-amz-id-2
omZtPP3H4kD3Xz5WOQ3g7GrNTkVsCkj5+RXS0kfvO//J+VkbD4ZFRGrQOwmr0/p0LktcNAdvvvE=
xgemius.js
gabe.hit.gemius.pl/
60 KB
16 KB
Script
General
Full URL
https://gabe.hit.gemius.pl/xgemius.js
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.29.12 , France, ASN16276 (OVH, FR),
Reverse DNS
ip12.ip-146-59-29.eu
Software
GHC /
Resource Hash
cbdc22bcc7e57d2f41a1b7bfdbdd71a799ff18f4c820e695056b84ccf4d58f4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 15:47:05 GMT
content-encoding
gzip
last-modified
Fri, 30 Sep 2022 13:21:50 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
16175
expires
Sat, 08 Oct 2022 03:47:05 GMT
d3e5cacf627efce987144bef9ce1fe1c
c431.levif.be/plugin/plugin/
204 KB
49 KB
Script
General
Full URL
https://c431.levif.be/plugin/plugin/d3e5cacf627efce987144bef9ce1fe1c
Requested by
Host: c431.levif.be
URL: https://c431.levif.be/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:7000:f:6d28:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
- /
Resource Hash
332a8e4b2c155b51a7786cb3f604d91de2b265de704ae898abe880c4d507c6e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 20:37:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P2
age
1278561
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
49548
x-xss-protection
1; mode=block
last-modified
Wed, 21 Sep 2022 20:37:43 GMT
server
-
etag
d3e5cacf627efce987144bef9ce1fe1c
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
0G2EQjszi6XD9JqMxzUTpWfX4zsx_882EA0LfgfXZxMphD0ML66tog==
expires
Fri, 22 Sep 2023 20:37:43 GMT
ibm-plex-sans-regular.54ea32ea.woff2
api.mijnmagazines.be/packages/fonts/
55 KB
55 KB
Font
General
Full URL
https://api.mijnmagazines.be/packages/fonts/ibm-plex-sans-regular.54ea32ea.woff2
Requested by
Host: api.mijnmagazines.be
URL: https://api.mijnmagazines.be/packages/navigation/navigation.css?v=53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4c00:9:ab3f:43c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
61bfa80e071153824914399d5f7ca26ec75fcfe3f4ad20e616e88fe6d9544823

Request headers

Referer
https://api.mijnmagazines.be/packages/navigation/navigation.css?v=53
Origin
https://weekend.levif.be
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 12:56:31 GMT
via
1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
1219834
x-cache
Hit from cloudfront
content-length
55936
last-modified
Fri, 23 Sep 2022 12:55:54 GMT
server
nginx
etag
"632dacda-da80"
access-control-allow-methods
GET, OPTIONS, POST, PUT, PATCH, DELETE
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
content-type, authorization
x-amz-cf-id
evJ-6jFcrW3U846iD-ANF_I0y2Ny2WnxknAOopmFgz-ifMdr7pdIkQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
ibm-plex-sans-bold.66904f9e.woff2
api.mijnmagazines.be/packages/fonts/
54 KB
54 KB
Font
General
Full URL
https://api.mijnmagazines.be/packages/fonts/ibm-plex-sans-bold.66904f9e.woff2
Requested by
Host: api.mijnmagazines.be
URL: https://api.mijnmagazines.be/packages/navigation/navigation.css?v=53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4c00:9:ab3f:43c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8d16df48a76572b377fd03496d25f34ea103b15e7e4db4dc09bebaf749e430af

Request headers

Referer
https://api.mijnmagazines.be/packages/navigation/navigation.css?v=53
Origin
https://weekend.levif.be
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 12:56:31 GMT
via
1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
1219834
x-cache
Hit from cloudfront
content-length
55012
last-modified
Fri, 23 Sep 2022 12:55:54 GMT
server
nginx
etag
"632dacda-d6e4"
access-control-allow-methods
