urlscan.io logo urlscan.io
SecurityTrails logo

my.qred.be Open in urlscan Pro
2600:9000:2127:7400:11:36b2:7c80:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://my.qred.be/bank-integration
Effective URL: https://my.qred.be/bank-integration
Submission: On April 05 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 4 countries across 21 domains to perform 69 HTTP transactions. The main IP is 2600:9000:2127:7400:11:36b2:7c80:93a1, located in United States and belongs to AMAZON-02, US. The main domain is my.qred.be.
TLS certificate: Issued by Amazon RSA 2048 M02 on August 15th 2023. Valid for: a year.
This is the only time my.qred.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2600:9000:212... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
6 34.96.102.137 396982 (GOOGLE-CL...)
4 151.101.66.217 54113 (FASTLY)
1 2600:9000:272... 16509 (AMAZON-02)
5 34.120.195.249 396982 (GOOGLE-CL...)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 142.250.186.130 15169 (GOOGLE)
3 51.158.227.185 12876 (Online SAS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:212... 16509 (AMAZON-02)
1 142.250.186.72 15169 (GOOGLE)
1 15.197.213.252 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.18.192.125 13335 (CLOUDFLAR...)
4 35.174.236.115 14618 (AMAZON-AES)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 3.161.82.39 16509 (AMAZON-02)
69 27
5    2600:9000:2127:7400:11:36b2:7c80:93a1 (United States)

ASN16509 (AMAZON-02, US)
my.qred.be
3    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
4    151.101.66.217 (United States)

ASN54113 (FASTLY, US)
app.launchdarkly.com
1    2600:9000:2724:6000:1d:3be7:ae40:93a1 (United States)

ASN16509 (AMAZON-02, US)
eu.posthog.com
5    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o294555.ingest.sentry.io
10    2606:4700::6813:b234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
pagead2.googlesyndication.com
3    51.158.227.185 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-227-185.lb.nl-ams.scw.cloud
sgtm.qred.be
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6810:89d1 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
js-na1.hs-scripts.com
1    2600:9000:2127:ba00:1e:5ae:1e00:93a1 (United States)

ASN16509 (AMAZON-02, US)
x.klarnacdn.net
1    142.250.186.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f8.1e100.net
www.googletagmanager.com
1    15.197.213.252 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa1ba9bef7b18c265.awsglobalaccelerator.com
clientstream.launchdarkly.com
1    2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
3    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2606:4700::6810:4dba (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6811:e07c (United States)

ASN13335 (CLOUDFLARENET, US)
js.hubspotfeedback.com
1    2606:4700::6812:8d11 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsleadflows.net
5    2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hubspot.com
api.hubspot.com
cta-service-cms2.hubspot.com
forms.hubspot.com
1    2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:f8a8 (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
1    104.18.192.125 (None, )

ASN13335 (CLOUDFLARENET, US)
perf-na1.hsforms.com
4    35.174.236.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-236-115.compute-1.amazonaws.com
events.launchdarkly.com
3    2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)
app.hubspot.com
track.hubspot.com
1    3.161.82.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-39.fra56.r.cloudfront.net
my.qred.be
Apex Domain
Subdomains		 Transfer
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 314
147 KB
9 launchdarkly.com
app.launchdarkly.com — Cisco Umbrella Rank: 764
clientstream.launchdarkly.com — Cisco Umbrella Rank: 910
events.launchdarkly.com — Cisco Umbrella Rank: 893
1 KB
9 qred.be
my.qred.be
sgtm.qred.be
1 MB
8 hubspot.com
js.hubspot.com — Cisco Umbrella Rank: 4384
api.hubspot.com — Cisco Umbrella Rank: 4933
cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 4304
app.hubspot.com — Cisco Umbrella Rank: 5611
track.hubspot.com — Cisco Umbrella Rank: 2436
forms.hubspot.com — Cisco Umbrella Rank: 5483
31 KB
6 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 3097
58 KB
5 sentry.io
o294555.ingest.sentry.io
493 B
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
369 KB
3 gstatic.com
fonts.gstatic.com
24 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2709
305 B
2 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2558
js-na1.hs-scripts.com — Cisco Umbrella Rank: 6553
2 KB
1 hsforms.com
perf-na1.hsforms.com — Cisco Umbrella Rank: 4655
925 B
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 4929
25 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2328
24 KB
1 hsleadflows.net
js.hsleadflows.net — Cisco Umbrella Rank: 5217
88 KB
1 hubspotfeedback.com
js.hubspotfeedback.com — Cisco Umbrella Rank: 15502
10 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2311
22 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 552
310 B
1 klarnacdn.net
x.klarnacdn.net — Cisco Umbrella Rank: 7834
122 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38
866 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
64 B
1 posthog.com
eu.posthog.com — Cisco Umbrella Rank: 44925
982 B
69 21
Domain Requested by
10 cdn.cookielaw.org www.googletagmanager.com
my.qred.be
cdn.cookielaw.org
6 dev.visualwebsiteoptimizer.com my.qred.be
dev.visualwebsiteoptimizer.com
6 my.qred.be my.qred.be
5 o294555.ingest.sentry.io my.qred.be
4 events.launchdarkly.com my.qred.be
4 app.launchdarkly.com my.qred.be
4 www.googletagmanager.com my.qred.be
www.googletagmanager.com
3 fonts.gstatic.com fonts.googleapis.com
3 sgtm.qred.be my.qred.be
2 app.hubspot.com js.hubspotfeedback.com
js.usemessages.com
2 api.hubspot.com my.qred.be
2 region1.google-analytics.com www.googletagmanager.com
1 forms.hubspot.com my.qred.be
1 track.hubspot.com
1 js-na1.hs-scripts.com js.hs-analytics.net
1 perf-na1.hsforms.com my.qred.be
1 cta-service-cms2.hubspot.com my.qred.be
1 js.usemessages.com js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hubspot.com js.hs-scripts.com
1 js.hsleadflows.net js.hs-scripts.com
1 js.hubspotfeedback.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 geolocation.onetrust.com my.qred.be
1 clientstream.launchdarkly.com my.qred.be
1 x.klarnacdn.net my.qred.be
1 js.hs-scripts.com my.qred.be
1 fonts.googleapis.com client
1 pagead2.googlesyndication.com www.googletagmanager.com
1 eu.posthog.com my.qred.be
69 30

This site contains links to these domains. Also see Links.

Domain
www.qred.be
www.onetrust.com
Subject Issuer Validity Valid
*.qred.be
Amazon RSA 2048 M02		 2023-08-15 -
2024-09-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2023-07-06 -
2024-07-06		 a year crt.sh
app.launchdarkly.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-04-04 -
2025-05-06		 a year crt.sh
eu.posthog.com
Amazon RSA 2048 M03		 2023-08-09 -
2024-09-07		 a year crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-12-02		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2024-03-01 -
2024-12-31		 10 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
sgtm.qred.be
R3		 2024-02-21 -
2024-05-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
hs-scripts.com
E1		 2024-04-01 -
2024-06-30		 3 months crt.sh
x.klarnacdn.net
Amazon RSA 2048 M03		 2024-02-27 -
2025-03-27		 a year crt.sh
clientstream.launchdarkly.com
Amazon RSA 2048 M02		 2023-08-09 -
2024-09-05		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-14 -
2024-05-13		 a year crt.sh
hubspotfeedback.com
GTS CA 1P5		 2024-04-03 -
2024-07-02		 3 months crt.sh
hsleadflows.net
E1		 2024-04-05 -
2024-07-04		 3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2024-01-06 -
2024-12-31		 a year crt.sh
hs-banner.com
E1		 2024-04-01 -
2024-06-30		 3 months crt.sh
events.launchdarkly.com
Amazon ECDSA 256 M02		 2023-06-21 -
2024-07-20		 a year crt.sh

This page contains 3 frames:

Primary Page: https://my.qred.be/bank-integration
Frame ID: 94F63957A00E7FEB628A02BAE5FFF7EF
Requests: 62 HTTP requests in this frame

Frame: https://app.hubspot.com/feedback-web-fetcher
Frame ID: 1320CEF3670EA7CBFB52225F308B3F45
Requests: 1 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/3462817/threads/utk/af479bfcd7d24ce5b6a8d1ba61b0bd79?uuid=a6086ceb71e74405b57c20174b898318&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=my.qred.be&inApp53=false&messagesUtk=af479bfcd7d24ce5b6a8d1ba61b0bd79&url=https%3A%2F%2Fmy.qred.be%2Fbank-integration&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=true&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=true&isInCMS=false
Frame ID: BE9AC1AEC39CFAAFCC54BE4E513AC98E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Qred | My QredQred | MyQred

Page URL History Show full URLs

  1. http://my.qred.be/bank-integration HTTP 307
    https://my.qred.be/bank-integration Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

69
Requests

100 %
HTTPS

63 %
IPv6

21
Domains

30
Subdomains

27
IPs

4
Countries

2113 kB
Transfer

8169 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://my.qred.be/bank-integration HTTP 307
    https://my.qred.be/bank-integration Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

