Submitted URL: https://links.cornerpromo.com/c/c4y/Ftl5/DVX6pFe2xhKhmhFx_znIoy/o/Jcp/F/3fc66406
Effective URL: https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Submission: On August 29 via api from BE — Scanned from DE

Summary

This website contacted 20 IPs in 6 countries across 17 domains to perform 54 HTTP transactions. The main IP is 3.69.136.55, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is info.leadsforyou.be.
TLS certificate: Issued by R3 on August 9th 2022. Valid for: 3 months.
This is the only time info.leadsforyou.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
16 cloudfront.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
134 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 111
740 B
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
20 KB
4 adform.net
track.adform.net — Cisco Umbrella Rank: 4130
s2.adform.net — Cisco Umbrella Rank: 6283
31 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 158
279 KB
4 cornerpromo.com
links.cornerpromo.com
krs.cornerpromo.com
4 KB
3 gstatic.com
fonts.gstatic.com
95 KB
3 unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 17906
38 KB
2 pages06.net
www.sc.pages06.net — Cisco Umbrella Rank: 96813
www.pages06.net — Cisco Umbrella Rank: 87294
15 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 286
fonts.googleapis.com — Cisco Umbrella Rank: 54
26 KB
2 go2cloud.org
lovvisadvertising.go2cloud.org
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
119 KB
1 ub-analytics.com
events.ub-analytics.com — Cisco Umbrella Rank: 24984
245 B
1 leadsforyou.be
info.leadsforyou.be
13 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6076
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 108
350 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 5695
350 B
54 17
Domain Requested by
14 d9hhrg4mnvzow.cloudfront.net info.leadsforyou.be
6 www.facebook.com info.leadsforyou.be
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 connect.facebook.net info.leadsforyou.be
connect.facebook.net
3 fonts.gstatic.com fonts.googleapis.com
3 track.adform.net 2 redirects info.leadsforyou.be
3 builder-assets.unbounce.com info.leadsforyou.be
3 krs.cornerpromo.com 1 redirects krs.cornerpromo.com
2 d34qb8suadcc4g.cloudfront.net info.leadsforyou.be
d34qb8suadcc4g.cloudfront.net
2 lovvisadvertising.go2cloud.org 2 redirects
2 www.googletagmanager.com krs.cornerpromo.com
www.googletagmanager.com
1 www.pages06.net
1 events.ub-analytics.com info.leadsforyou.be
1 fonts.googleapis.com builder-assets.unbounce.com
1 s2.adform.net info.leadsforyou.be
1 www.sc.pages06.net info.leadsforyou.be
1 ajax.googleapis.com info.leadsforyou.be
1 info.leadsforyou.be krs.cornerpromo.com
1 www.google.de krs.cornerpromo.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 links.cornerpromo.com 1 redirects
54 22

This site contains no links.

Subject Issuer Validity Valid
erm.consommermoinscher.eu
R3
2022-08-16 -
2022-11-14
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
www.google.de
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
info.leadsforyou.be
R3
2022-08-09 -
2022-11-07
3 months crt.sh
*.unbounce.com
Amazon
2022-02-08 -
2023-03-09
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
*.silverpop.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-22 -
2023-07-26
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-06-07 -
2022-09-05
3 months crt.sh
*.ub-analytics.com
Amazon
2022-04-10 -
2023-05-09
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh

This page contains 1 frames:

Primary Page: https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Frame ID: 336A338EDA0561F19683A8D431FE35E3
Requests: 55 HTTP requests in this frame

Screenshot

Page Title

Secrétariat social | Bobex.be

Page URL History Show full URLs

  1. https://links.cornerpromo.com/c/c4y/Ftl5/DVX6pFe2xhKhmhFx_znIoy/o/Jcp/F/3fc66406 HTTP 302
    https://krs.cornerpromo.com/jp?h=2aa754deb3febbb9ed2e2a37636d4d28&emailmd5=f13b143bb7e397f4c486aa774d187... HTTP 301
    https://krs.cornerpromo.com/jp/?h=2aa754deb3febbb9ed2e2a37636d4d28&emailmd5=f13b143bb7e397f4c486aa774d18... Page URL
  2. http://lovvisadvertising.go2cloud.org/aff_c?offer_id=522&aff_id=1130&source=cornerpromobefr&file_id=3552 HTTP 302
    https://lovvisadvertising.go2cloud.org/aff_c?offer_id=522&aff_id=1130&source=cornerpromobefr&file_id=3552 HTTP 302
    https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

54
Requests

93 %
HTTPS

52 %
IPv6

17
Domains

22
Subdomains

20
IPs

6
Countries

775 kB
Transfer

2045 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.cornerpromo.com/c/c4y/Ftl5/DVX6pFe2xhKhmhFx_znIoy/o/Jcp/F/3fc66406 HTTP 302
    https://krs.cornerpromo.com/jp?h=2aa754deb3febbb9ed2e2a37636d4d28&emailmd5=f13b143bb7e397f4c486aa774d18746c&utm_source=CPBE&utm_medium=cpl&utm_term=Finance&countkey=BE&dbid=11008&adv=Secretariat_Social&brd=Secretariat_Social&clt=Lovvis_Advertising&trm=Mathieu&creaid=42267 HTTP 301
    https://krs.cornerpromo.com/jp/?h=2aa754deb3febbb9ed2e2a37636d4d28&emailmd5=f13b143bb7e397f4c486aa774d18746c&utm_source=CPBE&utm_medium=cpl&utm_term=Finance&countkey=BE&dbid=11008&adv=Secretariat_Social&brd=Secretariat_Social&clt=Lovvis_Advertising&trm=Mathieu&creaid=42267 Page URL
  2. http://lovvisadvertising.go2cloud.org/aff_c?offer_id=522&aff_id=1130&source=cornerpromobefr&file_id=3552 HTTP 302
    https://lovvisadvertising.go2cloud.org/aff_c?offer_id=522&aff_id=1130&source=cornerpromobefr&file_id=3552 HTTP 302
    https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://links.cornerpromo.com/c/c4y/Ftl5/DVX6pFe2xhKhmhFx_znIoy/o/Jcp/F/3fc66406 HTTP 302
  • https://krs.cornerpromo.com/jp?h=2aa754deb3febbb9ed2e2a37636d4d28&emailmd5=f13b143bb7e397f4c486aa774d18746c&utm_source=CPBE&utm_medium=cpl&utm_term=Finance&countkey=BE&dbid=11008&adv=Secretariat_Social&brd=Secretariat_Social&clt=Lovvis_Advertising&trm=Mathieu&creaid=42267 HTTP 301
  • https://krs.cornerpromo.com/jp/?h=2aa754deb3febbb9ed2e2a37636d4d28&emailmd5=f13b143bb7e397f4c486aa774d18746c&utm_source=CPBE&utm_medium=cpl&utm_term=Finance&countkey=BE&dbid=11008&adv=Secretariat_Social&brd=Secretariat_Social&clt=Lovvis_Advertising&trm=Mathieu&creaid=42267
Request Chain 21
  • https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Request Chain 48
  • https://track.adform.net/Serving/TrackPoint/?pm=1031545&ADFdivider=%7C&ord=170270749824&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Finfo.leadsforyou.be%2Fsecretariat-social%2F%3Faff%3Delvis%26utm_source%3D1130%26pixel_id%3D374 HTTP 302
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1031545&ADFdivider=%7C&ord=170270749824&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Finfo.leadsforyou.be%2Fsecretariat-social%2F%3Faff%3Delvis%26utm_source%3D1130%26pixel_id%3D374