GET, OPTIONS, POST, PUT, PATCH, DELETE
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
content-type, authorization
x-amz-cf-id
BEXtdBVYAsGb733Iv23AsPRzxbNQxY_ZJzEPIna704ypDKh0-JezkA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.svg
www.roularta.be/sites/all/themes/roularta/
6 KB
6 KB
Image
General
Full URL
https://www.roularta.be/sites/all/themes/roularta/logo.svg
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.185.95 Jette, Belgium, ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE),
Reverse DNS
95-185-212-91.rmg.be
Software
Apache/2.4.6 (CentOS) mod_jk/1.2.40 /
Resource Hash
c2d69415a385eb5c10d2a83d66ac3eb832fd30c8f92d695c1a589b9eb32955e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 15:47:05 GMT
via
1.1 varnish (Varnish/6.4)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
age
0
x-varnish-b
lampxii
content-length
5764
x-varnish-c
N
server
Apache/2.4.6 (CentOS) mod_jk/1.2.40
x-varnish-h
M
x-varnish-pttl
0.000
content-type
image/svg+xml
x-varnish
552908759
cache-control
max-age=1209600
accept-ranges
bytes
expires
Fri, 21 Oct 2022 15:47:05 GMT
39ccbd92f58d353dcb6c52134919e327
c431.levif.be/plugin/library/
431 KB
138 KB
Script
General
Full URL
https://c431.levif.be/plugin/library/39ccbd92f58d353dcb6c52134919e327
Requested by
Host: c431.levif.be
URL: https://c431.levif.be/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:7000:f:6d28:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
- /
Resource Hash
d1e52e0b142ce599c3d0b0213fae803ae147cc751c54538544d21a0ac06db0f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 20:37:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P2
age
1278562
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
140498
x-xss-protection
1; mode=block
last-modified
Wed, 21 Sep 2022 20:37:43 GMT
server
-
etag
39ccbd92f58d353dcb6c52134919e327
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
sHXaNODYpcxVEzotEPzH1GrLXquIyrXuhQi5-zJyJVKj2U03xLGs9Q==
expires
Fri, 22 Sep 2023 20:37:43 GMT
LB-Zone-3
c431.levif.be/DG/663b69d1-fd3d-43a1-a668-6e15ee4f674f/rest/rpc/697/
2 KB
2 KB
XHR
General
Full URL
https://c431.levif.be/DG/663b69d1-fd3d-43a1-a668-6e15ee4f674f/rest/rpc/697/LB-Zone-3?referer=https%3A%2F%2Fweekend.levif.be%2Fkids%2Fle-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur%2F%3Fcel_hash%3D96d2e61e9276de2029b73b65b7b04c618efd5743%26chts%3D1665164824%26utm_source%3DNewsletter-20221007%26amp%3Butm_medium%3DEmail%26amp%3Butm_campaign%3DNewsletter-RNBWEEKFR&bcsessionid=&bctempid=c4ba93df-abc8-4562-bc5a-0c65d3721ee0&overruleReferrer=&time=2022-10-07T15%3A47%3A05%2B00%3A00&ts=1665157625073
Requested by
Host: c431.levif.be
URL: https://c431.levif.be/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:7000:f:6d28:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
- /
Resource Hash
698ce988eb1da795eb5fcd55a9b646caf3d0459338065f2931c21e084c2c4a94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://weekend.levif.be/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 07 Oct 2022 15:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
749
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://weekend.levif.be
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
EODOUob701RFpWe9E-AhtCAaU3KUhUM3HAKknTkwxOKzUpSss8U0Pg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
v2
mb.moatads.com/yi/
220 B
394 B
Script
General