69 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request bank-integration
my.qred.be/
Redirect Chain
  • http://my.qred.be/bank-integration
  • https://my.qred.be/bank-integration
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.qred.be/bank-integration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:7400:11:36b2:7c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2be5d8e68281532e455fe1bb5b76a47d49833da350ecf44c2e601a53a8bd550a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8784
alt-svc
h3=":443"; ma=86400
content-encoding
br
content-type
text/html
date
Fri, 05 Apr 2024 07:57:16 GMT
etag
W/"83063f2c691fd3d57c925ac254df3b64"
last-modified
Fri, 05 Apr 2024 07:55:19 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
x-amz-cf-id
n3n_4LP9XC7-YWiJHRolq1ABPWBUpOHsVc3M6ED9MWXzvIRweVi0GQ==
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront

Redirect headers

Location
https://my.qred.be/bank-integration
Non-Authoritative-Reason
HttpsUpgrades
reset.css
my.qred.be/ 		1 KB
916 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.qred.be/reset.css
Requested by
Host: my.qred.be
URL: https://my.qred.be/bank-integration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:7400:11:36b2:7c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54b34027cb35103d5b0e1ca0a51f296323daa88185efdb5d3f74bffd47766b6f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/bank-integration
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 07:57:16 GMT
content-encoding
br
via
1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
last-modified
Fri, 05 Apr 2024 07:55:20 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
8784
etag
W/"e607b0249f8077f9fca189351120f146"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
igtTqJNDHuQ5MZsx-NbW5196wHGp5e4JTE-Fdv90yCNtPLbJ4Nw-bQ==
index-d10470a7.js
my.qred.be/assets/ 		1 MB
307 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.qred.be/assets/index-d10470a7.js
Requested by
Host: my.qred.be
URL: https://my.qred.be/bank-integration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:7400:11:36b2:7c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fbc0410ed7e1ec24365afa107ac2d90947e01aeec4488d1e8af0a6c03351fc51

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/bank-integration
Origin
https://my.qred.be
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 07:57:16 GMT
content-encoding
br
via
1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
last-modified
Fri, 05 Apr 2024 07:55:17 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
8784
etag
W/"c925d13192ac88587faa397672fcc758"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Leg05vRPkFPPaXHBaIqQq-S8QTt6g-Yx31_7xEauNwj8ZvW2KB-ANw==
vendor-14fe276c.js
my.qred.be/assets/ 		3 MB
874 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.qred.be/assets/vendor-14fe276c.js
Requested by
Host: my.qred.be
URL: https://my.qred.be/bank-integration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:7400:11:36b2:7c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f52ad12cc79f9c6c45f340261853e43d96a1526745891981ae2b38dc2a2ec4ec

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/bank-integration
Origin
https://my.qred.be
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 07:57:16 GMT
content-encoding
br
via
1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
last-modified
Fri, 05 Apr 2024 07:55:18 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
8784
etag
W/"480c0147f5cea56e1cb37c12c8ab1c58"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
bL5sCLi7AkWAFymHxgvjOT_4HwX45JkT-qREDOrxIZGPnA28w2MrVg==
vendor-9a3fd642.css
my.qred.be/assets/ 		2 KB
725 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.qred.be/assets/vendor-9a3fd642.css
Requested by
Host: my.qred.be
URL: https://my.qred.be/bank-integration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:7400:11:36b2:7c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a3fd642622cf94cc18afa5edb1a20824998b4476d435cf5fcb309238c2c0b19

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/bank-integration
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 07:57:16 GMT
content-encoding
br
via
1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
last-modified
Fri, 05 Apr 2024 07:55:18 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
8784
etag
W/"3fc20012deb7338986bac687e91e649c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
NGGbXFHgv-e1HaWKpDoTywQlYZACfvn9Q-vxVTZ4s1TPgp7tX65-Ug==
gtm.js
www.googletagmanager.com/ 		302 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T4FKBBG
Requested by
Host: my.qred.be
URL: https://my.qred.be/bank-integration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4b5a6084c86d3aca7e4a01d2eff8a5a640d72951e183fbfc4c29d170ac982d58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
102144
x-xss-protection
0
last-modified
Fri, 05 Apr 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 05 Apr 2024 10:23:40 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=560967&u=https%3A%2F%2Fmy.qred.be%2Fbank-integration&f=1&r=0.09981526427672383
Requested by
Host: my.qred.be
URL: https://my.qred.be/bank-integration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
7c133e09c608837479186ba6dbf05e0f3bc6f4d6d3ec64080eb3a9bde2ca3e92