54 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
krs.cornerpromo.com/jp/
Redirect Chain
  • https://links.cornerpromo.com/c/c4y/Ftl5/DVX6pFe2xhKhmhFx_znIoy/o/Jcp/F/3fc66406
  • https://krs.cornerpromo.com/jp?h=2aa754deb3febbb9ed2e2a37636d4d28&emailmd5=f13b143bb7e397f4c486aa774d18746c&utm_source=CPBE&utm_medium=cpl&utm_term=Finance&countkey=BE&dbid=11008&adv=Secretariat_So...
  • https://krs.cornerpromo.com/jp/?h=2aa754deb3febbb9ed2e2a37636d4d28&emailmd5=f13b143bb7e397f4c486aa774d18746c&utm_source=CPBE&utm_medium=cpl&utm_term=Finance&countkey=BE&dbid=11008&adv=Secretariat_S...
3 KB
1 KB
Document
General
Full URL
https://krs.cornerpromo.com/jp/?h=2aa754deb3febbb9ed2e2a37636d4d28&emailmd5=f13b143bb7e397f4c486aa774d18746c&utm_source=CPBE&utm_medium=cpl&utm_term=Finance&countkey=BE&dbid=11008&adv=Secretariat_Social&brd=Secretariat_Social&clt=Lovvis_Advertising&trm=Mathieu&creaid=42267
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.159.45.57 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
laravel.kontikimedia.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d1318f886a6e4ec8f0a2f30fffd9e900485ae0fb826fe484d3a78886d7798f59

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=ISO-8859-1
Date
Mon, 29 Aug 2022 04:01:31 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Mon, 29 Aug 2022 04:01:31 GMT
Location
https://krs.cornerpromo.com/jp/?h=2aa754deb3febbb9ed2e2a37636d4d28&emailmd5=f13b143bb7e397f4c486aa774d18746c&utm_source=CPBE&utm_medium=cpl&utm_term=Finance&countkey=BE&dbid=11008&adv=Secretariat_Social&brd=Secretariat_Social&clt=Lovvis_Advertising&trm=Mathieu&creaid=42267
Server
nginx/1.18.0 (Ubuntu)
redirect1.gif
krs.cornerpromo.com/images/
1 KB
2 KB
Image
General
Full URL
https://krs.cornerpromo.com/images/redirect1.gif
Requested by
Host: krs.cornerpromo.com
URL: https://krs.cornerpromo.com/jp/?h=2aa754deb3febbb9ed2e2a37636d4d28&emailmd5=f13b143bb7e397f4c486aa774d18746c&utm_source=CPBE&utm_medium=cpl&utm_term=Finance&countkey=BE&dbid=11008&adv=Secretariat_Social&brd=Secretariat_Social&clt=Lovvis_Advertising&trm=Mathieu&creaid=42267
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.159.45.57 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
laravel.kontikimedia.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
da1e92fc3fb9a19f018b1d0f6bf371f2a7499b72476879ac01ca86264d6a2ed8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://krs.cornerpromo.com/jp/?h=2aa754deb3febbb9ed2e2a37636d4d28&emailmd5=f13b143bb7e397f4c486aa774d18746c&utm_source=CPBE&utm_medium=cpl&utm_term=Finance&countkey=BE&dbid=11008&adv=Secretariat_Social&brd=Secretariat_Social&clt=Lovvis_Advertising&trm=Mathieu&creaid=42267
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Mon, 29 Aug 2022 04:01:31 GMT
Last-Modified
Mon, 16 May 2022 14:56:03 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62826603-5ac"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1452
gtm.js
www.googletagmanager.com/
127 KB
48 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T2D9W3L
Requested by
Host: krs.cornerpromo.com
URL: https://krs.cornerpromo.com/jp/?h=2aa754deb3febbb9ed2e2a37636d4d28&emailmd5=f13b143bb7e397f4c486aa774d18746c&utm_source=CPBE&utm_medium=cpl&utm_term=Finance&countkey=BE&dbid=11008&adv=Secretariat_Social&brd=Secretariat_Social&clt=Lovvis_Advertising&trm=Mathieu&creaid=42267
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c01bedeafcc93f22d52af916faa5d9edde8dc7f9c81e8b005811d4db134f0dc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://krs.cornerpromo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:01:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48224
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 29 Aug 2022 04:01:31 GMT
js
www.googletagmanager.com/gtag/
202 KB
72 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5VKFC3JRFW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2D9W3L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3d2150091ef038af6bdb97371daaba518a3a622c29489988c72550bc8c8dddb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://krs.cornerpromo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:01:31 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73492
x-xss-protection
0
expires
Mon, 29 Aug 2022 04:01:31 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2D9W3L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://krs.cornerpromo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3334
date
Mon, 29 Aug 2022 03:05:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 29 Aug 2022 05:05:57 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1553045167&t=pageview&_s=1&dl=https%3A%2F%2Fkrs.cornerpromo.com%2Fjp%2F%3Fh%3D2aa754deb3febbb9ed2e2a37636d4d28%26emailmd5%3Df13b143bb7e397f4c486aa774d18746c%26utm_source%3DCPBE%26utm_medium%3Dcpl%26utm_term%3DFinance%26countkey%3DBE%26dbid%3D11008%26adv%3DSecretariat_Social%26brd%3DSecretariat_Social%26clt%3DLovvis_Advertising%26trm%3DMathieu%26creaid%3D42267&ul=en-us&de=windows-1252&dt=Vous%20allez%20%C3%AAtre%20redirig%C3%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2010263712&gjid=747896847&cid=1916092980.1661745692&uid=f13b143bb7e397f4c486aa774d18746c&tid=UA-117927431-4&_gid=2036766100.1661745692&_r=1&gtm=2wg8o0T2D9W3L&cd1=11008&cd2=Secretariat_Social&cd3=Secretariat_Social&cd4=Lovvis_Advertising&cd5=Mathieu&cd6=BE&cd7=f13b143bb7e397f4c486aa774d18746c&cd8=undefined&z=444852999
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://krs.cornerpromo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 04:01:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://krs.cornerpromo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