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CG%24%3D!!t.PKmKjefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-pofZFj9Dn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-Cg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fweekend.levif.be%2Fkids%2Fle-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur%2F%3Fcel_hash%3D96d2e61e9276de2029b73b65b7b04c618efd5743%26chts%3D1665164824%26utm_source%3DNewsletter-20221007%26amp%3Butm_medium%3DEmail%26amp%3Butm_campaign%3DNewsletter-RNBWEEKFR&pcode=roulartaheader380117297998&rx=60858640605&callback=MoatNadoAllJsonpRequest_83666127
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/roulartaheader380117297998/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.172.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-172-254.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
ad32166616d5987541521e964c1feb3af332424cca51b5dd907911ba8a9a7b41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 15:47:05 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"0ce925ea2cdbeafc08ed8d6b4465ebe06042579f"
content-length
220
content-type
text/html; charset=UTF-8
n.js
geo.moatads.com/
86 B
259 B
Script
General
Full URL
https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CG%24%3D!!t.PKmKjefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-pofZFj9Dn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-Cg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=ROULARTA_HEADER1&hp=1&wf=1&pxm=7&sgs=3&vb=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1665157625079&de=737638059857&rx=60858640605&m=0&ar=220b545db30-clean&iw=bcf6cc9&q=1&cb=0&cu=1665157625079&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fweekend.levif.be%2Fkids%2Fle-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur%2F%3Fcel_hash%3D96d2e61e9276de2029b73b65b7b04c618efd5743%26chts%3D1665164824%26utm_source%3DNewsletter-20221007%26amp%3Butm_medium%3DEmail%26amp%3Butm_campaign%3DNewsletter-RNBWEEKFR&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&dfp=true&la=undefined&gw=roulartaheader380117297998&fd=1&it=500&pe=1%3A548%3A548%3A0%3A616&fs=200409&na=1952176954&cs=0&callback=MoatDataJsonpRequest_83666127
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/roulartaheader380117297998/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.162.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-162-197.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
86455a8d26dbb21feed4cf3061f012ab4bf7064d2de48ffcff708b5e3da78589

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 15:47:05 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"0ddeed4da0654890a2dda119d7560d12e00e5dda"
content-length
86
content-type
text/html; charset=UTF-8
iframe.html
z.moatads.com/hd09824092/ Frame 0E09
1 KB
2 KB
Document
General
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/roulartaheader380117297998/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.54.112.182 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer
https://weekend.levif.be/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=1990
content-length
1374
content-type
text/html
date
Fri, 07 Oct 2022 15:47:05 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
server
AmazonS3
unused62
8096267
x-amz-id-2
MvkKp3NAMnDZLvr1WqnUFvXQEnW5lizN/vJWsj4tWs2iL+cd3WIhJdggIFZnquQzDZoB+Fhw9xo=
x-amz-request-id
9D4A8AF80F4BCF38
697
c431.levif.be/DG/663b69d1-fd3d-43a1-a668-6e15ee4f674f/rest/rpc/
185 B
1 KB
XHR
General
Full URL
https://c431.levif.be/DG/663b69d1-fd3d-43a1-a668-6e15ee4f674f/rest/rpc/697?referer=https%3A%2F%2Fweekend.levif.be%2Fkids%2Fle-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur%2F%3Fcel_hash%3D96d2e61e9276de2029b73b65b7b04c618efd5743%26chts%3D1665164824%26utm_source%3DNewsletter-20221007%26amp%3Butm_medium%3DEmail%26amp%3Butm_campaign%3DNewsletter-RNBWEEKFR&bcsessionid=c4ba93df-abc8-4562-bc5a-0c65d3721ee0&bctempid=&overruleReferrer=&time=2022-10-07T15%3A47%3A05%2B00%3A00&ts=1665157625264