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:40 GMT
content-encoding
gzip
via
1.1 google
server
gams1
etag
W/"1712311299"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, no-cache, must-revalidate
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
tag-d1ccd4b32dadfc2ef0e993bd5f5fe0d4.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 		184 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-d1ccd4b32dadfc2ef0e993bd5f5fe0d4.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=560967&u=https%3A%2F%2Fmy.qred.be%2Fbank-integration&f=1&r=0.09981526427672383
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
ef0bccd2f8727cea6305da6e9f3e3632f263c849599089e5448ce5e9c46500d2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
Origin
https://my.qred.be
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:40 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 05 Apr 2024 10:01:23 GMT
server
gams1
etag
"660fcbf3-cd9e"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52638
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=560967&d=my.qred.be&u=D5FDF3CCBF9578463566BE2FEA0B78505&h=2b6ce70442b899bb2d2a4751b0840b25&t=false
Requested by
Host: my.qred.be
URL: https://my.qred.be/bank-integration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv2c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:39 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv2c
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=43200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
6053a56c427dc00dba3527fb
app.launchdarkly.com/sdk/goals/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/6053a56c427dc00dba3527fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
GET
Origin
https://my.qred.be
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Fri, 05 Apr 2024 10:23:40 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-served-by
cache-fra-eddf8230159-FRA
x-timer
S1712312620.367244,VS0,VE1
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjkyMzg0OTkwLWYzMzYtMTFlZS1hYjhhLWZkZjc4M2NjNzI2NSJ9
app.launchdarkly.com/sdk/evalx/6053a56c427dc00dba3527fb/users/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/6053a56c427dc00dba3527fb/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjkyMzg0OTkwLWYzMzYtMTFlZS1hYjhhLWZkZjc4M2NjNzI2NSJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
GET
Origin
https://my.qred.be
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Fri, 05 Apr 2024 10:23:40 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-served-by
cache-fra-eddf8230159-FRA
x-timer
S1712312620.367122,VS0,VE1
/
eu.posthog.com/decide/ 		866 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eu.posthog.com/decide/?v=3&ip=1&_=1712312620184&ver=1.99.0
Requested by
Host: my.qred.be
URL: https://my.qred.be/assets/vendor-14fe276c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:6000:1d:3be7:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
be898a075d114275187a6065e0e7909155ba97c85fac58f8c714e0b06706f344
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 05 Apr 2024 10:23:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 58afb490a7c8c45de5813dbf9e713c0c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
25
referrer-policy
same-origin
server
envoy
cross-origin-opener-policy
same-origin
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://my.qred.be
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type
x-amz-cf-id
R4mwQHgkRpuC5gWfMqGHRgghzM-PK2WLLij_iDL1rKT_6_BTSqyZog==
/
o294555.ingest.sentry.io/api/5523729/envelope/ 		2 B
299 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o294555.ingest.sentry.io/api/5523729/envelope/?sentry_key=37cdcd5ee4e94ecb8c748666a244bfd9&sentry_version=7&sentry_client=sentry.javascript.react%2F7.77.0
Requested by
Host: my.qred.be
URL: https://my.qred.be/assets/vendor-14fe276c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 05 Apr 2024 10:23:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
6053a56c427dc00dba3527fb
app.launchdarkly.com/sdk/goals/ 		2 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/6053a56c427dc00dba3527fb
Requested by
Host: my.qred.be
URL: https://my.qred.be/assets/vendor-14fe276c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.24.2
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://my.qred.be/
X-LaunchDarkly-Wrapper
react-client-sdk/2.29.4
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 varnish
date
Fri, 05 Apr 2024 10:23:40 GMT
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
content-length
26
x-served-by
cache-fra-eddf8230159-FRA
x-timer
S1712312620.396898,VS0,VE5
etag
"d751713988987e9331980363e24189ce"
ld-region
us-east-1
access-control-max-age
300
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits
1
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjkyMzg0OTkwLWYzMzYtMTFlZS1hYjhhLWZkZjc4M2NjNzI2NSJ9
app.launchdarkly.com/sdk/evalx/6053a56c427dc00dba3527fb/users/ 		477 B
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/6053a56c427dc00dba3527fb/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjkyMzg0OTkwLWYzMzYtMTFlZS1hYjhhLWZkZjc4M2NjNzI2NSJ9
Requested by
Host: my.qred.be
URL: https://my.qred.be/assets/vendor-14fe276c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f8463ad4a0dab64bb593864824d3bff0bd2a95ab9ee0052e2359478504968cfd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.24.2
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://my.qred.be/
X-LaunchDarkly-Wrapper
react-client-sdk/2.29.4
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:40 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache
MISS
content-length
199
x-served-by
cache-fra-etou8220103-FRA, cache-fra-eddf8230159-FRA
x-timer
S1712312620.396725,VS0,VE10
etag
"0dbb"
access-control-max-age
3600
access-control-allow-methods
OPTIONS, GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Authorization, Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits
0
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4FKBBG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 Apr 2024 10:23:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Pg1MHDpg+UGdovxhidM4Kg==
age
18594
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6839
x-ms-lease-status
unlocked
last-modified
Thu, 04 Apr 2024 06:34:30 GMT
server
cloudflare
etag
0x8DC547148737062
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c2e65132-501e-008b-6caa-863dee000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
86f8d2f55b6535d5-WAW
landing
pagead2.googlesyndication.com/pagead/ 		42 B
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p2p5&rnd=1688209748.1712312620&url=https%3A%2F%2Fmy.qred.be%2Fbank-integration&dma_cps=-&dma=1&npa=1&gtm=45He4430n81T4FKBBGv855725778za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4FKBBG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 05 Apr 2024 10:23:40 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
destination
www.googletagmanager.com/gtag/ 		218 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-580717790&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4FKBBG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1269aa4a0c3ce658927f9d1df1655f12e87504ef886a8824d98429441bd6d8b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80287
x-xss-protection
0
last-modified
Fri, 05 Apr 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 05 Apr 2024 10:23:40 GMT
js
www.googletagmanager.com/gtag/ 		283 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X4BDCSZVEN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4FKBBG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
857fa22727b3af77bef19aaf6313d250abd48a6b08f6442b09facdcbd9df1dd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97733
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 05 Apr 2024 10:23:40 GMT
settings.js
dev.visualwebsiteoptimizer.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=560967&settings_type=1&vn=7.0
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-d1ccd4b32dadfc2ef0e993bd5f5fe0d4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
83baaaead377b303d9111a74dae5f3924a78426a785b7677ea5068c36f018ac5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:40 GMT
content-encoding
gzip
via
1.1 google
server
gams1
etag
W/"1712311299"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1c13575c-8d6d-470b-8bc9-7180f93e9495.json
cdn.cookielaw.org/consent/1c13575c-8d6d-470b-8bc9-7180f93e9495/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/1c13575c-8d6d-470b-8bc9-7180f93e9495/1c13575c-8d6d-470b-8bc9-7180f93e9495.json
Requested by
Host: my.qred.be
URL: https://my.qred.be/assets/vendor-14fe276c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23a85572a802fdd581bcef5ca99af4711f3af3268d90929c904acd45af0360cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 Apr 2024 10:23:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
bs8k7L5EGmYRLaBKGoWTNA==
content-length
1668
x-ms-lease-status
unlocked
last-modified
Thu, 04 Apr 2024 15:59:27 GMT
server
cloudflare
etag
0x8DC54C0349F93A6
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d60c937e-501e-00a4-57a9-863025000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
86f8d2f609883bb7-WAW
expires
Sat, 06 Apr 2024 10:23:40 GMT
collect
sgtm.qred.be/g/ 		65 B
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sgtm.qred.be/g/collect?v=2&tid=G-X4BDCSZVEN&gtm=45je4430v870485198z8855725778za200&_p=1712312619735&gcs=G100&gcd=13q3qPq2q5&npa=1&dma_cps=-&dma=1&gtm_up=1&cid=927365154.1712312620&ecid=1365808294&ul=en-us&sr=800x600&_fplc=0&ir=1&ur=DE-BE&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&ec_mode=c&_eu=EA&sst.uc=DE&sst.rnd=1688209748.1712312620&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13q3qPq2q5&sst.adr=1&sst.tft=1712312619735&sst.ude=0&_s=1&sid=1712312620&sct=1&seg=0&dl=https%3A%2F%2Fmy.qred.be%2Fbank-integration&dt=Qred%20%7C%20My%20Qred&en=page_view&_fv=1&_nsi=1&_ss=1&ep.vwo_id=&ep.url_w_utm=my.qred.be%2Fbank-integration&ep.posthog_cookies=%7B%22distinct_id%22%3A%22018eadc9-1498-76bd-8cce-23af3a45c0a2%22%7D&ep.consent=analytics_not_granted%2C%20marketing_not_granted&ep.user_data._tag_mode=MANUAL&tfd=1110&richsstsse
Requested by
Host: my.qred.be
URL: https://my.qred.be/assets/vendor-14fe276c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.158.227.185 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-227-185.lb.nl-ams.scw.cloud
Software
/
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:40 GMT
x-content-type-options
nosniff
content-type
text/plain
access-control-allow-origin
https://my.qred.be
cache-control
no-cache
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-accel-buffering
no
css2
fonts.googleapis.com/ 		3 KB
866 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2acd99e5f913a403cc1d99fedad728e0d4baac2ca60c6d0ebac87b51fffd3228
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Apr 2024 10:23:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Apr 2024 09:04:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Apr 2024 10:23:40 GMT
3462817.js
js.hs-scripts.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/3462817.js
Requested by
Host: my.qred.be
URL: https://my.qred.be/assets/index-d10470a7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:89d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc99fd44dd12fe042846036d0bd5f8c9ccd901e69cc6c2503e4d18e6c093bbba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
99e8f4de-7569-45f4-8a9b-63fdffe2c359
x-envoy-upstream-service-time
7
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
99e8f4de-7569-45f4-8a9b-63fdffe2c359
last-modified
Fri, 05 Apr 2024 10:20:39 GMT
server
cloudflare
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://my.qred.be
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-697677dfc-6hg26
access-control-allow-credentials
true
cache-control
public, max-age=90
cf-ray
86f8d2f6684835ab-WAW
expires
Fri, 05 Apr 2024 10:25:10 GMT
xs2a-app-launcher.js
x.klarnacdn.net/xs2a/app-launcher/v0/ 		423 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.klarnacdn.net/xs2a/app-launcher/v0/xs2a-app-launcher.js
Requested by
Host: my.qred.be
URL: https://my.qred.be/assets/index-d10470a7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:ba00:1e:5ae:1e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c011c1eb138664dc06a37726a2a06124c10149fbf3b883d1640f37d0e84c181f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
dycrzoqQWj4yYg4NXWLJ2R2EfZVpqusZ
content-encoding
gzip
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
date
Fri, 05 Apr 2024 10:16:37 GMT
x-amz-cf-pop
PRG50-C1
age
516
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 04 Apr 2024 13:40:00 GMT
server
AmazonS3
etag
W/"eb900fe25a91bf62a740582451ae5ebf"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600
x-amz-cf-id
b_Oq8VeSD-VHXu1umh5WmG_lqwqQppo5jGamghmQXxHn66EWSeD6Zw==
/
o294555.ingest.sentry.io/api/5523729/envelope/ 		2 B
56 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o294555.ingest.sentry.io/api/5523729/envelope/?sentry_key=37cdcd5ee4e94ecb8c748666a244bfd9&sentry_version=7&sentry_client=sentry.javascript.react%2F7.77.0
Requested by
Host: my.qred.be
URL: https://my.qred.be/assets/vendor-14fe276c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 05 Apr 2024 10:23:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
/
o294555.ingest.sentry.io/api/5523729/envelope/ 		41 B
98 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o294555.ingest.sentry.io/api/5523729/envelope/?sentry_key=37cdcd5ee4e94ecb8c748666a244bfd9&sentry_version=7&sentry_client=sentry.javascript.react%2F7.77.0
Requested by
Host: my.qred.be
URL: https://my.qred.be/assets/vendor-14fe276c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0d794a9e6db1ab267ba795b72d285023c8eac38220e1aee88562ec273203c5f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41
destination
www.googletagmanager.com/gtag/ 		278 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-S3FT0WX2JL&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4FKBBG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b6b309491e1d023909bebdcc51dea023e73e0e80a00f2aebe3031704ca03dd89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96922
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 05 Apr 2024 10:23:40 GMT
collect
sgtm.qred.be/g/ 		65 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sgtm.qred.be/g/collect?v=2&tid=G-X4BDCSZVEN&gtm=45je4430v870485198z8855725778za200&_p=1712312619735&gcs=G100&gcd=13q3qPq2q5&npa=1&dma_cps=-&dma=1&ul=NL_BE&gtm_up=1&cid=927365154.1712312620&ecid=1365808294&sr=800x600&_fplc=0&ir=1&ur=DE-BE&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&ec_mode=c&_eu=EA&sst.uc=DE&sst.rnd=1688209748.1712312620&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13q3qPq2q5&sst.adr=1&sst.tft=1712312619735&sst.ude=0&_s=2&sid=1712312620&sct=1&seg=0&dl=https%3A%2F%2Fmy.qred.be%2Fbank-integration%3FmyQred_locale%3Dnl-BE&dt=Qred%20%7C%20My%20Qred&en=myQred_bank_integration_public&ep.vwo_id=&ep.url_w_utm=my.qred.be%2Fbank-integration&ep.posthog_cookies=%7B%22distinct_id%22%3A%22018eadc9-1498-76bd-8cce-23af3a45c0a2%22%7D&ep.consent=analytics_not_granted%2C%20marketing_not_granted&ep.market=BE&ep.action_name=bank_integration_failed&ep.product=loan&_et=45&ep.user_data._tag_mode=MANUAL&tfd=1165&richsstsse
Requested by
Host: my.qred.be
URL: https://my.qred.be/assets/vendor-14fe276c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.158.227.185 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-227-185.lb.nl-ams.scw.cloud
Software
/
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:40 GMT
x-content-type-options
nosniff
content-type
text/plain
access-control-allow-origin
https://my.qred.be
cache-control
no-cache
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-accel-buffering
no
settings.js
dev.visualwebsiteoptimizer.com/ 		2 KB
921 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=560967&settings_type=2&vn=7.0&u=https%3A%2F%2Fmy.qred.be%2Fbank-integration%3FmyQred_locale%3Dnl-BE&exc=134
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-d1ccd4b32dadfc2ef0e993bd5f5fe0d4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
e8ca9c844dd0db8f8eb435bdb183574c3a3ebb818a426de0babd616aaf9ff758

