urlscan.io logo urlscan.io
SecurityTrails logo

www.bhg.com Open in urlscan Pro
151.101.130.137  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://637267.directfvtfwr.com/bdvfrd.dbm?gto=https%3A%2F%2Flavandencial.info%2Fposts%3Fm%3De19709645b6727b87702375450617450%26...
Effective URL: https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=Le...
Submission: On October 11 via manual from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 4 countries across 20 domains to perform 91 HTTP transactions. The main IP is 151.101.130.137, located in United States and belongs to FASTLY, US. The main domain is www.bhg.com. The Cisco Umbrella rank of the primary domain is 87332.
TLS certificate: Issued by R3 on September 14th 2022. Valid for: 3 months.
This is the only time www.bhg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2001:19f0:500... 20473 (AS-CHOOPA)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 41 151.101.130.137 54113 (FASTLY)
2 3.139.206.22 16509 (AMAZON-02)
12 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:223... 16509 (AMAZON-02)
4 99.86.8.175 16509 (AMAZON-02)
2 2606:4700:440... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
1 23.35.236.247 16625 (AKAMAI-AS)
3 65.9.71.118 16509 (AMAZON-02)
1 2600:9000:206... 16509 (AMAZON-02)
1 108.138.17.103 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 99.86.4.25 16509 (AMAZON-02)
1 3.33.220.150 16509 (AMAZON-02)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 34.234.134.156 14618 (AMAZON-AES)
2 54.200.57.101 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.18.19.126 13335 (CLOUDFLAR...)
91 25
1    2001:19f0:5001:32cc:5400:4ff:fe1b:542a (Amsterdam, Netherlands)

ASN20473 (AS-CHOOPA, US)
637267.directfvtfwr.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
lavandencial.info
41    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
www.bhg.com
2    3.139.206.22 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-139-206-22.us-east-2.compute.amazonaws.com
api-secure.solvemedia.com
12    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    2600:9000:223f:6400:d:2820:3bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
karma.mdpcdn.com
4    99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net
cdn.segment.com
2    2606:4700:4400::6812:2962 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
4    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2600:9000:2250:3400:19:bcbe:a700:21 (United States)

ASN16509 (AMAZON-02, US)
d30qdagvt44524.cloudfront.net
1    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
js-sec.indexww.com
3    65.9.71.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-118.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    2600:9000:206f:3200:11:e0c9:84c0:21 (United States)

ASN16509 (AMAZON-02, US)
d9jj3mjthpub.cloudfront.net
1    108.138.17.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-103.fra56.r.cloudfront.net
imagesvc.meredithcorp.io
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
669fc8285cb9705d5a4a0f6fc411f28d.safeframe.googlesyndication.com
2    99.86.4.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-25.fra6.r.cloudfront.net
ddrvjrfwnij7n.cloudfront.net
1    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    34.234.134.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-134-156.compute-1.amazonaws.com
id.sv.rkdms.com
2    54.200.57.101 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-57-101.us-west-2.compute.amazonaws.com
api.segment.io
4    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
as-sec.casalemedia.com
Apex Domain
Subdomains		 Transfer
41 bhg.com
www.bhg.com — Cisco Umbrella Rank: 87332
849 KB
12 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 668
251 KB
8 googlesyndication.com
669fc8285cb9705d5a4a0f6fc411f28d.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
tpc.googlesyndication.com — Cisco Umbrella Rank: 170
42 KB
4 cloudfront.net
d30qdagvt44524.cloudfront.net
d9jj3mjthpub.cloudfront.net
ddrvjrfwnij7n.cloudfront.net
13 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
157 KB
4 segment.com
cdn.segment.com — Cisco Umbrella Rank: 2553
60 KB
3 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 391
47 KB
2 segment.io
api.segment.io — Cisco Umbrella Rank: 1311
343 B
2 google.com
adservice.google.com — Cisco Umbrella Rank: 136
www.google.com — Cisco Umbrella Rank: 19
2 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 913
579 B
2 solvemedia.com
api-secure.solvemedia.com — Cisco Umbrella Rank: 102371
23 KB
1 casalemedia.com
as-sec.casalemedia.com — Cisco Umbrella Rank: 2214
499 B
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 5516
165 B
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1094
358 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 463
388 B
1 meredithcorp.io
imagesvc.meredithcorp.io — Cisco Umbrella Rank: 15884
29 KB
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 965
13 KB
1 mdpcdn.com
karma.mdpcdn.com — Cisco Umbrella Rank: 29888
114 KB
1 lavandencial.info
lavandencial.info
806 B
1 directfvtfwr.com
637267.directfvtfwr.com
627 B
91 20
Domain Requested by
41 www.bhg.com 1 redirects www.bhg.com
12 cdn.cookielaw.org www.bhg.com
cdn.cookielaw.org
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 securepubads.g.doubleclick.net karma.mdpcdn.com
securepubads.g.doubleclick.net
4 cdn.segment.com www.bhg.com
cdn.segment.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 c.amazon-adsystem.com karma.mdpcdn.com
c.amazon-adsystem.com
2 api.segment.io cdn.segment.com
2 ddrvjrfwnij7n.cloudfront.net www.bhg.com
2 geolocation.onetrust.com cdn.cookielaw.org
2 api-secure.solvemedia.com www.bhg.com
api-secure.solvemedia.com
1 as-sec.casalemedia.com js-sec.indexww.com
1 www.google.com tpc.googlesyndication.com
1 id.sv.rkdms.com js-sec.indexww.com
1 api.rlcdn.com js-sec.indexww.com
1 match.adsrvr.org js-sec.indexww.com
1 669fc8285cb9705d5a4a0f6fc411f28d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 imagesvc.meredithcorp.io www.bhg.com
1 d9jj3mjthpub.cloudfront.net www.bhg.com
1 js-sec.indexww.com karma.mdpcdn.com
1 d30qdagvt44524.cloudfront.net karma.mdpcdn.com
1 karma.mdpcdn.com www.bhg.com
1 lavandencial.info 1 redirects
1 637267.directfvtfwr.com
91 25
Subject Issuer Validity Valid
bhg.com
R3		 2022-09-14 -
2022-12-13		 3 months crt.sh
api-secure.solvemedia.com
Amazon		 2022-10-08 -
2023-11-05		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
karma.mdpcdn.com
Amazon		 2022-05-02 -
2023-05-31		 a year crt.sh
*.segment.com
Amazon		 2022-01-12 -
2023-02-10		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.meredithcorp.io
Amazon		 2022-10-08 -
2023-11-06		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
securedvisit.com
Amazon		 2021-11-30 -
2022-12-27		 a year crt.sh
*.segment.io
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-24 -
2023-06-23		 a year crt.sh