Requested by
Host: c431.levif.be
URL: https://c431.levif.be/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:7000:f:6d28:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
- /
Resource Hash
42a34752951743878dc13c849a765d3bbdfa1317278aa0809999925aa7c40f18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://weekend.levif.be/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 07 Oct 2022 15:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
149
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://weekend.levif.be
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
i-m-MrWP0N58psHlfqJbuRTXSHA_HArFhM4WsecOgftjy9hme0ATFw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
stats
c431.levif.be/rest/recommendations/
14 B
849 B
Script
General
Full URL
https://c431.levif.be/rest/recommendations/stats?storeId=2a3d292e-6298-4bc0-b99c-030bfdc37bdc&action=view&itemId=23000243348&url=https%3A%2F%2Fweekend.levif.be%2Fkids%2Fle-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur%2F&profileId=c4ba93df-abc8-4562-bc5a-0c65d3721ee0&isEntrypage=true&hash=4ced9bea0859b7dc40773987150b2052&lastmodified=1664972280000&&callback=bc_json699
Requested by
Host: c431.levif.be
URL: https://c431.levif.be/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:7000:f:6d28:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
- /
Resource Hash
a0499240f1bd3ead28bfd1db3e55b44f28e38e64fbe12684f675a67eb0fa02fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 15:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
34
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
text/javascript;charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
x-amz-cf-id
j2EDjZaCy4Z0qzIEtEBeNGl9BUlscJiU770Y0jB02mkwJEICgBOXVg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
stats
c431.levif.be/rest/recommendations/
14 B
852 B
Script
General
Full URL
https://c431.levif.be/rest/recommendations/stats?storeId=a7034604-5a52-491c-96c2-afd0c0718a16&action=view&itemId=349592e4-432d-11ed-9910-06f261ef65ad&url=https%3A%2F%2Fweekend.levif.be%2Fkids%2Fle-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur%2F&profileId=c4ba93df-abc8-4562-bc5a-0c65d3721ee0&isEntrypage=true&hash=95f7e86bac36e9db07dd6ee91dfed68e&lastmodified=1664972280000&&callback=bc_json700
Requested by
Host: c431.levif.be
URL: https://c431.levif.be/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:7000:f:6d28:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
- /
Resource Hash
60fce990e3609f81941cf3fc6528fa0cc6275302da07300b64e99b0ae06dea67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 15:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
34
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
text/javascript;charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
x-amz-cf-id
FCsI6YK44JqbzGnNfFiJEAGbBuWnWiGgRqfxKgwbqDXMiBDJtPc5pQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
697
c431.levif.be/DG/663b69d1-fd3d-43a1-a668-6e15ee4f674f/rest/rpc/
719 B
1 KB
XHR
General
Full URL
https://c431.levif.be/DG/663b69d1-fd3d-43a1-a668-6e15ee4f674f/rest/rpc/697?referer=https%3A%2F%2Fweekend.levif.be%2Fkids%2Fle-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur%2F%3Fcel_hash%3D96d2e61e9276de2029b73b65b7b04c618efd5743%26chts%3D1665164824%26utm_source%3DNewsletter-20221007%26amp%3Butm_medium%3DEmail%26amp%3Butm_campaign%3DNewsletter-RNBWEEKFR&bcsessionid=c4ba93df-abc8-4562-bc5a-0c65d3721ee0&bctempid=&overruleReferrer=&time=2022-10-07T15%3A47%3A05%2B00%3A00&ts=1665157625280