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:40 GMT
content-encoding
gzip
via
1.1 google
server
gams1
etag
W/"1712311299"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjkyMzg0OTkwLWYzMzYtMTFlZS1hYjhhLWZkZjc4M2NjNzI2NSJ9
clientstream.launchdarkly.com/eval/6053a56c427dc00dba3527fb/ 		498 B
0 		EventSource
General
Check archive.org
Download Go to
Full URL
https://clientstream.launchdarkly.com/eval/6053a56c427dc00dba3527fb/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjkyMzg0OTkwLWYzMzYtMTFlZS1hYjhhLWZkZjc4M2NjNzI2NSJ9
Requested by
Host: my.qred.be
URL: https://my.qred.be/bank-integration?myQred_locale=nl-BE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.213.252 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa1ba9bef7b18c265.awsglobalaccelerator.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
text/event-stream
Cache-Control
no-cache
Referer
https://my.qred.be/
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:40 GMT
strict-transport-security
max-age=31536000
ld-region
eu-west-1
access-control-max-age
300
access-control-allow-methods
GET,OPTIONS
content-type
text/event-stream; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-content-length
557
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		72 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: my.qred.be
URL: https://my.qred.be/assets/vendor-14fe276c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bd5068ee3f41ad2ed4f003c13c4e939021c77f7a69ac82d25211c72868b520e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept
application/json
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
86f8d2f6c84158e4-TXL
access-control-allow-headers
Content-Type
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://my.qred.be
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 04:02:19 GMT
x-content-type-options
nosniff
age
541281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Mar 2025 04:02:19 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://my.qred.be
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 07:42:03 GMT
x-content-type-options
nosniff
age
528097
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Mar 2025 07:42:03 GMT
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-S3FT0WX2JL&gtm=45je4430v876301780z8855725778za200&_p=1712312619735&gcs=G100&gcd=13q3qPq2q5&npa=1&dma_cps=-&dma=1&ul=NL_BE&gtm_up=1&cid=927365154.1712312620&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_s=1&sid=1712312620&sct=1&seg=0&dl=https%3A%2F%2Fmy.qred.be%2Fbank-integration%3FmyQred_locale%3Dnl-BE&dt=Qred%20%7C%20My%20Qred&en=myQred_bank_integration_public&_fv=1&_ss=1&ep.market=BE&ep.action_name=bank_integration_failed&ep.product=loan&tfd=1323
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-S3FT0WX2JL&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 05 Apr 2024 10:23:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://my.qred.be
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202303.1.0/ 		407 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202303.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
099d33a1d679bcfa3722a172d91742af80d45166f760db1512e4944a9d95bc23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 Apr 2024 10:23:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
12zQcT/rVMicuxojEvnp3g==
age
18468
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
100389
x-ms-lease-status
unlocked
last-modified
Tue, 18 Apr 2023 02:32:15 GMT
server
cloudflare
etag
0x8DB3FB51FD9A927
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
28d3babc-501e-0022-05ac-12fc9c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
86f8d2f73dd835d5-WAW
3462817.js
js.hs-analytics.net/analytics/1712312400000/ 		70 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1712312400000/3462817.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3462817.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4dba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2937136073547bff76118d1df20b8eceae10e317f423452b3e949f9883172b63