350 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-5VKFC3JRFW&gtm=2oe8o0&_p=1553045167&_gaz=1&cid=1916092980.1661745692&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661745691&sct=1&seg=0&dl=https%3A%2F%2Fkrs.cornerpromo.com%2Fjp%2F%3Fh%3D2aa754deb3febbb9ed2e2a37636d4d28%26emailmd5%3Df13b143bb7e397f4c486aa774d18746c%26utm_source%3DCPBE%26utm_medium%3Dcpl%26utm_term%3DFinance%26countkey%3DBE%26dbid%3D11008%26adv%3DSecretariat_Social%26brd%3DSecretariat_Social%26clt%3DLovvis_Advertising%26trm%3DMathieu%26creaid%3D42267&dt=Vous%20allez%20%C3%AAtre%20redirig%C3%A9&en=page_view&_fv=1&_ss=1&ep.debug_mode=true&ep.UserId=f13b143bb7e397f4c486aa774d18746c&up.adv=Secretariat_Social&up.brd=Secretariat_Social&up.clt=Lovvis_Advertising&up.countkey=BE&up.dbid=11008&up.trm=Mathieu&up.UserId=f13b143bb7e397f4c486aa774d18746c&up.call=undefined
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5VKFC3JRFW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://krs.cornerpromo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 04:01:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://krs.cornerpromo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
350 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5VKFC3JRFW&cid=1916092980.1661745692&gtm=2oe8o0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5VKFC3JRFW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://krs.cornerpromo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 04:01:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://krs.cornerpromo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5VKFC3JRFW&cid=1916092980.1661745692&gtm=2oe8o0&aip=1&z=1333100903
Requested by
Host: krs.cornerpromo.com
URL: https://krs.cornerpromo.com/jp/?h=2aa754deb3febbb9ed2e2a37636d4d28&emailmd5=f13b143bb7e397f4c486aa774d18746c&utm_source=CPBE&utm_medium=cpl&utm_term=Finance&countkey=BE&dbid=11008&adv=Secretariat_Social&brd=Secretariat_Social&clt=Lovvis_Advertising&trm=Mathieu&creaid=42267
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://krs.cornerpromo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 04:01:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1553045167&t=pageview&_s=1&dl=https%3A%2F%2Fkrs.cornerpromo.com%2Fjp%2F%3Fh%3D2aa754deb3febbb9ed2e2a37636d4d28%26emailmd5%3Df13b143bb7e397f4c486aa774d18746c%26utm_source%3DCPBE%26utm_medium%3Dcpl%26utm_term%3DFinance%26countkey%3DBE%26dbid%3D11008%26adv%3DSecretariat_Social%26brd%3DSecretariat_Social%26clt%3DLovvis_Advertising%26trm%3DMathieu%26creaid%3D42267&ul=en-us&de=windows-1252&dt=Vous%20allez%20%C3%AAtre%20redirig%C3%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1916092980.1661745692&uid=f13b143bb7e397f4c486aa774d18746c&tid=UA-117927431-4&_gid=2036766100.1661745692&gtm=2wg8o0T2D9W3L&cd1=11008&cd2=Secretariat_Social&cd3=Secretariat_Social&cd4=Lovvis_Advertising&cd5=Mathieu&cd6=BE&cd7=f13b143bb7e397f4c486aa774d18746c&cd8=undefined&z=647562960
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://krs.cornerpromo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 19:13:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
31688
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1553045167&t=pageview&_s=1&dl=https%3A%2F%2Fkrs.cornerpromo.com%2Fjp%2F%3Fh%3D2aa754deb3febbb9ed2e2a37636d4d28%26emailmd5%3Df13b143bb7e397f4c486aa774d18746c%26utm_source%3DCPBE%26utm_medium%3Dcpl%26utm_term%3DFinance%26countkey%3DBE%26dbid%3D11008%26adv%3DSecretariat_Social%26brd%3DSecretariat_Social%26clt%3DLovvis_Advertising%26trm%3DMathieu%26creaid%3D42267&ul=en-us&de=windows-1252&dt=Vous%20allez%20%C3%AAtre%20redirig%C3%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1916092980.1661745692&uid=f13b143bb7e397f4c486aa774d18746c&tid=UA-117927431-4&_gid=2036766100.1661745692&gtm=2wg8o0T2D9W3L&cd1=11008&cd2=Secretariat_Social&cd3=Secretariat_Social&cd4=Lovvis_Advertising&cd5=Mathieu&cd6=BE&cd7=f13b143bb7e397f4c486aa774d18746c&cd8=undefined&z=1853864176
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://krs.cornerpromo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 19:13:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
31689
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1553045167&t=pageview&_s=1&dl=https%3A%2F%2Fkrs.cornerpromo.com%2Fjp%2F%3Fh%3D2aa754deb3febbb9ed2e2a37636d4d28%26emailmd5%3Df13b143bb7e397f4c486aa774d18746c%26utm_source%3DCPBE%26utm_medium%3Dcpl%26utm_term%3DFinance%26countkey%3DBE%26dbid%3D11008%26adv%3DSecretariat_Social%26brd%3DSecretariat_Social%26clt%3DLovvis_Advertising%26trm%3DMathieu%26creaid%3D42267&ul=en-us&de=windows-1252&dt=Vous%20allez%20%C3%AAtre%20redirig%C3%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1916092980.1661745692&uid=f13b143bb7e397f4c486aa774d18746c&tid=UA-117927431-4&_gid=2036766100.1661745692&gtm=2wg8o0T2D9W3L&cd1=11008&cd2=Secretariat_Social&cd3=Secretariat_Social&cd4=Lovvis_Advertising&cd5=Mathieu&cd6=BE&cd7=f13b143bb7e397f4c486aa774d18746c&cd8=undefined&z=1042929013
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://krs.cornerpromo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 19:13:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
31689
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
Primary Request /
info.leadsforyou.be/secretariat-social/
Redirect Chain
  • http://lovvisadvertising.go2cloud.org/aff_c?offer_id=522&aff_id=1130&source=cornerpromobefr&file_id=3552
  • https://lovvisadvertising.go2cloud.org/aff_c?offer_id=522&aff_id=1130&source=cornerpromobefr&file_id=3552
  • https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
81 KB
13 KB
Document
General
Full URL
https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Requested by
Host: krs.cornerpromo.com
URL: https://krs.cornerpromo.com/jp/?h=2aa754deb3febbb9ed2e2a37636d4d28&emailmd5=f13b143bb7e397f4c486aa774d18746c&utm_source=CPBE&utm_medium=cpl&utm_term=Finance&countkey=BE&dbid=11008&adv=Secretariat_Social&brd=Secretariat_Social&clt=Lovvis_Advertising&trm=Mathieu&creaid=42267
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.69.136.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a749ff4f9d45ecfa2adbd43a6add339e94caa3a5a56d38d507b512d9590dab9d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