Requested by
Host: c431.levif.be
URL: https://c431.levif.be/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:7000:f:6d28:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
- /
Resource Hash
d7168fc74f5b742d30c38e2468377e6a73bf31c8b3c3f1ec1dcd5c7c1d338ece
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://weekend.levif.be/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 07 Oct 2022 15:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
212
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://weekend.levif.be
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
u4VAmCGrBvIYkFTqmpqa4IT0ixDTcM-xnnzpgoZ9Fulb0kW0trNWWg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
roularta.blueconic.net/DG/663b69d1-fd3d-43a1-a668-6e15ee4f674f/
66 B
878 B
Script
General
Full URL
https://roularta.blueconic.net/DG/663b69d1-fd3d-43a1-a668-6e15ee4f674f/cs?bcsessionid=c4ba93df-abc8-4562-bc5a-0c65d3721ee0&&callback=bc_json701
Requested by
Host: c431.levif.be
URL: https://c431.levif.be/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.31.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-31-56.eu-west-1.compute.amazonaws.com
Software
- /
Resource Hash
dd6578974b7e8cc39b209668874105a71a0a2294c2a1f841cac77c5fc43489c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Oct 2022 15:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
86
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
697
c431.levif.be/DG/663b69d1-fd3d-43a1-a668-6e15ee4f674f/rest/rpc/
360 B
1 KB
XHR
General
Full URL
https://c431.levif.be/DG/663b69d1-fd3d-43a1-a668-6e15ee4f674f/rest/rpc/697?referer=https%3A%2F%2Fweekend.levif.be%2Fkids%2Fle-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur%2F%3Fcel_hash%3D96d2e61e9276de2029b73b65b7b04c618efd5743%26chts%3D1665164824%26utm_source%3DNewsletter-20221007%26amp%3Butm_medium%3DEmail%26amp%3Butm_campaign%3DNewsletter-RNBWEEKFR&bcsessionid=c4ba93df-abc8-4562-bc5a-0c65d3721ee0&bctempid=&overruleReferrer=&time=2022-10-07T15%3A47%3A05%2B00%3A00&ts=1665157625389
Requested by
Host: c431.levif.be
URL: https://c431.levif.be/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:7000:f:6d28:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
- /
Resource Hash
ee336339c424f942f5ecbc197689cf1794607605cfb35a2f8534a56bb92eaddc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://weekend.levif.be/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 07 Oct 2022 15:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
202
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://weekend.levif.be
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
UQ4M8oeSV9mZzkFGYDvwWN60wo19iwuLxICe3kL5QjOcLn0CUMdGwg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ats.js
ats-wrapper.privacymanager.io/ats-modules/3902afc2-ef92-4861-8903-516504d24051/
120 KB
43 KB
Script
General
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/3902afc2-ef92-4861-8903-516504d24051/ats.js
Requested by
Host: weekend.levif.be
URL: https://weekend.levif.be/kids/le-grand-livre-secret-des-gnomes-lutins-et-farfadets-un-grimoire-enchanteur/?cel_hash=96d2e61e9276de2029b73b65b7b04c618efd5743&chts=1665164824&utm_source=Newsletter-20221007&amp;utm_medium=Email&amp;utm_campaign=Newsletter-RNBWEEKFR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-92.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6ec4b22d3d2605c8b6ca8dd091f80392b577fa881a16ab84a2e402c0cb015be9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://weekend.levif.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