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:40 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
KFCK5YBH23Y7CSKG
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
d569e128-a15a-4308-8183-bafd83dc7fbf
age
180
x-envoy-upstream-service-time
19
x-amz-id-2
BDC8Y31bL3+0WWdh842tcYBb9/74aTkWLmeOzauwdrIwcLXJ6j729SB4uHuv4xFT9HKD2CyeJEkDquj+fNNjOWSHUlfqCNJWyLp48vHD3Rg=
x-evy-trace-listener
listener_https
x-request-id
d569e128-a15a-4308-8183-bafd83dc7fbf
x-evy-trace-route-configuration
listener_https/all
last-modified
Wed, 03 Apr 2024 15:49:02 GMT
server
cloudflare
etag
W/"197abdfccbf5a8177190123746518f1c"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6685c9958f-snf7h
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
86f8d2f7fa38356f-WAW
expires
Fri, 05 Apr 2024 10:25:39 GMT
feedbackweb-new.js
js.hubspotfeedback.com/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hubspotfeedback.com/feedbackweb-new.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3462817.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:e07c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0297de75f16cd89bc46df7ca5bfd2792ffe130d6fc17b9dbbe1b5ba38ea8384
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
Origin
https://my.qred.be
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:40 GMT
x-amz-version-id
woxqGVIuPPWqODpBjk06ut5LmVXIAXDU
via
1.1 9d2dee9b44718f249b789987d2cbe62c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
MISS
x-amz-cf-pop
IAD12-P3
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
d1ac5d4b-7234-4766-8618-3145d6dd0021
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=feedback-web-renderer-ui/static-1.19005/bundles/popupInjector.js&cfRay=86f8d2f7fbc68866-WAW
x-cache
Hit from cloudfront
cache-tag
staticjsapp-feedback-web-renderer-script-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
0
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
d1ac5d4b-7234-4766-8618-3145d6dd0021
last-modified
Tue, 02 Apr 2024 08:27:16 UTC
server
cloudflare
etag
W/"43787c0b584f4acd04cc45938793f0dd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
x-hs-cache-status
HIT
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-6q8hm
cf-ray
86f8d2f7fbc68866-WAW
x-amz-cf-id
f75rLqKReeJLt7iGdjVu98aDntnE7U2bum1B5MZcPJ9m_VCyOje6rQ==
x-hs-target-asset
feedback-web-renderer-ui/static-1.19005/bundles/popupInjector.js
leadflows.js
js.hsleadflows.net/ 		551 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3462817.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8d11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efb5dc6835aeb8a8e1615ca49df1828cfaf708dc73651c5f1c651f2d2ab3907a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
Origin
https://my.qred.be
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1338/bundle/main/lead-flows-release.js&cfRay=86f8d2f7fa35bfeb-WAW
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"d252299cef5b9176cf0435e72e0baeeb"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=86400, max-age=0
x-hs-target-asset
lead-flows-js/static-1.1338/bundle/main/lead-flows-release.js
date
Fri, 05 Apr 2024 10:23:41 GMT
x-amz-version-id
FzXUOelq5PzvbDhLOc3Au0ThiCBuXHAc
via
1.1 76e55a2361219fb19722e949475d1844.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
MISS
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
84001975-682a-462f-af1e-7a87e0aaff90
x-cache
Hit from cloudfront
cache-tag
staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
12
x-evy-trace-route-configuration
listener_https/all
x-request-id
84001975-682a-462f-af1e-7a87e0aaff90
last-modified
Wed, 03 Apr 2024 09:27:53 UTC
server
cloudflare
access-control-max-age
3000
x-hs-cache-status
MISS
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-wwmrm
cf-ray
86f8d2f7fa35bfeb-WAW
x-amz-cf-id
xMculXfxQhd2s7yWui7vkswt_x175Z7WJCZnyS9laaPWU1jK3FCwuw==
web-interactives-embed.js
js.hubspot.com/ 		84 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hubspot.com/web-interactives-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3462817.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65390c3b5e18df070a11dd947ca2f91668714ee2a8575956b93c8b1590b9532c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
Origin
https://my.qred.be
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.995/bundles/project.js&cfRay=86f8d2f7ef530063-WAW
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"d838571cd390adf273ef11f2c93c66a2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-hs-target-asset
web-interactives-embed/static-2.995/bundles/project.js
date
Fri, 05 Apr 2024 10:23:40 GMT
x-amz-version-id
e6CBI7TNV0080vUb0QC9_Ce844NXultr
via
1.1 73c5607bdb5db0d651e25c848846d554.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
ef18f329-716e-4658-8e1c-11061c0e4ebb
x-cache
Hit from cloudfront
cache-tag
staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
1
x-evy-trace-route-configuration
listener_https/all
x-request-id
ef18f329-716e-4658-8e1c-11061c0e4ebb
last-modified
Wed, 20 Mar 2024 13:03:05 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fzxk0dXlj4WEUOW1CgC48HGqbv19QRTF9POw%2BRM%2BpYeasoL%2FCZ%2F%2FegsqblGMUy%2FYSVo0Lj4cGkYiVRK89l1qQGOfeD5mkoGZb1LQpK7hwDYP21V7x4TYz6IorSVKJ77vJ4dnXfOf%2FaNXSOCn"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-gxvrq
cf-ray
86f8d2f7ef530063-WAW
x-amz-cf-id
MxnRY11TYNtcTYFo5SzREvL6hSPijirurLG7LEZlbsIH30-Itmdkqw==
banner.js
js.hs-banner.com/v2/3462817/ 		72 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/3462817/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3462817.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e107eb0b244fa420ef1430cf02c4367056ebf252bf26ea6aba2edab72415aa8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:40 GMT
x-amz-version-id
UQquBJjfSEKd.vv_moZ8yndS8tA2WHCq
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
CTZGYWN49GB6V3CZ
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
0debb953-8bf6-4a20-bc61-6e4b9adff1e7
x-envoy-upstream-service-time
42
x-amz-id-2
z4+yiBMb+SIFc9MNOkXrDFEmq6zTT7qFw5wRdsCHF/vg8efhZgB+2r7o5SLR+c+kZYEM9F+xn64=
x-evy-trace-listener
listener_https
x-request-id
0debb953-8bf6-4a20-bc61-6e4b9adff1e7
x-evy-trace-route-configuration
listener_https/all
last-modified
Wed, 06 Mar 2024 15:31:57 GMT
server
cloudflare
etag
W/"dd12431e817822a532aa06cb22374a89"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://my.qred.se
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-phrfm
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
86f8d2f7aa3a4541-TXL
expires
Fri, 05 Apr 2024 10:23:59 GMT
conversations-embed.js
js.usemessages.com/ 		86 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3462817.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f8a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
403922c6b98df856e32e5c55b2adbbd606b2b6015d68bdba5b86937e01cae759
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:40 GMT
x-amz-version-id
2FckjLW8AR1e54eJlI4zfay3hJjdnyiE
via
1.1 7c77abdf1c625c25627fe2a24e660a34.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
IAD12-P3
age
465
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.16005/bundles/project.js&cfRay=86f8c798dfbe34b0-WAW
x-cache
Hit from cloudfront
x-hubspot-correlation-id
fd8867d1-ea84-45b8-bfd9-fee659da6634
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
1
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
fd8867d1-ea84-45b8-bfd9-fee659da6634
last-modified
Thu, 04 Apr 2024 16:23:45 UTC
server
cloudflare
etag
W/"44d0c764fb068d11bab3ad399cee412f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-6zsl2
cf-ray
86f8d2f7fe9c772d-WAW
x-amz-cf-id
k5Ipl1btpBN9iA8rbScdVOzMqiUZgqwo0oYA_UjmbYVcu5hT85lgVQ==
x-hs-target-asset
conversations-embed/static-1.16005/bundles/project.js
nl.json
cdn.cookielaw.org/consent/1c13575c-8d6d-470b-8bc9-7180f93e9495/7ad8f284-5b87-4ec9-b372-d7cf9c456140/ 		58 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/1c13575c-8d6d-470b-8bc9-7180f93e9495/7ad8f284-5b87-4ec9-b372-d7cf9c456140/nl.json
Requested by
Host: my.qred.be
URL: https://my.qred.be/assets/vendor-14fe276c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdb719b9f9f4c4e502e1fd573da849e70c5ed638dc80e5176f99337ebe8842eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 Apr 2024 10:23:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
vODwQaFPzc7e8l8KpeEb8A==
content-length
15637
x-ms-lease-status
unlocked
last-modified
Thu, 04 Apr 2024 15:59:32 GMT
server
cloudflare
etag
0x8DC54C037F08964
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
0311bdb4-801e-0053-46aa-861ab7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
86f8d2f7bc243bb7-WAW
expires
Sat, 06 Apr 2024 10:23:40 GMT
public
api.hubspot.com/livechat-public/v1/message/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=3462817&conversations-embed=static-1.16005&mobile=false&messagesUtk=af479bfcd7d24ce5b6a8d1ba61b0bd79&traceId=af479bfcd7d24ce5b6a8d1ba61b0bd79
Requested by
Host: my.qred.be
URL: https://my.qred.be/assets/vendor-14fe276c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4d6e260145312754a4ac70c6f0dac06921556d0c72b5e42d82ce2cf41a8cc7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
X-HubSpot-Messages-Uri
https://my.qred.be/bank-integration?myQred_locale=nl-BE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
c3ea30f5-f35d-4ae7-ae78-cb6edfe90926
x-envoy-upstream-service-time
244
content-length
1801
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
c3ea30f5-f35d-4ae7-ae78-cb6edfe90926
server
cloudflare
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://my.qred.be
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-697677dfc-qkcn2
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9XscDNf0uvnrYG6%2F%2BTJ2eTgL0d8k4sFJgLE9iruMFeB34iPYTiBpBd3Fy1W05dIwXTBmN4BFvQY46twtuLMf1Gy%2Bq8rrZmFIcdShF1hWlZ%2BuVPLzGSYl6Ec4zHqtpjUcXOPDCKAwa0O65LLVYw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
86f8d2f989360063-WAW
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
public
api.hubspot.com/livechat-public/v1/message/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=3462817&conversations-embed=static-1.16005&mobile=false&messagesUtk=af479bfcd7d24ce5b6a8d1ba61b0bd79&traceId=af479bfcd7d24ce5b6a8d1ba61b0bd79
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-hubspot-messages-uri
Access-Control-Request-Method
GET
Origin
https://my.qred.be
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://my.qred.be
allow
HEAD,GET,OPTIONS
cf-cache-status
DYNAMIC
cf-ray
86f8d2f858020063-WAW
content-length
18
content-type
text/plain; charset=utf-8
date
Fri, 05 Apr 2024 10:23:41 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XWUXYZhx3Zde8%2BwQVfrIgAPnaiY%2FIfc6FoBXT0zwCrFxPeVTBZ1Avxo%2BQB%2FPG1A61c%2B9H%2FjukDBMyvoBKR%2FimoupZofp6KXAwYqSi3jnvnBQ5U7i5Shvoo9IzpDORxA8sedf%2BW%2FHqNwrpfp8hw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
10
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-697677dfc-ftmp7
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
e1d4b370-1868-42f5-93da-6a189167254b
x-request-id
e1d4b370-1868-42f5-93da-6a189167254b
/
o294555.ingest.sentry.io/api/5523729/envelope/ 		2 B
20 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o294555.ingest.sentry.io/api/5523729/envelope/?sentry_key=37cdcd5ee4e94ecb8c748666a244bfd9&sentry_version=7&sentry_client=sentry.javascript.react%2F7.77.0
Requested by
Host: my.qred.be
URL: https://my.qred.be/assets/vendor-14fe276c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 05 Apr 2024 10:23:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
/
o294555.ingest.sentry.io/api/5523729/envelope/ 		2 B
20 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o294555.ingest.sentry.io/api/5523729/envelope/?sentry_key=37cdcd5ee4e94ecb8c748666a244bfd9&sentry_version=7&sentry_client=sentry.javascript.react%2F7.77.0
Requested by
Host: my.qred.be
URL: https://my.qred.be/assets/vendor-14fe276c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 05 Apr 2024 10:23:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
settings.js
dev.visualwebsiteoptimizer.com/ 		2 KB
921 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=560967&settings_type=2&vn=7.0&u=https%3A%2F%2Fmy.qred.be%2Fbank-integration&exc=134
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-d1ccd4b32dadfc2ef0e993bd5f5fe0d4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
e8ca9c844dd0db8f8eb435bdb183574c3a3ebb818a426de0babd616aaf9ff758