connection
close
content-encoding
gzip
content-location
https://info.leadsforyou.be/secretariat-social/
content-type
text/html; charset=UTF-8
date
Mon, 29 Aug 2022 04:01:34 GMT
etag
"a:6387b340cb3780edef5bcb0b606c4c74"
last-modified
Fri, 30 Apr 2021 12:19:00 GMT
link
<https://info.leadsforyou.be/secretariat-social/>; rel="canonical"
p3p
CP="This is not a privacy policy."
transfer-encoding
chunked
x-proxy-backend
page-server
x-unbounce-pageid
c7552478-b19b-498c-a66b-1ca9363d0155
x-unbounce-variant
a
x-unbounce-visitorid
b6e65ca0-bb57-430f-8a76-30078cf110de

Redirect headers

Access-Control-Allow-Headers
Tune-SDK-Version
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
278
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 29 Aug 2022 04:01:34 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Server
nginx
Tracking_id
102157f788d7fb7981a24bcff2a366
X-Request-Id
1b3b2e7f8e6884eaa2b75ac8ffd63387
X-Robots-Tag
noindex, nofollow
collect
region1.analytics.google.com/g/
0
0

main-7b78720.z.css
builder-assets.unbounce.com/published-css/
15 KB
3 KB
Stylesheet
General
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: info.leadsforyou.be
URL: https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-38.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 02:00:32 GMT
content-encoding
gzip
last-modified
Mon, 06 Jun 2022 23:24:03 GMT
server
AmazonS3
age
6573663
etag
"e50d1ee693e25d7a1512f9322cc1259e"
x-cache
Hit from cloudfront
x-amz-version-id
2AQj3zSW.kdmInzoSdWpR0AQxgxgO5c_
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
text/css
content-length
2902
x-amz-cf-id
XmpjgOfHWcT4k6Yo1fYln86zrNk8fqxVSyuGH84kgl_ilPqphS1YfQ==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.4.2/
70 KB
25 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
Requested by
Host: info.leadsforyou.be
URL: https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 09:29:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
325896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24715
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Aug 2023 09:29:58 GMT
jquery-shims.bundle-aa41391.z.js
builder-assets.unbounce.com/published-js/
6 KB
2 KB
Script
General
Full URL
https://builder-assets.unbounce.com/published-js/jquery-shims.bundle-aa41391.z.js
Requested by
Host: info.leadsforyou.be
URL: https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-38.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa4139190cb04f5caee86d605566b5247b48b429c73a2b8fa59cda391022edab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 06:14:02 GMT
content-encoding
gzip
last-modified
Mon, 04 Jul 2022 16:47:26 GMT
server
AmazonS3
age
1374453
etag
"758360a4c8250a0350ab8677cac77c18"
x-cache
Hit from cloudfront
x-amz-version-id
sk.555KwUlgsW126duQj1Mt5wNtK5cRV
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
content-length
1991
x-amz-cf-id
QRlHtY3Zc5zlNYFMzTUOEHtIVxrso_Q9TzGKzY5YIN6sEvTZL8Pzqg==
ub.js
d34qb8suadcc4g.cloudfront.net/
5 KB
2 KB
Script
General
Full URL
https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Requested by
Host: info.leadsforyou.be
URL: https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:6000:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 10:29:43 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 19:15:08 GMT
server
AmazonS3
age
6629512
etag
"f6420c864830b5860bfaadd47a2bb21b"
x-cache
Hit from cloudfront
x-amz-version-id
bKC28ufbc849z_LglraHgQe9TbPw1SIU
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
content-length
1856
x-amz-cf-id
GP0sGr1CVBdAb41P0crfRKCckln5zFrK1xrn4GIHEU42rez-j_p8xg==
iMAWebCookie.js
www.sc.pages06.net/lp/static/js/
14 KB
14 KB
Script
General
Full URL
https://www.sc.pages06.net/lp/static/js/iMAWebCookie.js?21d76b47-15919543f54-be7239722bf9e6184ab469c11075fd86&h=www.pages06.net
Requested by
Host: info.leadsforyou.be
URL: https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.129.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-129-217.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
27a1e80167055f562f0ddda38620ec1f5a354c5ab795c75da16874f4095520f3
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Mon, 29 Aug 2022 04:01:34 GMT
Last-Modified
Wed, 24 Aug 2022 02:14:13 GMT
Server
Apache
ETag
"3772-5e6f33caf2efb"
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
14194
main.bundle-ab88e31.z.js
builder-assets.unbounce.com/published-js/
102 KB
33 KB
Script
General
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-ab88e31.z.js
Requested by
Host: info.leadsforyou.be
URL: https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-38.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab88e31adb6c691cc5d7ec5ba186800947c1dd234cb5e56e2cbdfe5901d7e58c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 17:30:36 GMT
content-encoding
gzip
last-modified
Mon, 26 Apr 2021 22:29:05 GMT
server
AmazonS3
age
20601059
etag
"5254c0c8307b4cd5db30a5aa0ba0f8ea"
x-cache
Hit from cloudfront
x-amz-version-id
9HCzIetZ2kylNEKmxtJNpCD.kLnf.GiZ
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
content-length
33086
x-amz-cf-id
yoSecZJgiYimuFPAC27jVlsnIF38glNHG9C6ffjOyPXvhnwT3vtd9w==
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/gif
fbevents.js
connect.facebook.net/en_US/
100 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: info.leadsforyou.be
URL: https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9d98a94c67e6e29d48d55ba2f6b415d0646af7f7313b539697eb53b34ab78c4c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26668
x-xss-protection
0
pragma
public
x-fb-debug
B643r/DMZJA55QKY4s3zzF+bCU8N+livT6+cZQ+FjpWyKoXplxSRMjgmbCqnYY71gr5q9S/VwPAGUe3OixJo2Q==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 29 Aug 2022 04:01:34 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1661745581217
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
trackpoint-async.js
s2.adform.net/banners/scripts/st/
Redirect Chain
  • https://track.adform.net/serving/scripts/trackpoint/async/
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js
81 KB
30 KB
Script
General
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: info.leadsforyou.be
URL: https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Protocol
H2
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:01:34 GMT
content-encoding
gzip
last-modified
Wed, 25 May 2022 11:34:23 GMT
server
nginx
x-amz-request-id
tx0000000000000d96ba301-00630c29ad-3233e7e3-default
etag
W/"552eeb5f0620fb6f56733d625b5e719e"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800

Redirect headers

location
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date
Mon, 29 Aug 2022 04:01:34 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html
1dcf5e94-13db-4318-9741-b8a9a882b4e5
https://info.leadsforyou.be/
5 KB
0
Stylesheet
General
Full URL
blob:https://info.leadsforyou.be/1dcf5e94-13db-4318-9741-b8a9a882b4e5
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-ab88e31.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length
5523
Content-Type
text/css
css
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Muli:700,regular,italic%7CWork+Sans:600,regular
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-ab88e31.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1bd1a35a06d5756d7d584d4c7348a3d1468622db385d7b3ae771e340c9264a2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 04:01:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 29 Aug 2022 04:01:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Aug 2022 04:01:34 GMT
76511b28-leads4you-logo_103800k000000000000028.png
d9hhrg4mnvzow.cloudfront.net/info.leadsforyou.be/secretariat-social/
663 B
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/info.leadsforyou.be/secretariat-social/76511b28-leads4you-logo_103800k000000000000028.png
Requested by
Host: info.leadsforyou.be
URL: https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-7.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91fb8d6992ae1d789e97ec43281453a739a99352080b0e38d51719eb9569bda0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 10:27:01 GMT
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
last-modified
Fri, 30 Apr 2021 12:19:00 GMT
server
AmazonS3
age
408874
etag
"152ab155823212a73707b29767a618dd"
x-cache
Hit from cloudfront
x-amz-version-id
LaNYPhOO3osduSFOysGSWtMktYNy.04k
cache-control
max-age=31557600
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/png
content-length
663
x-amz-cf-id
VVi3BaD4rEkmegNqr61Rtwqdy4YOfPxV8077A53dQXczlDEkSvXpVg==
ceb1db93-bobex-secretariat-social_100000000000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/info.leadsforyou.be/secretariat-social/
20 KB
21 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/info.leadsforyou.be/secretariat-social/ceb1db93-bobex-secretariat-social_100000000000000000001o.jpg
Requested by
Host: info.leadsforyou.be
URL: https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-7.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a9242023786e8ab5c5f5464b3e8f5ad4e61bcc0f31ae0ae930bf5920f0c5990