H1uu9QFjgHb80DGLW7WDSviMBYc6iTd3
content-encoding
gzip
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
date
Fri, 07 Oct 2022 15:21:20 GMT
last-modified
Fri, 04 Feb 2022 07:30:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
1555
x-amz-server-side-encryption
AES256
etag
W/"1d177d7bd4927fed237b50e615196572"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
YWLgel0miVX3tuyRtZdCkxPJAFBq2xdqcT1jufLwUwUZs46HtZMVQA==
dewebc
rmgdapfnccsharpprd.azurewebsites.net/api/
0
132 B
XHR
General
Full URL
https://rmgdapfnccsharpprd.azurewebsites.net/api/dewebc?code=i6PDBW8jg/welPtmft0x0tUUeFp37WYLbAdtHCGhMFhcsANhyJVYGw==
Requested by
Host: c431.levif.be
URL: https://c431.levif.be/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.2.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://weekend.levif.be/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 07 Oct 2022 15:47:06 GMT
Content-Length
0
Request-Context
appId=

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| rmg_bc_pl_data object| rmgDapdataOverrule function| checkCookieHash object| didomiConfig object| didomiEventListeners boolean| gdprAppliesGlobally function| __cmp object| didomiOnReady object| dataLayer object| datalayer_extend function| advanced_ads_ready object| advanced_ads_ready_queue object| rmgDapEvents object| adshim object| rmgAds string| sbiajaxurl boolean| rmgFrontLoggedIn object| rmgAuth object| rmgOneBrandHeader object| Pushwoosh function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| rmgArticleData number| wall_visibleDelay boolean| rmgOpenCloseLocks object| rmgRest object| lazyLoadOptions function| LazyLoad object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy object| rmgNotifications function| RmgNotifications object| didomiRemoteConfig string| didomiCountry object| didomiGeoRegulations object| blueConicPreListeners function| BCClass object| rmgDap object| blueConicClient string| h string| j string| k string| m string| n number| o number| dt object| google_tag_manager object| google_tag_data object| googletag function| moatYieldReady object| rmgMmaNavigation object| webpackJsonpDidomi function| setImmediate function| clearImmediate object| Didomi object| bc_json698 object| ggeac object| google_js_reporting_queue object| pbjs object| _pbjsGlobals object| gs_channels function| __tcfapi object| DidomiSanitizing object| adsbygoogle object| didomiState string| pp_gemius_identifier boolean| pp_gemius_use_cmp number| pp_gemius_cmp_timeout object| pp_gemius_extraparameters function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event undefined| google_measure_js_timing function| InteractionTypeImpl undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| MoatNadoAllJsonpRequest_83666127 object| Moat#PML#26#1.2 boolean| Moat#EVA object| MoatDataJsonpRequest_83666127 function| __moatSlotTagLoadedroulartaheader380117297998 object| moatPrebidApi object| timeout object| gemius_cmpclient object| gemius_cookie object| gemius_hcconn function| gemius_init function| pp_gemius_init number| pp_gemius_cnt boolean| gemius_hcref function| $ object| _bcp object| Mustache function| BlueConicMetaDataService function| BlueConicEngagement function| RuleService function| md5 object| bcConnectionUtil function| BlueConicDataLayerUtil object| JSONPath object| bc string| basepath string| hhmin object| bc_json699 object| bc_json701 object| bc_json700 object| atsenvelopemodule object| ats object| object object| xhr

14 Cookies