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:40 GMT
content-encoding
gzip
via
1.1 google
server
gams1
etag
W/"1712311299"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
combinedConfigs
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 		433 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=3462817&currentUrl=https%3A%2F%2Fmy.qred.be%2Fbank-integration
Requested by
Host: my.qred.be
URL: https://my.qred.be/assets/vendor-14fe276c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4bf8910a202b24bd61be26e28eaa8c5f83a48d78999b2693a9cbdf4c9910cf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
71f5b1c8-29e2-48b1-99d9-a757c87b3c8b
content-encoding
br
x-envoy-upstream-service-time
8
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
71f5b1c8-29e2-48b1-99d9-a757c87b3c8b
server
cloudflare
vary
origin
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-allow-origin
https://my.qred.be
x-evy-trace-virtual-host
all
access-control-max-age
180
access-control-allow-credentials
true
cache-control
max-age=0, no-cache, no-store
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FUjzDx4qd2wiP6L3yg02F%2BrY7owu7LLwRag%2FP89loah5tqD7zku%2BYJyHRwSUGvpSeLUzOqcv5wkTYR3qeMwu%2F%2FsoDNYDFIJuASqLWs0qDyETSLs%2Fi51wqMAktM5T02nxjI6J%2BDukbAIRf%2Bx67daza7xupyewz5p3%2FuM%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag
noindex, follow
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray
86f8d2f8f8cc0063-WAW
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-9fd6b4b-qpnsw
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/202303.1.0/assets/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202303.1.0/assets/otCenterRounded.json
Requested by
Host: my.qred.be
URL: https://my.qred.be/assets/vendor-14fe276c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4f86e9ccc5e942b4003bd9fed721d599fdeb7bcc1a2db63a95cba24de5f828
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 Apr 2024 10:23:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
RDJTQu0rTVB85tiZ/K6VYg==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2639
x-ms-lease-status
unlocked
last-modified
Tue, 18 Apr 2023 02:32:08 GMT
server
cloudflare
etag
0x8DB3FB51B94828F
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
1fb6ac85-201e-004a-15fe-869a0c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
86f8d2f92e553bb7-WAW
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202303.1.0/assets/v2/ 		61 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202303.1.0/assets/v2/otPcCenter.json
Requested by
Host: my.qred.be
URL: https://my.qred.be/assets/vendor-14fe276c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b382967162c482928529c765a21bf9ae4141dd1ccbdbf480140bdbd67eab8991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 Apr 2024 10:23:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
94mqEGmIxKb0iFeUZrbqtw==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12540
x-ms-lease-status
unlocked
last-modified
Tue, 18 Apr 2023 02:32:10 GMT
server
cloudflare
etag
0x8DB3FB51C6E493B
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
d8fef464-701e-0047-3957-7952d8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
86f8d2f92e573bb7-WAW
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202303.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202303.1.0/assets/otCommonStyles.css
Requested by
Host: my.qred.be
URL: https://my.qred.be/assets/vendor-14fe276c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 Apr 2024 10:23:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
gzip
content-md5
XcxlleAcPGO2n5kTZrHH2Q==
x-ms-lease-status
unlocked
last-modified
Tue, 18 Apr 2023 02:32:19 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
4e6331fd-801e-001e-6936-7cd55b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
86f8d2f92e593bb7-WAW
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://my.qred.be
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 10:56:42 GMT
x-content-type-options
nosniff
age
516419
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Mar 2025 10:56:42 GMT
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
490 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: my.qred.be
URL: https://my.qred.be/assets/vendor-14fe276c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 Apr 2024 10:23:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
x-ms-lease-status
unlocked
last-modified
Thu, 04 Apr 2024 19:42:37 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
b41bab98-901e-004f-63e4-8648d7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
86f8d2f9df543bb7-WAW
logo_qred_text_primary_png.png
cdn.cookielaw.org/logos/0a762585-bc72-4852-a610-2fad218d44fe/92b8fea3-1b4e-439e-9068-fff8cf9249d8/576010c7-9206-40ce-8a4b-624944f48fdb/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/0a762585-bc72-4852-a610-2fad218d44fe/92b8fea3-1b4e-439e-9068-fff8cf9249d8/576010c7-9206-40ce-8a4b-624944f48fdb/logo_qred_text_primary_png.png
Requested by
Host: my.qred.be
URL: https://my.qred.be/bank-integration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4987dc5d0043f4028da94da2c84533851c9040a58e0234aafe19bfa03e3e96d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 Apr 2024 10:23:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
NZvU5KSpmEgJCQic7MNwOg==
age
7285
content-length
1762
x-ms-lease-status
unlocked
last-modified
Thu, 23 Dec 2021 14:32:53 GMT
server
cloudflare
etag
0x8D9C6211B10AA91
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
3e727f69-601e-0006-7a57-790a3c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
86f8d2f9ea1835d5-WAW
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: my.qred.be
URL: https://my.qred.be/bank-integration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 Apr 2024 10:23:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
18592
x-ms-lease-status
unlocked
last-modified
Thu, 04 Apr 2024 06:34:37 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
8071eade-d01e-0061-3dc3-861ac0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
86f8d2f9ea1c35d5-WAW
counters.gif
perf-na1.hsforms.com/embed/v3/ 		35 B
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1
Requested by
Host: my.qred.be
URL: https://my.qred.be/bank-integration
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.192.125 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
c97349e3-2dbe-46e2-82a7-b70e6cf4f524
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
c97349e3-2dbe-46e2-82a7-b70e6cf4f524
last-modified
Fri, 05 Apr 2024 10:23:41 GMT
server
cloudflare
vary
origin, Accept-Encoding
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-9fd6b4b-srbbm
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
none
cf-ray
86f8d2fa49bc3546-WAW
6053a56c427dc00dba3527fb
events.launchdarkly.com/events/diagnostic/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/diagnostic/6053a56c427dc00dba3527fb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
35.174.236.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-236-115.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
POST
Origin
https://my.qred.be
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Fri, 05 Apr 2024 10:23:41 GMT
strict-transport-security
max-age=31536000
6053a56c427dc00dba3527fb
events.launchdarkly.com/events/diagnostic/ 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/diagnostic/6053a56c427dc00dba3527fb
Requested by
Host: my.qred.be
URL: https://my.qred.be/assets/vendor-14fe276c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
35.174.236.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-236-115.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.24.2
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://my.qred.be/
X-LaunchDarkly-Wrapper
react-client-sdk/2.29.4
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:41 GMT
strict-transport-security
max-age=31536000
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0
3462817.js
js-na1.hs-scripts.com/ 		3 KB
806 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-na1.hs-scripts.com/3462817.js
Requested by
Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1712312400000/3462817.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:89d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76ffa947d10fb7c40aba2d81149b1e636fb986f8c8017b95430449d5e5c2c538
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
x-hubspot-correlation-id
2075a64d-dbf0-4a16-88ac-ee8fd8aa4f66
x-evy-trace-route-service-name
envoyset-translator
cf-polished
origSize=3009
age
6647
x-envoy-upstream-service-time
5
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
2075a64d-dbf0-4a16-88ac-ee8fd8aa4f66
cf-bgj
minify
last-modified
Fri, 05 Apr 2024 08:32:54 GMT
server
cloudflare
access-control-max-age
3600
vary
origin, Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://my.qred.dk
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-697677dfc-jx4fw
x-evy-trace-virtual-host
all
access-control-allow-credentials
true
cf-ray
86f8d2fc296235ab-WAW
feedback-web-fetcher
app.hubspot.com/ Frame 1320 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://app.hubspot.com/feedback-web-fetcher
Requested by
Host: js.hubspotfeedback.com
URL: https://js.hubspotfeedback.com/feedbackweb-new.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options no-sniff

Request headers

Referer
https://my.qred.be/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
42798
cache-control
max-age=0, no-cache, no-store
cf-cache-status
HIT
cf-ray
86f8d2fc9bf83bb7-WAW
content-encoding
br
content-security-policy-report-only
script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: *.fullstory.com fullstory.com apis.google.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=feedback-web-renderer-ui/static-1.19005/html/fetcher.html&cfRay=86f8d2fc9bf83bb7&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Ffeedback-web-fetcher&referrer=https%3A%2F%2Fmy.qred.be%2F&cfenv=prod&pdt=2024-04-05&csp=ro
content-type
text/html; charset=utf-8
date
Fri, 05 Apr 2024 10:23:41 GMT
expires
Sat, 06 Apr 2024 10:23:41 GMT
last-modified
Mon, 01 Apr 2024 20:02:31 GMT
nel
{"report_to":"nel","max_age":86400}
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]} {"group":"nel","max_age":86400,"endpoints":[{"url":"https://nel.hsbrowserreports.com/browser/reporting/reports"}]}
reporting-endpoints
default="https://send.hsbrowserreports.com/csp/reports?cfRay=86f8d2fc9bf83bb7&resource=feedback-web-renderer-ui/static-1.19005/html/fetcher.html"
server
cloudflare
server-timing
cfr;desc=86f8d2fc9bf83bb7, d;desc="feedback-web-renderer-ui#26e33568-2d21-414d-8baf-14a46158dfcd"
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 cf275c3404dbe6c17a831886bac6a64c.cloudfront.net (CloudFront)
x-amz-cf-id
Tqq8nw5jN9XCPloWJ0tn2GchxU-472HE0jbB6nPRUwTs691QL2nwnA==
x-amz-cf-pop
AMS58-P5
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
TCtWrRShjoRSAyVhSRSGO21nYhMQmEMl
x-cache
Hit from cloudfront
x-content-type-options
no-sniff
x-hs-target-asset
feedback-web-renderer-ui/static-1.19005/html/fetcher.html
x-hs-worker-debug-mode
false
__ptq.gif
track.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=800x600&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2604799944&v=1.1&a=3462817&pu=https%3A%2F%2Fmy.qred.be%2Fbank-integration&t=Qred+%7C+My+Qred&cts=1712312621436&vi=f9d9a78941205ffc43dcdf71f035ea18&nc=true&u=2372847.f9d9a78941205ffc43dcdf71f035ea18.1712312621435.1712312621435.1712312621435.1&b=2372847.1.1712312621435&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
2f0be245-29ec-414f-a0c1-6e108de8bbfd
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
11
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
2f0be245-29ec-414f-a0c1-6e108de8bbfd
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3iRc22yq7hxS8sZ8L2YpQbcsxEtytawPJclEHULzDRfyUG16f2Yyj3wQN94fI0shxhZMYkgwfLH%2Fx29D1RBVeUIPjGvqtSPJEQCSDDDU6wmPm0yoYL8O2p%2FG5BYlzIs%2FUK9DIUlTSavhNyqETkko"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-vbhj6
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
86f8d2fc8f4e3482-WAW
x-robots-tag
none
af479bfcd7d24ce5b6a8d1ba61b0bd79
app.hubspot.com/conversations-visitor/3462817/threads/utk/ Frame BE9A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://app.hubspot.com/conversations-visitor/3462817/threads/utk/af479bfcd7d24ce5b6a8d1ba61b0bd79?uuid=a6086ceb71e74405b57c20174b898318&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=my.qred.be&inApp53=false&messagesUtk=af479bfcd7d24ce5b6a8d1ba61b0bd79&url=https%3A%2F%2Fmy.qred.be%2Fbank-integration&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=true&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=true&isInCMS=false
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options no-sniff