This page contains 5 frames:

Primary Page: https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
Frame ID: A214AB1922AF4C72C93E59A1457E910E
Requests: 62 HTTP requests in this frame

Frame: https://www.bhg.com/account/quick-signup?modal=true&type=quick-signup&regsource=8kpg48&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=950714&originatingSource=sweepstakes
Frame ID: A31FE59685F8E5004D415978FFAC4F38
Requests: 27 HTTP requests in this frame

Frame: https://669fc8285cb9705d5a4a0f6fc411f28d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2956214F4B8673F576CCB76C14C0994D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2F3F4F9A6C1761A76C03639CC7669AE8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B97C49260D7A75771B8EC77C33B138B6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Pay Off Your Bills $25,000 Sweepstakes | Better Homes & GardensBHG LogoBHG Real Estate

Page URL History Show full URLs

  1. http://637267.directfvtfwr.com/bdvfrd.dbm?gto=https%3A%2F%2Flavandencial.info%2Fposts%3Fm%3De19709645b6727b... Page URL
  2. https://lavandencial.info/posts?m=e19709645b6727b87702375450617450&t=ron&g=-&s=US HTTP 302
    https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r... HTTP 301
    https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

91
Requests

99 %
HTTPS

52 %
IPv6

20
Domains

25
Subdomains

25
IPs

4
Countries

1602 kB
Transfer

6583 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://637267.directfvtfwr.com/bdvfrd.dbm?gto=https%3A%2F%2Flavandencial.info%2Fposts%3Fm%3De19709645b6727b87702375450617450%26t%3Dron%26g%3D-%26s%3DUS Page URL
  2. https://lavandencial.info/posts?m=e19709645b6727b87702375450617450&t=ron&g=-&s=US HTTP 302
    https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001:1af8:4700:a08a:4::15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1 HTTP 301
    https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

91 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
bdvfrd.dbm
637267.directfvtfwr.com/ 		427 B
627 B 		Document
General
Check archive.org
Download Go to
Full URL
http://637267.directfvtfwr.com/bdvfrd.dbm?gto=https%3A%2F%2Flavandencial.info%2Fposts%3Fm%3De19709645b6727b87702375450617450%26t%3Dron%26g%3D-%26s%3DUS
Protocol
HTTP/1.1
Server
2001:19f0:5001:32cc:5400:4ff:fe1b:542a Amsterdam, Netherlands, ASN20473 (AS-CHOOPA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / PHP/8.0.0
Resource Hash
89af24a46f075d3025a9e900dc3b46ee2a0bd8579175b6d654be5845c7a71a3b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Content-Length
427
Content-Type
text/html; charset=UTF-8
Date
Tue, 11 Oct 2022 17:04:15 GMT
Referrer-Policy
no-referrer
Server
Microsoft-IIS/10.0
X-Powered-By
PHP/8.0.0
Primary Request /
www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/
Redirect Chain
  • https://lavandencial.info/posts?m=e19709645b6727b87702375450617450&t=ron&g=-&s=US
  • https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001:1af8:4700:a08a:4::15&geo=NL&uclick=9r7sci&ucl...
  • https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclic...
211 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
cd045860a5fb07229c504ce0971aa1c2894526fcd6004248e8345a17f9bbb9aa
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