Domain/Path Name / Value
c431.levif.be/DG/663b69d1-fd3d-43a1-a668-6e15ee4f674f Name: BCSessionID
Value: c4ba93df-abc8-4562-bc5a-0c65d3721ee0
roularta.blueconic.net/DG/663b69d1-fd3d-43a1-a668-6e15ee4f674f Name: BCSessionID
Value: c4ba93df-abc8-4562-bc5a-0c65d3721ee0
sso.roularta.be/ Name: _session
Value: ea9d13f2-4623-4067-985a-ece25cdc0b78
sso.roularta.be/ Name: guest_guid.sig
Value: pwgkRA3qPdKIpvKl45o7PAjKrz4
sso.roularta.be/ Name: _session.sig
Value: lJf6C1gQmZS0-snxzd4XLmN1b4g
sso.roularta.be/ Name: guest_guid
Value: 02792e76-f540-4e46-9301-502df3da725c
weekend.levif.be/ Name: rmg_profile
Value: notLoggedIn
weekend.levif.be/ Name: rmg_guest
Value: 02792e76-f540-4e46-9301-502df3da725c
.roularta.be/ Name: didomi_accept_cookie
Value: 1
.roularta.be/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMTgzYjMyMGYtMzdlZS02YjNkLTk3MmYtZjRkYzFiMTRjNGY1IiwiY3JlYXRlZCI6IjIwMjItMTAtMDdUMTU6NDc6MDQuODcyWiIsInVwZGF0ZWQiOiIyMDIyLTEwLTA3VDE1OjQ3OjA0Ljg3MloiLCJ2ZXJzaW9uIjpudWxsfQ==
weekend.levif.be/ Name: BCSessionID
Value: c4ba93df-abc8-4562-bc5a-0c65d3721ee0
roularta.blueconic.net/ Name: AWSALBCORS
Value: GusvVtMIF02V0qPR8k40Ck+n47N9niGJ9agTXKlmwdKQ/BMc7Y/8xsul7W0wnVar1LEkqpjZGl4ryIHRSk8iosOZb9FDY56Gp0eZSSDsaOKb8gVOPSLLahmZPXVw
c431.levif.be/ Name: AWSALB
Value: SRVPJuYHDin/cyr+F8QvRkLyq9mZplCVE5n5ONFVzi9AngU43nMAl+gPmof/wZgWN2LdJ6iFlgJqpfUWK8pik+xmFudEFZnX2kd21i/m3M/tD/pwkIcUw8Jcue9h
c431.levif.be/ Name: AWSALBCORS
Value: SRVPJuYHDin/cyr+F8QvRkLyq9mZplCVE5n5ONFVzi9AngU43nMAl+gPmof/wZgWN2LdJ6iFlgJqpfUWK8pik+xmFudEFZnX2kd21i/m3M/tD/pwkIcUw8Jcue9h

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src data: https: blob: android-webview android-webview-video-poster:; font-src data: https:; connect-src * blob:; media-src https: data: blob:; worker-src https: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mijnmagazines.be
ats-wrapper.privacymanager.io
c431.levif.be
cdn.adshim.com
gabe.hit.gemius.pl
geo.moatads.com
img.static-rmg.be
mail.levif.be
mb.moatads.com
myprivacy.roularta.be
rmgdapfnccsharpprd.azurewebsites.net
roularta-ams.gscontxt.net
roularta.blueconic.net
sdk.privacy-center.org
securepubads.g.doubleclick.net
sso.roularta.be
weekend.levif.be
www.googletagmanager.com
www.googletagservices.com
www.roularta.be
z.moatads.com
108.138.7.100
13.32.99.92
146.59.29.12
152.70.60.241
176.34.162.197
18.66.147.98
20.50.2.29
23.54.112.182
2600:9000:223c:7000:f:6d28:9c40:93a1
2600:9000:2251:ea00:5:b7cc:d3c0:93a1
2600:9000:2491:4c00:9:ab3f:43c0:93a1
2606:4700:20::681a:fcb
2606:4700:3036::6815:1c4
2606:4700::6811:7a12
2a00:1450:4001:803::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:831::2002
52.210.172.254
52.215.31.56
52.222.236.126
91.212.185.95
05f01d522aff3ef4db12f8a7d5787a3b309cc6ea7d5d1ad135ab1ad711e2ad4f
12ae50d6556f3f9bf60dba7cdffea62aa8f4ac158613b9daebf1aa3de73cc64b
1589c57b1f740146bc67bfc83a8eb7c939f8cbd5ed35a48682891abdafebff5b
2206a104ea4231650c17d1b5725c2eec32a999c971f685ed3cfc5579f76f71bc
2b5bf43394003fdce868dec10b6095c3bee0f302c6934905cffe2664c8493b2e
2c667cdbe90922576bac69bbd0fa8f61d0c410748bf29b5bccea09b21123f1a0
332a8e4b2c155b51a7786cb3f604d91de2b265de704ae898abe880c4d507c6e9
35de6ec8e0b6a96014e5685355d0db6176485a6f9a6f87f4f13d02d5a2eb6ca0
35ed21bf278b3268731ed32f96a4a6bbbecd010b3b6d112a62f10035d682bdf8
37fb62bf218dc8473a810f86dd804e2ab39336a389004b50f3dc8dbc582ca989
3a4fba74090136a37f89d09f7c2c4b2df860369992b435c547288f339f6d3955
405642792d904d916247192d0354ce6b6c0f3319436faa11892128feff7e179e
42a34752951743878dc13c849a765d3bbdfa1317278aa0809999925aa7c40f18
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