Request headers

Referer
https://my.qred.be/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-credentials
false
age
1567
cache-control
max-age=600
cache-tag
staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status
DYNAMIC
cf-ray
86f8d2fc9bfd3bb7-WAW
content-encoding
br
content-security-policy-report-only
script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.18460/html/index.html&cfRay=86f8d2fc9bfd3bb7&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F3462817%2Fthreads%2Futk%2Faf479bfcd7d24ce5b6a8d1ba61b0bd79%3Fuuid%3Da6086ceb71e74405b57c20174b898318%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D%26domain%3Dmy.qred.be%26inApp53%3Dfalse%26messagesUtk%3Daf479bfcd7d24ce5b6a8d1ba61b0bd79%26url%3Dhttps%253A%252F%252Fmy.qred.be%252Fbank-integration%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dtrue%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dtrue%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fmy.qred.be%2F&cfenv=prod&pdt=2024-04-05&csp=ro
content-type
text/html; charset=utf-8
date
Fri, 05 Apr 2024 10:23:41 GMT
etag
W/"531aab81e76671ac4214a1a68b6691a1"
last-modified
Thu, 04 Apr 2024 16:23:45 UTC
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints
default="https://send.hsbrowserreports.com/csp/reports?cfRay=86f8d2fc9bfd3bb7&resource=conversations-visitor-ui/static-1.18460/html/index.html"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
via
1.1 3042bd56e0ca0a7910df89f6b5e95e9e.cloudfront.net (CloudFront)
x-amz-cf-id
OkdQ-7X3pRPl6gmzAQTPDg9GM_uzX83OXM8SKrW162S_OPb5sCQo8Q==
x-amz-cf-pop
IAD12-P3
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
Jb8aJVmT4nYaVUdg8fVRfsq3ARSkcWS0
x-cache
Hit from cloudfront
x-content-type-options
no-sniff
x-envoy-upstream-service-time
7
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-kgjsm
x-evy-trace-virtual-host
all
x-hs-cache-status
MISS
x-hs-target-asset
conversations-visitor-ui/static-1.18460/html/index.html
x-hs-worker-debug-mode
false
x-hubspot-correlation-id
94b2321b-ae78-4888-a3e3-bc4c37128811
x-request-id
94b2321b-ae78-4888-a3e3-bc4c37128811
collect
sgtm.qred.be/g/ 		65 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sgtm.qred.be/g/collect?v=2&tid=G-X4BDCSZVEN&gtm=45je4430v870485198za200&_p=1712312619735&gcs=G100&gcd=13q3qPq2q5&npa=1&dma_cps=-&dma=1&gtm_up=1&cid=927365154.1712312620&ecid=1365808294&ul=en-us&sr=800x600&_fplc=0&ir=1&ur=DE-BE&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&ec_mode=c&_eu=EEA&sst.uc=DE&sst.rnd=1688209748.1712312620&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13q3qPq2q5&sst.adr=1&sst.tft=1712312619735&sst.sp=1&sst.em_event=1&sst.ude=0&_s=3&sid=1712312620&sct=1&seg=0&dl=https%3A%2F%2Fmy.qred.be%2Fbank-integration%3FmyQred_locale%3Dnl-BE&dt=Qred%20%7C%20My%20Qred&en=scroll&ep.vwo_id=&ep.url_w_utm=my.qred.be%2Fbank-integration&ep.posthog_cookies=%7B%22distinct_id%22%3A%22018eadc9-1498-76bd-8cce-23af3a45c0a2%22%7D&ep.consent=analytics_not_granted%2C%20marketing_not_granted&epn.percent_scrolled=90&_et=9&ep.user_data._tag_mode=MANUAL&tfd=2128&richsstsse
Requested by
Host: my.qred.be
URL: https://my.qred.be/assets/vendor-14fe276c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.158.227.185 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-227-185.lb.nl-ams.scw.cloud
Software
/
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:41 GMT
x-content-type-options
nosniff
content-type
text/plain
access-control-allow-origin
https://my.qred.be
cache-control
no-cache
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-accel-buffering
no
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-S3FT0WX2JL&gtm=45je4430v876301780za200&_p=1712312619735&gcs=G100&gcd=13q3qPq2q5&npa=1&dma_cps=-&dma=1&gtm_up=1&cid=927365154.1712312620&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_eu=AEAE&_s=2&sid=1712312620&sct=1&seg=0&dl=https%3A%2F%2Fmy.qred.be%2Fbank-integration%3FmyQred_locale%3Dnl-BE&dt=Qred%20%7C%20My%20Qred&en=scroll&epn.percent_scrolled=90&_et=3&tfd=2132
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-S3FT0WX2JL&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 05 Apr 2024 10:23:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://my.qred.be
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
forms.hubspot.com/lead-flows-config/v1/config/ 		178 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=3462817&utk=f9d9a78941205ffc43dcdf71f035ea18&__hstc=2372847.f9d9a78941205ffc43dcdf71f035ea18.1712312621435.1712312621435.1712312621435.1&__hssc=2372847.1.1712312621435&currentUrl=https%3A%2F%2Fmy.qred.be%2Fbank-integration
Requested by
Host: my.qred.be
URL: https://my.qred.be/assets/vendor-14fe276c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb7e4764d8ff0f269222b0ffa265e726287fc3009e7af6a3949e4dcc3ca1390d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
9324a484-c2b2-4c42-a8b9-e0534394873d
content-encoding
br
x-envoy-upstream-service-time
21
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
9324a484-c2b2-4c42-a8b9-e0534394873d
server
cloudflare
vary
origin
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://my.qred.be
x-evy-trace-virtual-host
all
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-9fd6b4b-qpnsw
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mP%2F2NRY%2F8hx%2BrSzsFTi%2BqfYBNGxyWYoVFonL2uLHfaLgIreC8LlzJ%2BW0CNommALwlMNH8nsXBU4ZvGTl9414RxaHSrkzmvqv0U6ucTLTzBdb4YUpB%2FjNE4JLTykQ%2Bx%2F68%2B8nk564srP7UhAxLH8v"}],"group":"cf-nel","max_age":604800}
x-robots-tag
none
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray
86f8d2fcac7e0063-WAW
favicon.png
my.qred.be/ 		351 B
651 B 		Other
General
Check archive.org
Download Go to
Full URL
https://my.qred.be/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.161.82.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-39.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
19f911a1ed132343dcadc978905132d7d3ee290256e5caedca68fcc8baee09ce

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.qred.be/bank-integration
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 07:58:48 GMT
via
1.1 577d8c1d3279d6a0f53cebe01ead8c6e.cloudfront.net (CloudFront)
last-modified
Fri, 05 Apr 2024 07:55:19 GMT
server
AmazonS3
age
8694
x-amz-cf-pop
FRA56-P10
etag
"0cdb4be8f7d54e04b64ba9bebcc109c7"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
351
x-amz-cf-id
i8RcFJd44gsFOg0TTbr2y_797JPWkk5_krm1Zin4gMhDQ1f8GFyeQg==
6053a56c427dc00dba3527fb
events.launchdarkly.com/events/bulk/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/6053a56c427dc00dba3527fb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
35.174.236.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-236-115.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
POST
Origin
https://my.qred.be
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Fri, 05 Apr 2024 10:23:43 GMT
strict-transport-security
max-age=31536000
6053a56c427dc00dba3527fb
events.launchdarkly.com/events/bulk/ 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/6053a56c427dc00dba3527fb
Requested by
Host: my.qred.be
URL: https://my.qred.be/assets/vendor-14fe276c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
35.174.236.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-236-115.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-LaunchDarkly-Payload-ID
94257390-f336-11ee-ab8a-fdf783cc7265
X-LaunchDarkly-Event-Schema
3
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.24.2
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://my.qred.be/
X-LaunchDarkly-Wrapper
react-client-sdk/2.29.4
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:23:43 GMT
strict-transport-security
max-age=31536000
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 string| topLevelDomain string| domain string| market object| findGtm string| testGtmId boolean| isProd object| dataLayer number| settings_timer number| _vwo_settings_timer object| _vwo_code number| _vwo_acc_id object| vwoCode object| _vwo_style string| _vwo_css function| commonWrapper function| pushBasedCommonWrapper string| _vwo_cookieDomain string| _vwo_uuid number| _vwo_library_timer string| _vis_opt_file string| _vis_opt_lib undefined| vwo_e number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| VWO object| vwo_iehack_queue object| _vwo_exp_ids object| _vwo_exp object| VWOOmni object| scCGSHMRCache object| FontAwesomeConfig object| ___FONT_AWESOME___ object| regeneratorRuntime boolean| _pdfjsCompatibilityChecked string| __QRED_MARKET__ object| __SENTRY__ object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| vwo_$ string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment object| _vwo_evq function| _vwo_ev boolean| DISABLE_NATIVE_CONSTANTS object| _vwo_t object| _vwo_editorOperationTracker function| _vwo_handleMutations object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion function| _vis_opt_get_campaign_xPath number| _vis_opt_experiment_id boolean| _vwo_settings_timed_out object| OneTrustStub function| OptanonWrapper object| el function| onYouTubeIframeAPIReady object| gaGlobal object| hsConversationsOnReady object| hsConversationsSettings undefined| _vis_opt_url string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| _hsp object| XS2A object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran boolean| hubspot_live_messages_running object| HubSpotConversations object| _hsq object| _paq function| sanitizeKey boolean| _hstc_loaded object| hsFeedback object| onHsFeedbackReady boolean| hsFeedbackLoaded object| hsCtasOnReady object| __PRIVATE__HubspotCtaClient object| hsCallsToActionsReady object| __hsWebInteractiveInstance object| HubSpotCallsToActions boolean| hubspot_web_interactives_running object| Optanon object| OneTrust object| globalRoot undefined| hns function| bindToWindowOnError object| leadflows object| hubspot function| OutpostErrorReporter function| _registerAvailablePopup object| _availablePopups boolean| popupPoliceActive undefined| hns2 undefined| jade undefined| I18n undefined| Pikaday undefined| reqwest undefined| exports undefined| define boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN boolean| _hstc_ran string| __hsUserToken number| expireDateTime object| e boolean| LEAD_FLOW_DOCUMENT_READY_RAN