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 10:27:01 GMT
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
last-modified
Fri, 30 Apr 2021 12:19:00 GMT
server
AmazonS3
age
408874
etag
"652e2d72732307d546bdf8ca10814644"
x-cache
Hit from cloudfront
x-amz-version-id
kut8xs_zjbAhLaHGuNgjGbdXKEbIzt4X
cache-control
max-age=31557600
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
20618
x-amz-cf-id
mCUN2VbtLwNrCxjTnJU24TUL58_s8hHFfGL_3g6y0hZaQOnDB9m_ag==
52bdc545-multor-testimonial1-headshot_101e01e00000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/info.leadsforyou.be/secretariat-social/
817 B
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/info.leadsforyou.be/secretariat-social/52bdc545-multor-testimonial1-headshot_101e01e00000000000001o.jpg
Requested by
Host: info.leadsforyou.be
URL: https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-7.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58c9ce6bc1ab4b1cf3b55db9673d48456797945bf56afb076b5ce8404f595cb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 10:27:01 GMT
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
last-modified
Fri, 30 Apr 2021 12:19:00 GMT
server
AmazonS3
age
408874
etag
"2f3054d2f47929bdd31abc374e71b406"
x-cache
Hit from cloudfront
x-amz-version-id
26QZr02bW6MIOcpjokLNsVvTEec7u2kM
cache-control
max-age=31557600
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
817
x-amz-cf-id
DPaHK7OPwba_Fl3EdLKVvLkbefMQsTFTG9tAOqiqesCya1ErTzey3g==
dfb61e74-multor-testimonial1-stars.svg
d9hhrg4mnvzow.cloudfront.net/info.leadsforyou.be/secretariat-social/
2 KB
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/info.leadsforyou.be/secretariat-social/dfb61e74-multor-testimonial1-stars.svg
Requested by
Host: info.leadsforyou.be
URL: https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-7.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f36264b685d6dc5dfb4e7150b686a86973637ff010b77078943f660c1959a85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 05:09:25 GMT
content-encoding
gzip
last-modified
Fri, 30 Apr 2021 12:19:00 GMT
server
AmazonS3
age
168730
etag
W/"0054bbad7eff35cec8eda8c1299faa91"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
rRe6_VzsticDnZLt5TvfiXSNrr8EVCRV
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
cache-control
max-age=31557600
x-amz-cf-pop
FRA53-C1
content-type
image/svg+xml
x-amz-cf-id
j9Tdy3xwFEUqAMMn8YRZAym9Os1OrQut0SnMtsmaBG2SITH5VxWyFQ==
94045dbc-multor-testimonial2-headshot_101e01e00000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/info.leadsforyou.be/secretariat-social/
822 B
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/info.leadsforyou.be/secretariat-social/94045dbc-multor-testimonial2-headshot_101e01e00000000000001o.jpg
Requested by
Host: info.leadsforyou.be
URL: https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-7.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa80a8392b55c15d0eb1332aeceb8c26f5b9416cca9977932b5aef057e9193f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 10:27:01 GMT
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
last-modified
Fri, 30 Apr 2021 12:19:00 GMT
server
AmazonS3
age
408874
etag
"65a28735e4c8dd49f371b3e37c04ca48"
x-cache
Hit from cloudfront
x-amz-version-id
wHXA99yCbv.576dbSO7PyqSX5SESpdRS
cache-control
max-age=31557600
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
822
x-amz-cf-id
2CXigATsYbJw7bFHWuvHZDFQJAVBdvV0qEv4CA3J5sYZpeBxkTuCeQ==
6d441dac-multor-testimonial2-stars.svg
d9hhrg4mnvzow.cloudfront.net/info.leadsforyou.be/secretariat-social/
2 KB
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/info.leadsforyou.be/secretariat-social/6d441dac-multor-testimonial2-stars.svg
Requested by
Host: info.leadsforyou.be
URL: https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-7.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b293a87d73e9bc0b59ef54a72c4b083a1ef0f83df9993c99d99ff4b64a9ce931

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 10:27:00 GMT
content-encoding
gzip
last-modified
Fri, 30 Apr 2021 12:19:00 GMT
server
AmazonS3
age
408875
etag
W/"f95641fbc5af2ca4019cc13e91820eb8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
yPNaoSDnT7mNYoOchXLRG_2lgkRMw.8m
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
cache-control
max-age=31557600
x-amz-cf-pop
FRA53-C1
content-type
image/svg+xml
x-amz-cf-id
XKFaKkejmoHutUwwobumBSAVf7tClSEWhcSBC3nsugtggEY8M5n8SQ==
13b0f11a-multor-benefit1-icon.svg
d9hhrg4mnvzow.cloudfront.net/info.leadsforyou.be/secretariat-social/
4 KB
2 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/info.leadsforyou.be/secretariat-social/13b0f11a-multor-benefit1-icon.svg
Requested by
Host: info.leadsforyou.be
URL: https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-7.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6797b36bf3aa39a187abf928324099323fe670cfcb404c46e7c70eec2ac95dde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 02:02:24 GMT
content-encoding
gzip
last-modified
Fri, 30 Apr 2021 12:19:00 GMT
server
AmazonS3
age
93551
etag
W/"4e383b3ce86e5db55c41a8fb27a27b79"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
3Ycs7qxOWC20og_aRzVLOQtrC6ik6OOu
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
cache-control
max-age=31557600
x-amz-cf-pop
FRA53-C1
content-type
image/svg+xml
x-amz-cf-id
4GLBZyc-rHMB_3vtTZHkzGTY9bujFx5kTJsvE5iUqd7QvVrU8WlnXA==
8ab92ea8-multor-benefit2-icon.svg
d9hhrg4mnvzow.cloudfront.net/info.leadsforyou.be/secretariat-social/
3 KB
2 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/info.leadsforyou.be/secretariat-social/8ab92ea8-multor-benefit2-icon.svg
Requested by
Host: info.leadsforyou.be
URL: https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-7.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e662f1889a1316e89bc56d2b5e3d99a3f5917427e78e36b7ac7aeccc0ae78130