54b6fafd34622fb49c172aede575e7fdeaf4922546210a030e34078215a55fb8
572ef6180698d1ab46b7cc657300ff9c93f2bca2d214739e20d839029f8f4455
596d342b4a2edca1883b0e57a3d81c69486ec97a2befc385a14fdde86f2b9b27
5afb173671fe3618db64767f79a1dcb012348ed963d6fad32adf9e70390e3dfc
5ecda8167d8a63b4584bff6cc7f85c372ce0cd8dc5d5103865ec1d8aa2884939
60fce990e3609f81941cf3fc6528fa0cc6275302da07300b64e99b0ae06dea67
61bfa80e071153824914399d5f7ca26ec75fcfe3f4ad20e616e88fe6d9544823
698ce988eb1da795eb5fcd55a9b646caf3d0459338065f2931c21e084c2c4a94
69e9806fb75efd30e925e76384d46093d9f9cbfd00bfd9bac5351fd251c44d7f
6b01d0fa53ea12df56a8e232560fd8f7cda6c5f73f00c0b197c05f236137208a
6ec4b22d3d2605c8b6ca8dd091f80392b577fa881a16ab84a2e402c0cb015be9
7923a3da2630ae9e964c387bb82a9fb9f0d64aad95dbd62a6ef71ccbad7572a5
7c7e9a929e0ab7ee1d7592978ff8882cf63f45b294c5677d24551832e7623c43
856e1ebd449057e6923280b492a30f6e144d6d8dc85ad7d131a5ce089e7e6572
8575c83bcd649c28701830bc98d0051adba45ba685776092d2417c9240ee0c67
858e06a7549f59381b7d1b810b8377e4db440ec235c86a41b7069587128723cb
86455a8d26dbb21feed4cf3061f012ab4bf7064d2de48ffcff708b5e3da78589
89d4b2da063118dea06880bff42d489b7fdaff394b53c4e4e931c78b0b6b4def
8c4e7a55f83721fcd112837af6beb4f7986568384368ac7ccaf729380837a0b6
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
8d16df48a76572b377fd03496d25f34ea103b15e7e4db4dc09bebaf749e430af
90e42bf09c417ebba2cfa8356a4887a14c735b14fd37ca5b56288b64325c6287
95152fe51c2f3934db14b6c913ef5976e1ef3c48063be44e69a087294c95b281
9884bd2c0982a8487b3137b258e142ed34c5c3e6bb0f0c66c26dcfe3d7b87794
a0499240f1bd3ead28bfd1db3e55b44f28e38e64fbe12684f675a67eb0fa02fe
ad32166616d5987541521e964c1feb3af332424cca51b5dd907911ba8a9a7b41
adb8abd6f28f61a3a194fb2879c0cb5e2a28e4b8dd132f670ce5daa0d4ab6e7a
ae953bfc4c90287bbc5aac20a4bf30473efd11c879dd503c0f49eb0d91e6ec22
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b7e015f7b801490b03798cee21f651821f637d873b868f5af3ec9269f209f1c3
bd9fe0f67dc4727630f5d811240c136112fab3c6a410ee31e2182825ae32d77c
bef267f0983880cf389d017be13219ca18d9205d2059898fdad103f94cea0da9
c15ca0eb4ea15b9f29bdc61d2c675bd4ab9c5267890229256555d0c0e33c1cf7
c2d69415a385eb5c10d2a83d66ac3eb832fd30c8f92d695c1a589b9eb32955e6
c41dc37fea212372d1f53109304ebae695e644f9ce083dcab08d5978c8c3020f
c9b4691b62c21f3a2ef4afa8c882898726998c5f375bb9b573882a2d764d14e8
cb08b000d2eba5baf63db8d522d2db6c71def6d60053428b2b96a69224371f1d
cbdc22bcc7e57d2f41a1b7bfdbdd71a799ff18f4c820e695056b84ccf4d58f4b
d1e52e0b142ce599c3d0b0213fae803ae147cc751c54538544d21a0ac06db0f8
d7168fc74f5b742d30c38e2468377e6a73bf31c8b3c3f1ec1dcd5c7c1d338ece
da8b12a13f0939b6a76427b37de5c9bf7e02a0765013ce9543eac5b880da563b
db835824e62fa7ad3b28a9fd1e9c869db8f85df780ca52c763fbb2b16bd4998a
dd6578974b7e8cc39b209668874105a71a0a2294c2a1f841cac77c5fc43489c7
dfe90ee185b1261cd22d569a06a351db0f209ec4f601bfabd1276b93061f2bba
e0207f5bf5e1e7c06ad6710de446ef8a87461f1124bbbbd69d24ee1c536d62f6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e780eb5334d0adaa8cfae623f43f2ba5c3fcd521b84a8f462674173d60496388
e812607f142e801d1401b788e049ac002b72a2a00135c2ded5e23a4be71b5a91
ee336339c424f942f5ecbc197689cf1794607605cfb35a2f8534a56bb92eaddc
f182631817c2bf9e6e855f6d0dd4556649b69e0c3a3a5d44510c9b36f02cd1c3
f2c4a186fa2c3161fb94823bc719d18400166f246e0d8de0e28a9eabd3d2104c
f5671cd8233a772b726dfa7630fa98d63d3970abda1175081a64152975079ce0
f8233d8ef40c1ac2ab01081ef07eecf30f5211d59042a2108301724f59023891
f8b4fde7be3fa99a858afd07083567eb8bc37a638eb2ca3ee1b8d67d5dcba395
fa322e5b2a51f5d0168e83559a6d8a563f8dfaf94a2d823b3ac20ee107a34ff7