17 Cookies

Domain/Path Name / Value
.my.qred.be/ Name: _vwo_uuid_v2
Value: D5FDF3CCBF9578463566BE2FEA0B78505|2b6ce70442b899bb2d2a4751b0840b25
.qred.be/ Name: _vis_opt_s
Value: 1%7C
.qred.be/ Name: _vis_opt_test_cookie
Value: 1
.qred.be/ Name: _vwo_uuid
Value: D5FDF3CCBF9578463566BE2FEA0B78505
.qred.be/ Name: _vwo_ds
Value: 3%241712312620%3A18.8350023%3A%3A
.qred.be/ Name: _vwo_sn
Value: 0%3A4
.qred.be/ Name: _fbp
Value: fb.1.1712312620724.1660292252
.qred.be/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Fri+Apr+05+2024+12%3A23%3A41+GMT%2B0200+(Central+European+Summer+Time)&version=202303.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=ae878c8d-9267-4238-958e-bef34b53c2b1&interactionCount=0&landingPath=https%3A%2F%2Fmy.qred.be%2Fbank-integration&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0
.hsforms.com/ Name: __cf_bm
Value: 8SDop93erDpU3_pYVh8oSb.9H8kL3ZVbbrXikLaurVU-1712312621-1.0.1.1-3OgWu1TBzjfTvbhDk10OzSMiwQXwclsjkL_FM1oyHpVJH56EQ_PyQRioE5GqCKSovXO3LeCbgLoHSGe86._RBQ
.hsforms.com/ Name: _cfuvid
Value: G8rzmT_V4Y7IIlzow2XDNAqGFCDwPJke8y4u1zofZ2E-1712312621298-0.0.1.1-604800000
my.qred.be/ Name: __hstc
Value: 2372847.f9d9a78941205ffc43dcdf71f035ea18.1712312621435.1712312621435.1712312621435.1
my.qred.be/ Name: hubspotutk
Value: f9d9a78941205ffc43dcdf71f035ea18
my.qred.be/ Name: __hssrc
Value: 1
my.qred.be/ Name: __hssc
Value: 2372847.1.1712312621435
.my.qred.be/ Name: messagesUtk
Value: af479bfcd7d24ce5b6a8d1ba61b0bd79
.hubspot.com/ Name: __cf_bm
Value: tEjt4aGLSlZpMEJUFIxOhQijUE9CRdA6mgn23WN.ZDI-1712312622-1.0.1.1-ah8_AuvSSLjXnD4PeJkYvzGIDuHvv.Lyzsb0v.spoe80nx.opMhCZxbE8KQROumhWykLGl.RTfaVDcObGh3fAQ
.hubspot.com/ Name: _cfuvid
Value: 9U_okx3ajHy4D3hMDoa73U_yweEdega6178GAuzX8aQ-1712312622158-0.0.1.1-604800000

12 Console Messages

Source Level URL
Text
other warning URL: https://my.qred.be/bank-integration
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my.qred.be/bank-integration
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my.qred.be/bank-integration
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my.qred.be/bank-integration
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my.qred.be/bank-integration
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my.qred.be/bank-integration
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my.qred.be/bank-integration
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my.qred.be/bank-integration
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my.qred.be/bank-integration
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my.qred.be/bank-integration
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my.qred.be/bank-integration
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my.qred.be/bank-integration
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
app.hubspot.com
app.launchdarkly.com
cdn.cookielaw.org
clientstream.launchdarkly.com
cta-service-cms2.hubspot.com
dev.visualwebsiteoptimizer.com
eu.posthog.com
events.launchdarkly.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
geolocation.onetrust.com
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
js.hubspot.com
js.hubspotfeedback.com
js.usemessages.com
my.qred.be
o294555.ingest.sentry.io
pagead2.googlesyndication.com
perf-na1.hsforms.com
region1.google-analytics.com
sgtm.qred.be
track.hubspot.com
www.googletagmanager.com
x.klarnacdn.net
104.18.192.125
142.250.186.130
142.250.186.72
15.197.213.252
151.101.66.217
2001:4860:4802:34::36
2600:9000:2127:7400:11:36b2:7c80:93a1
2600:9000:2127:ba00:1e:5ae:1e00:93a1
2600:9000:2724:6000:1d:3be7:ae40:93a1
2606:4700:4400::ac40:991b
2606:4700:4400::ac40:9b77
2606:4700::6810:4dba
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6810:89d1
2606:4700::6811:e07c
2606:4700::6811:f8a8
2606:4700::6812:8d11
2606:4700::6813:b234
2a00:1450:4001:810::200a
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2008
3.161.82.39
34.120.195.249
34.96.102.137
35.174.236.115
51.158.227.185
099d33a1d679bcfa3722a172d91742af80d45166f760db1512e4944a9d95bc23
0d794a9e6db1ab267ba795b72d285023c8eac38220e1aee88562ec273203c5f2
1269aa4a0c3ce658927f9d1df1655f12e87504ef886a8824d98429441bd6d8b8
19f911a1ed132343dcadc978905132d7d3ee290256e5caedca68fcc8baee09ce
1e107eb0b244fa420ef1430cf02c4367056ebf252bf26ea6aba2edab72415aa8
23a85572a802fdd581bcef5ca99af4711f3af3268d90929c904acd45af0360cf
2937136073547bff76118d1df20b8eceae10e317f423452b3e949f9883172b63
2acd99e5f913a403cc1d99fedad728e0d4baac2ca60c6d0ebac87b51fffd3228
2be5d8e68281532e455fe1bb5b76a47d49833da350ecf44c2e601a53a8bd550a
3c4f86e9ccc5e942b4003bd9fed721d599fdeb7bcc1a2db63a95cba24de5f828
403922c6b98df856e32e5c55b2adbbd606b2b6015d68bdba5b86937e01cae759
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b5a6084c86d3aca7e4a01d2eff8a5a640d72951e183fbfc4c29d170ac982d58
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
54b34027cb35103d5b0e1ca0a51f296323daa88185efdb5d3f74bffd47766b6f
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
65390c3b5e18df070a11dd947ca2f91668714ee2a8575956b93c8b1590b9532c
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bd5068ee3f41ad2ed4f003c13c4e939021c77f7a69ac82d25211c72868b520e
76ffa947d10fb7c40aba2d81149b1e636fb986f8c8017b95430449d5e5c2c538
7c133e09c608837479186ba6dbf05e0f3bc6f4d6d3ec64080eb3a9bde2ca3e92
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83baaaead377b303d9111a74dae5f3924a78426a785b7677ea5068c36f018ac5
857fa22727b3af77bef19aaf6313d250abd48a6b08f6442b09facdcbd9df1dd6
92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9a3fd642622cf94cc18afa5edb1a20824998b4476d435cf5fcb309238c2c0b19
b382967162c482928529c765a21bf9ae4141dd1ccbdbf480140bdbd67eab8991
b4987dc5d0043f4028da94da2c84533851c9040a58e0234aafe19bfa03e3e96d
b4bf8910a202b24bd61be26e28eaa8c5f83a48d78999b2693a9cbdf4c9910cf1
b4d6e260145312754a4ac70c6f0dac06921556d0c72b5e42d82ce2cf41a8cc7c
b6b309491e1d023909bebdcc51dea023e73e0e80a00f2aebe3031704ca03dd89
bc99fd44dd12fe042846036d0bd5f8c9ccd901e69cc6c2503e4d18e6c093bbba
be898a075d114275187a6065e0e7909155ba97c85fac58f8c714e0b06706f344
c011c1eb138664dc06a37726a2a06124c10149fbf3b883d1640f37d0e84c181f
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e8ca9c844dd0db8f8eb435bdb183574c3a3ebb818a426de0babd616aaf9ff758
ef0bccd2f8727cea6305da6e9f3e3632f263c849599089e5448ce5e9c46500d2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb5dc6835aeb8a8e1615ca49df1828cfaf708dc73651c5f1c651f2d2ab3907a
f0297de75f16cd89bc46df7ca5bfd2792ffe130d6fc17b9dbbe1b5ba38ea8384
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f52ad12cc79f9c6c45f340261853e43d96a1526745891981ae2b38dc2a2ec4ec
f8463ad4a0dab64bb593864824d3bff0bd2a95ab9ee0052e2359478504968cfd
fb7e4764d8ff0f269222b0ffa265e726287fc3009e7af6a3949e4dcc3ca1390d
fbc0410ed7e1ec24365afa107ac2d90947e01aeec4488d1e8af0a6c03351fc51
fdb719b9f9f4c4e502e1fd573da849e70c5ed638dc80e5176f99337ebe8842eb