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 10:27:00 GMT
content-encoding
gzip
last-modified
Fri, 30 Apr 2021 12:19:00 GMT
server
AmazonS3
age
408875
etag
W/"b3f125641aea7413fa843ba3be53bf10"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
FSmVh1zfWddt317jeJQzhTNvRdoaCHug
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
cache-control
max-age=31557600
x-amz-cf-pop
FRA53-C1
content-type
image/svg+xml
x-amz-cf-id
3JxlenIeWfhzZnxmSqf2yvn9NieBj8bjlFSLvUzr7-lp8-CfUcynQg==
c32dd90d-multor-benefit3-icon.svg
d9hhrg4mnvzow.cloudfront.net/info.leadsforyou.be/secretariat-social/
8 KB
4 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/info.leadsforyou.be/secretariat-social/c32dd90d-multor-benefit3-icon.svg
Requested by
Host: info.leadsforyou.be
URL: https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-7.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bee50b0a5e3e77afb04e9cde28ce3c4b9271f91ed3fba064bcfff8e380d86dfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 10:27:00 GMT
content-encoding
gzip
last-modified
Fri, 30 Apr 2021 12:19:00 GMT
server
AmazonS3
age
408875
etag
W/"bb76d3041fdbc02f50ba5bde8c72db6c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
m1pgQJo7dUOb7NxTlsDPngoPlAMtqDr.
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
cache-control
max-age=31557600
x-amz-cf-pop
FRA53-C1
content-type
image/svg+xml
x-amz-cf-id
3G1Pnqt5DqZDyLn1h-eNJUjB2COe9Q2_jzfOqKxI3YZhN4yJW2YwxQ==
76511b28-leads4you-logo_104g00s000000000000028.png
d9hhrg4mnvzow.cloudfront.net/info.leadsforyou.be/secretariat-social/
930 B
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/info.leadsforyou.be/secretariat-social/76511b28-leads4you-logo_104g00s000000000000028.png
Requested by
Host: info.leadsforyou.be
URL: https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-7.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90a07a3a0f1289652530fc6b5b4b440d6a6a2f04b2dcbf757764d6203022019a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 10:27:01 GMT
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
last-modified
Fri, 30 Apr 2021 12:19:00 GMT
server
AmazonS3
age
408874
etag
"e286bafa9a52bf2a4dee36c9ace9d96d"
x-cache
Hit from cloudfront
x-amz-version-id
AweO7Wa2HqRPyMyukCFq.2hhotJYXTdY
cache-control
max-age=31557600
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/png
content-length
930
x-amz-cf-id
4omEDovbUzK6YhCAbfkxSFMccaEPG-td_gq5edaIOcCL9Nveamaf2A==
4b694229-red-arrow-2-fw_1046049000000000000028.png
d9hhrg4mnvzow.cloudfront.net/info.leadsforyou.be/secretariat-social/
3 KB
4 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/info.leadsforyou.be/secretariat-social/4b694229-red-arrow-2-fw_1046049000000000000028.png
Requested by
Host: info.leadsforyou.be
URL: https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-7.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d55ac39259d89e078204e6405b9384cea861efd45733e7feb75345fe2c93ec0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 10:27:01 GMT
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
last-modified
Fri, 30 Apr 2021 12:19:00 GMT
server
AmazonS3
age
408874
etag
"d36a732ce832b95a076fd39f6f5fa98a"
x-cache
Hit from cloudfront
x-amz-version-id
ri3BYdQQe_nRJct2zPFO.lTRM7j_CXxC
cache-control
max-age=31557600
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/png
content-length
3465
x-amz-cf-id
rlkAN4e-GNRDVqoqM0Q848Q6wr4qAHaO22XIy1WOZjL6EOFRjFQjBg==
f206d507-secretariat-social_1000000000000000000028.PNG
d9hhrg4mnvzow.cloudfront.net/info.leadsforyou.be/secretariat-social/
13 KB
14 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/info.leadsforyou.be/secretariat-social/f206d507-secretariat-social_1000000000000000000028.PNG
Requested by
Host: info.leadsforyou.be
URL: https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-7.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b4d7548225372c6aab3efb280eb2dab3a7e1af292e6a4b7d9486a397bc84aae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 10:27:00 GMT
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
last-modified
Fri, 30 Apr 2021 12:19:00 GMT
server
AmazonS3
age
408875
etag
"e6fb6511054d0f5f9f2126b734b01823"
x-cache
Hit from cloudfront
x-amz-version-id
fsW2VEI0.i00zB0.sPWifzvuuM.O6hBV
cache-control
max-age=31557600
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/png
content-length
13611
x-amz-cf-id
h4KywyglolKrqdIkHPDi2F59o9QY4lkW-XzEjZwRpwdNc3xhN9ugZQ==
91e4f76b-secretariat-social-2_1000000000000000000028.PNG
d9hhrg4mnvzow.cloudfront.net/info.leadsforyou.be/secretariat-social/
8 KB
8 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/info.leadsforyou.be/secretariat-social/91e4f76b-secretariat-social-2_1000000000000000000028.PNG
Requested by
Host: info.leadsforyou.be
URL: https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-7.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e4028d9ce9625236daa6e52d2625a92fbd3656cfea4239e17803285cd5b3a8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 10:27:00 GMT
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
last-modified
Fri, 30 Apr 2021 12:19:00 GMT
server
AmazonS3
age
408875
etag
"69a9a61894bd083fffac5caf314d1e29"
x-cache
Hit from cloudfront
x-amz-version-id
hgLYjdvrCT1HvsuAdekauRabl6gGH8xs
cache-control
max-age=31557600
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/png
content-length
7818
x-amz-cf-id
zIn4fSJ2XgqnVNhzAycvVQmp-F_o7pLEHWBX69lsLygLUvPIbUA0_Q==
9be4e9ce-loonfiche-ontcijferen_10q40do00000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/info.leadsforyou.be/secretariat-social/
41 KB
41 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/info.leadsforyou.be/secretariat-social/9be4e9ce-loonfiche-ontcijferen_10q40do00000000000001o.jpg
Requested by
Host: info.leadsforyou.be
URL: https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-7.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d6f6199f2d3182a68a06fc0baa24fbd2372ac3b0e110e925f3ad3c8a33ab82ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 10:27:01 GMT
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
last-modified
Fri, 30 Apr 2021 12:19:00 GMT
server
AmazonS3
age
408874
etag
"fad2d4a44b2aaa86a259bda080b762ce"
x-cache
Hit from cloudfront
x-amz-version-id
FpFhIC2S.VdlfY_wgXuxUcJ_EpTveLeO
cache-control
max-age=31557600
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
42013
x-amz-cf-id
sgh1WoR2Ro2QIhD3k4NfSQOxcdC1Y9MxRo6_ejK_mTMlSUkC4rSSpQ==
sp-2.14.0.js
d34qb8suadcc4g.cloudfront.net/
98 KB
30 KB
Script
General
Full URL
https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by
Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:6000:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 04:44:06 GMT
content-encoding
gzip
last-modified
Wed, 04 Nov 2020 01:35:32 GMT
server
AmazonS3
age
1725449
etag
"73de733c308b8b5e44d2a6242dc4bd99"
x-cache
Hit from cloudfront
x-amz-version-id
rVTqklA1qqyT_0VdOCY323BKPISR0uej
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
content-length
30399
x-amz-cf-id
TEVxBa-Byhaz70wG2Ldsz2ea-VjTnUVf7WC15U7RaUejA5uu_lH8LQ==
801994286565782
connect.facebook.net/signals/config/
293 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/801994286565782?v=2.9.78&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
be5207643036d5d45c9b95232cb3336c30cce81002bd7b90ae565b88f03f2d9b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
rVkor/Z/Uqm5Xq1e0DeWrCp31RxO9bN+GxyFHcN3VfXMQJdDagBXKAZfBf8l55N03GpY58B/tK2HEIosSdCdMA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 29 Aug 2022 04:01:34 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1661745694380
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
i
events.ub-analytics.com/
43 B
245 B
Image
General
Full URL
https://events.ub-analytics.com/i?stm=1661745694321&e=pv&url=https%3A%2F%2Finfo.leadsforyou.be%2Fsecretariat-social%2F%3Faff%3Delvis%26utm_source%3D1130%26pixel_id%3D374&page=Secr%C3%A9tariat%20social%20%7C%20Bobex.be&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=f20d3cbd-85cc-4413-b8a5-cf4fa5d10305&dtm=1661745694320&vp=1600x1200&ds=1600x4123&vid=1&sid=28d3f4d0-0e98-4991-a3d6-7f85c32dc35e&duid=d7a58287-7979-4613-9a67-c158edbdffe9&uid=b6e65ca0-bb57-430f-8a76-30078cf110de&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiYzc1NTI0NzgtYjE5Yi00OThjLWE2NmItMWNhOTM2M2QwMTU1IiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0
Requested by
Host: info.leadsforyou.be
URL: https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.231.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-231-66.compute-1.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 29 Aug 2022 04:01:34 GMT
access-control-allow-credentials
true
server
akka-http/10.0.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
43
content-type
image/gif
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v28/
30 KB
31 KB
Font
General
Full URL
https://fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:700,regular,italic%7CWork+Sans:600,regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://info.leadsforyou.be
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 17:42:58 GMT
x-content-type-options
nosniff
age
555516
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31196
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:43:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 17:42:58 GMT
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v18/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:700,regular,italic%7CWork+Sans:600,regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://info.leadsforyou.be
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 19:25:30 GMT
x-content-type-options
nosniff
age
462964
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47728
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 17:55:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Aug 2023 19:25:30 GMT
7Aujp_0qiz-afTfcIyoiGtm2P0wG05Fz4eqVww.woff2
fonts.gstatic.com/s/muli/v28/
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/muli/v28/7Aujp_0qiz-afTfcIyoiGtm2P0wG05Fz4eqVww.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:700,regular,italic%7CWork+Sans:600,regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b773f333244b82e17697d03ac6262fbe77f95e9a9ce8c831b2aa7fc15bbba4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://info.leadsforyou.be
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 01:12:33 GMT
x-content-type-options
nosniff
age
528541
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17252
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 21:01:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Aug 2023 01:12:33 GMT
2314230918902501
connect.facebook.net/signals/config/
292 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/2314230918902501?v=2.9.78&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ecb07e1b82ca9a6cf381f2478e340a837f7978b50ba4d52f5a25e7df1906b68e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
ZhWgUmCTNbeuGHegxu6dPTqoS6FWmVwY8OrSZzyiyPFmpv7ZEgg6seBrYUadlwldY+nCYtEqk6BoRzQmYBEbNg==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 29 Aug 2022 04:01:34 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1661745694468
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
297 B
Image
General
Full URL
https://www.facebook.com/tr/?id=801994286565782&ev=PageView&dl=https%3A%2F%2Finfo.leadsforyou.be%2Fsecretariat-social%2F%3Faff%3Delvis%26utm_source%3D1130%26pixel_id%3D374&rl=&if=false&ts=1661745694413&sw=1600&sh=1200&v=2.9.78&r=stable&ec=0&o=30&fbp=fb.1.1661745694412.542543081&it=1661745694307&coo=false&rqm=GET
Requested by
Host: info.leadsforyou.be
URL: https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:01:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 29 Aug 2022 04:01:34 GMT
1665395963700857
connect.facebook.net/signals/config/
293 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1665395963700857?v=2.9.78&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3b6aacab071e840bc9535d9fa3ebcbd7e284910f0bd9cf86534423c9f02dddc8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
WSu5rG0ZHxX/JFk7BTa0EeY3jx2uKsxLk7+TrBCQ98COc19ijOY/iGQfq6t+4PymC9GhblyoVablWli7GWUbww==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 29 Aug 2022 04:01:34 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1661745694547
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
91 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2314230918902501&ev=PageView&dl=https%3A%2F%2Finfo.leadsforyou.be%2Fsecretariat-social%2F%3Faff%3Delvis%26utm_source%3D1130%26pixel_id%3D374&rl=&if=false&ts=1661745694488&sw=1600&sh=1200&v=2.9.78&r=stable&ec=0&o=30&fbp=fb.1.1661745694412.542543081&it=1661745694307&coo=false&rqm=GET
Requested by
Host: info.leadsforyou.be
URL: https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:01:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Mon, 29 Aug 2022 04:01:34 GMT
/
track.adform.net/Serving/TrackPoint/
Redirect Chain
  • https://track.adform.net/Serving/TrackPoint/?pm=1031545&ADFdivider=%7C&ord=170270749824&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Finfo.leadsforyou.be%2Fsecretariat-social%2F...
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1031545&ADFdivider=%7C&ord=170270749824&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Finfo.leadsforyou.be%2Fsecretariat-soci...
139 B
612 B
Script
General
Full URL
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1031545&ADFdivider=%7C&ord=170270749824&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Finfo.leadsforyou.be%2Fsecretariat-social%2F%3Faff%3Delvis%26utm_source%3D1130%26pixel_id%3D374
Requested by
Host: info.leadsforyou.be
URL: https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Protocol
H2
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
23b524cd0ae4540bd94c48dc87a9d91915bde8ac9a3a4c5c2a1c1d9ab0c80263
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 04:01:34 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
206
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 29 Aug 2022 04:01:34 GMT
server
nginx
location
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1031545&ADFdivider=%7C&ord=170270749824&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Finfo.leadsforyou.be%2Fsecretariat-social%2F%3Faff%3Delvis%26utm_source%3D1130%26pixel_id%3D374
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/html; charset=utf-8
expires
-1
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1665395963700857&ev=PageView&dl=https%3A%2F%2Finfo.leadsforyou.be%2Fsecretariat-social%2F%3Faff%3Delvis%26utm_source%3D1130%26pixel_id%3D374&rl=&if=false&ts=1661745694563&sw=1600&sh=1200&v=2.9.78&r=stable&ec=0&o=30&fbp=fb.1.1661745694412.542543081&it=1661745694307&coo=false&rqm=GET
Requested by
Host: info.leadsforyou.be
URL: https://info.leadsforyou.be/secretariat-social/?aff=elvis&utm_source=1130&pixel_id=374
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:01:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Mon, 29 Aug 2022 04:01:34 GMT
event.jpeg
www.pages06.net/WTS/
0
473 B
Image
General
Full URL
https://www.pages06.net/WTS/event.jpeg?accesskey=21d76b47-15919543f54-be7239722bf9e6184ab469c11075fd86&v=1.31&isNewSession=1&type=pageview&isNewVisitor=1&sessionGUID=8b2cbd65-68d3-5b3d-e72e-e397583cd7ed&webSyncID=02b6e31d-7419-cb16-a743-56dd387c8771&url=https%3A%2F%2Finfo.leadsforyou.be%2Fsecretariat-social%2F%3Faff%3Delvis%26utm_source%3D1130%26pixel_id%3D374&newSiteVisit=1&hostname=info.leadsforyou.be&pathname=%2Fsecretariat-social%2F&newPageVisit=1&eventKey=8d54bb56-1adb-5c4d-01dd-5eb1a5e00c2a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.129.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-129-217.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Aug 2022 04:01:34 GMT
Server
Apache
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
p3p
CP="CAO PSA OUR"
Cache-Control
no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
Connection
close
Content-Type
image/jpeg
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=801994286565782&ev=Microdata&dl=https%3A%2F%2Finfo.leadsforyou.be%2Fsecretariat-social%2F%3Faff%3Delvis%26utm_source%3D1130%26pixel_id%3D374&rl=&if=false&ts=1661745694920&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Secr%C3%A9tariat%20social%20%7C%20Bobex.be%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Secr%C3%A9tariat%20social%20%7C%20Bobex.be%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.78&r=stable&ec=1&o=30&fbp=fb.1.1661745694412.542543081&it=1661745694307&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:01:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Mon, 29 Aug 2022 04:01:34 GMT
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2314230918902501&ev=Microdata&dl=https%3A%2F%2Finfo.leadsforyou.be%2Fsecretariat-social%2F%3Faff%3Delvis%26utm_source%3D1130%26pixel_id%3D374&rl=&if=false&ts=1661745694989&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Secr%C3%A9tariat%20social%20%7C%20Bobex.be%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Secr%C3%A9tariat%20social%20%7C%20Bobex.be%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.78&r=stable&ec=1&o=30&fbp=fb.1.1661745694412.542543081&it=1661745694307&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:01:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Mon, 29 Aug 2022 04:01:34 GMT
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1665395963700857&ev=Microdata&dl=https%3A%2F%2Finfo.leadsforyou.be%2Fsecretariat-social%2F%3Faff%3Delvis%26utm_source%3D1130%26pixel_id%3D374&rl=&if=false&ts=1661745695064&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Secr%C3%A9tariat%20social%20%7C%20Bobex.be%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Secr%C3%A9tariat%20social%20%7C%20Bobex.be%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.78&r=stable&ec=1&o=30&fbp=fb.1.1661745694412.542543081&it=1661745694307&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://info.leadsforyou.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:01:35 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Mon, 29 Aug 2022 04:01:35 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
region1.analytics.google.com
URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-5VKFC3JRFW&gtm=2oe8o0&_p=1553045167&cid=1916092980.1661745692&ul=en-us&sr=1600x1200&_z=ccd.v9B&sid=1661745691&sct=1&seg=0&dl=https%3A%2F%2Fkrs.cornerpromo.com%2Fjp%2F%3Fh%3D2aa754deb3febbb9ed2e2a37636d4d28%26emailmd5%3Df13b143bb7e397f4c486aa774d18746c%26utm_source%3DCPBE%26utm_medium%3Dcpl%26utm_term%3DFinance%26countkey%3DBE%26dbid%3D11008%26adv%3DSecretariat_Social%26brd%3DSecretariat_Social%26clt%3DLovvis_Advertising%26trm%3DMathieu%26creaid%3D42267&dt=Vous%20allez%20%C3%AAtre%20redirig%C3%A9&_s=2

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| lp object| ub object| module object| errors function| fbq function| _fbq object| _adftrack function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ object| UnbounceSnowplowNamespace function| ubSnowplow object| ewt function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow object| Adform object| KJUR object| adf string| ewt_host string| ewt_page_key

19 Cookies

Domain/Path Name / Value
info.leadsforyou.be/secretariat-social/ Name: ubpv
Value: a%2Cc7552478-b19b-498c-a66b-1ca9363d0155
links.cornerpromo.com/ Name: TEMP_DATA
Value: 88fe2052-45cb-470c-a333-1d668cf9a486
links.cornerpromo.com/ Name: esg1
Value: c4y/Ftl5/DVX6pFe2xhKhmhFx_znIoy/o/Jcp/F/da87b0da
.cornerpromo.com/ Name: _gid
Value: GA1.2.2036766100.1661745692
.cornerpromo.com/ Name: _gat_UA-117927431-4
Value: 1
.cornerpromo.com/ Name: _ga
Value: GA1.2.1916092980.1661745692
lovvisadvertising.go2cloud.org/ Name: enc_aff_session_522
Value: ENC03e60ceb514fd61a4abae1b25e7b27297d662c27fde09cbf0051c8b7951f60adea20df5cc77f462c067a6354a549621e2abf308f3c8ec8e2dbb2bba64f8d139ff4cbc07c3cabb4642b56c7319f15a8d1a3e4f09a4b051fd509a406a8eecf0f0657fac2fa5c298a5a6e281ba762723f6c91b930c6f83be00cb4e8d3b52f6d704887295845d2
lovvisadvertising.go2cloud.org/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDQiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEwNC4wLjUxMTIuMTAxIFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJkZS1ERSxkZTtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
info.leadsforyou.be/ Name: ubvs
Value: b6e65ca0-bb57-430f-8a76-30078cf110de
.leadsforyou.be/ Name: ubvt
Value: b6e65ca0-bb57-430f-8a76-30078cf110de
.cornerpromo.com/ Name: _ga_5VKFC3JRFW
Value: GS1.1.1661745691.1.0.1661745694.57.0.0
www.sc.pages06.net/ Name: Silverpop_cookie
Value: 412083210.17439.0000
.leadsforyou.be/ Name: _fbp
Value: fb.1.1661745694412.542543081
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 8641450073626647801
.info.leadsforyou.be/ Name: com.silverpop.iMAWebCookie
Value: 02b6e31d-7419-cb16-a743-56dd387c8771
.info.leadsforyou.be/ Name: com.silverpop.iMA.session
Value: 8b2cbd65-68d3-5b3d-e72e-e397583cd7ed
.info.leadsforyou.be/ Name: com.silverpop.iMA.page_visit
Value: 1324923361:
www.pages06.net/ Name: Silverpop_cookie
Value: 999285770.4525.0000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
builder-assets.unbounce.com
connect.facebook.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
info.leadsforyou.be
krs.cornerpromo.com
links.cornerpromo.com
lovvisadvertising.go2cloud.org
region1.analytics.google.com
s2.adform.net
stats.g.doubleclick.net
track.adform.net
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.pages06.net
www.sc.pages06.net
region1.analytics.google.com
143.204.214.7
18.157.129.217
2001:4860:4802:32::36
2600:9000:2057:6000:1d:11cf:5800:93a1
2a00:1450:4001:803::2003
2a00:1450:4001:803::200a
2a00:1450:4001:806::2003
2a00:1450:4001:813::200a
2a00:1450:4001:827::2008
2a00:1450:4001:82a::200e
2a00:1450:400c:c00::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.69.136.55
34.159.45.57
37.157.3.30
37.157.6.235
46.248.181.125
52.203.231.66
52.210.2.133
99.86.4.38
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1b4d7548225372c6aab3efb280eb2dab3a7e1af292e6a4b7d9486a397bc84aae
1bd1a35a06d5756d7d584d4c7348a3d1468622db385d7b3ae771e340c9264a2d
23b524cd0ae4540bd94c48dc87a9d91915bde8ac9a3a4c5c2a1c1d9ab0c80263
27a1e80167055f562f0ddda38620ec1f5a354c5ab795c75da16874f4095520f3
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
2b773f333244b82e17697d03ac6262fbe77f95e9a9ce8c831b2aa7fc15bbba4f
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
2f36264b685d6dc5dfb4e7150b686a86973637ff010b77078943f660c1959a85
3a9242023786e8ab5c5f5464b3e8f5ad4e61bcc0f31ae0ae930bf5920f0c5990
3b6aacab071e840bc9535d9fa3ebcbd7e284910f0bd9cf86534423c9f02dddc8
4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31
58c9ce6bc1ab4b1cf3b55db9673d48456797945bf56afb076b5ce8404f595cb6
6797b36bf3aa39a187abf928324099323fe670cfcb404c46e7c70eec2ac95dde
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7e4028d9ce9625236daa6e52d2625a92fbd3656cfea4239e17803285cd5b3a8d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
90a07a3a0f1289652530fc6b5b4b440d6a6a2f04b2dcbf757764d6203022019a
91fb8d6992ae1d789e97ec43281453a739a99352080b0e38d51719eb9569bda0
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
9d55ac39259d89e078204e6405b9384cea861efd45733e7feb75345fe2c93ec0
9d98a94c67e6e29d48d55ba2f6b415d0646af7f7313b539697eb53b34ab78c4c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a749ff4f9d45ecfa2adbd43a6add339e94caa3a5a56d38d507b512d9590dab9d
aa4139190cb04f5caee86d605566b5247b48b429c73a2b8fa59cda391022edab
ab88e31adb6c691cc5d7ec5ba186800947c1dd234cb5e56e2cbdfe5901d7e58c
b293a87d73e9bc0b59ef54a72c4b083a1ef0f83df9993c99d99ff4b64a9ce931
be5207643036d5d45c9b95232cb3336c30cce81002bd7b90ae565b88f03f2d9b
bee50b0a5e3e77afb04e9cde28ce3c4b9271f91ed3fba064bcfff8e380d86dfa
c01bedeafcc93f22d52af916faa5d9edde8dc7f9c81e8b005811d4db134f0dc3
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d1318f886a6e4ec8f0a2f30fffd9e900485ae0fb826fe484d3a78886d7798f59
d6f6199f2d3182a68a06fc0baa24fbd2372ac3b0e110e925f3ad3c8a33ab82ba
da1e92fc3fb9a19f018b1d0f6bf371f2a7499b72476879ac01ca86264d6a2ed8
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2150091ef038af6bdb97371daaba518a3a622c29489988c72550bc8c8dddb
e662f1889a1316e89bc56d2b5e3d99a3f5917427e78e36b7ac7aeccc0ae78130
ecb07e1b82ca9a6cf381f2478e340a837f7978b50ba4d52f5a25e7df1906b68e
ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa80a8392b55c15d0eb1332aeceb8c26f5b9416cca9977932b5aef057e9193f7