Referer
http://637267.directfvtfwr.com/bdvfrd.dbm?gto=https%3A%2F%2Flavandencial.info%2Fposts%3Fm%3De19709645b6727b87702375450617450%26t%3Dron%26g%3D-%26s%3DUS
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 11 Oct 2022 17:04:17 GMT
etag
W/"34bd0-Sb9qfUa9sDQyvdXvlR5JdIy9gv4"
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
server
nginx
strict-transport-security
max-age=86400; preload
via
1.1 7644cbb67f4f24c9050687ef3a2fd358.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-id
wvQqeBRuB5UeJWT8JFOkSN7TrRGm--GOysjOdYwQF_EwUxgCEoxBlg==
x-amz-cf-pop
DFW55-C2
x-cache
Miss from cloudfront, MISS, MISS
x-cache-hits
0, 0
x-element-page-cache
HIT
x-powered-by
Element
x-served-by
cache-iad-kcgs7200176-IAD, cache-ams21052-AMS
x-timer
S1665507857.146605,VS0,VE184

Redirect headers

accept-ranges
bytes
content-length
285
content-type
text/plain; charset=utf-8
date
Tue, 11 Oct 2022 17:04:17 GMT
location
https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
server
nginx
strict-transport-security
max-age=86400; preload
via
1.1 dc81af6f14945ade0fd126a735f82ac2.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-id
DDUt08YHVv6MAUmbMf19b-WEc_fiYa32ALCAgQmzq7nYeLinOLk5ug==
x-amz-cf-pop
IAD50-C2
x-cache
Miss from cloudfront, MISS, MISS
x-cache-hits
0, 0
x-powered-by
Element
x-served-by
cache-iad-kjyo7100070-IAD, cache-ams21052-AMS
x-timer
S1665507857.024981,VS0,VE105
style-8ae1c575963a0a6e7446-hash.css
www.bhg.com/dist/ 		1 MB
161 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/style-8ae1c575963a0a6e7446-hash.css
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
4897f11b3356880886fca7c4091cded15825ce2b56a01c7a842d261207247ae7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 5438564ce303b3a7e49a150c6d8abdf6.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:17 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
DFW55-C2
age
1276157
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kcgs7200049-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507857.348967,VS0,VE126
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
text/css; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
YkoAYR1dD_TFpfwdV2QDAcV1DeQuO_mAYnO45auBFV6pQZJ_GHnBUA==
x-cache-hits
0, 0
main-8dcba99cb08b1a481f19-hash.js
www.bhg.com/dist/ 		277 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
52ffb8d3c732dad48d5e637a005ee74604fb2a44d4d7dfcca9a27de35d0d4add
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 f47ebd7d279bfcb757b1e0e59e2a3cd4.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:17 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
DFW55-C2
age
44615
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kcgs7200155-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507857.370329,VS0,VE123
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
V_IfZn8LBbhn6Nvn4TAsvaKqZT1ryMx0WpFLlK4NQMuZvL2ApI3rNw==
x-cache-hits
0, 0
challenge.ajax
api-secure.solvemedia.com/papi/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-secure.solvemedia.com/papi/challenge.ajax
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.139.206.22 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-206-22.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 () mod_apreq2-20090110/2.8.0 mod_perl/2.0.11 Perl/v5.16.3 /
Resource Hash
cf031522843e3523d021d29398938753073f278d6900da520752a9a6b265d071

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 17:04:17 GMT
content-encoding
gzip
last-modified
Mon, 05 Oct 2020 16:50:06 GMT
server
Apache/2.4.46 () mod_apreq2-20090110/2.8.0 mod_perl/2.0.11 Perl/v5.16.3
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-ac-origin
aws-us-east-2-prod-213
cache-control
public,max-age=86400
expires
Wed, 12 Oct 2022 17:04:17 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Oct 2022 17:04:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
7BKk7WQU1Z9EDMZmf1T6Vg==
age
13176
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
7151
x-ms-lease-status
unlocked
last-modified
Tue, 11 Oct 2022 04:36:25 GMT
server
cloudflare
etag
0x8DAAB4227F058BE
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e22d2222-901e-013a-6044-dddd10000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75892c8e4bb590c7-FRA
karma_ddm.bhg.com.js
karma.mdpcdn.com/service/js-min/ 		364 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://karma.mdpcdn.com/service/js-min/karma_ddm.bhg.com.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:6400:d:2820:3bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0323725cfa542448c01f721ea9793f8a13798581a0b2f3e10aaf54294c5137e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
yk.MJGYJZn4FlnZksv84mQFfsVNWxDRV
content-encoding
gzip
via
1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
date
Tue, 11 Oct 2022 17:04:18 GMT
last-modified
Mon, 01 Aug 2022 19:56:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
W/"f698bce9fe91b56b834a652bfcc4b04c"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
kxM_vcD6F7g1ARTHO74hULo_LoahDYJkHMHCPudnrzSK7qYIedRw0w==
analytics.min.js
cdn.segment.com/analytics.js/v1/j3vsxnyLrmr4Q0LJHYdbrYIvmstsTPwv/ 		96 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/j3vsxnyLrmr4Q0LJHYdbrYIvmstsTPwv/analytics.min.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8552107b3bd487a9f7c4c5c8f05b1de3e39aa1c494f52f598a9cea72e6df13fe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
RaPw6KnA68XxNY0wrhvam9LY8D1eqXdp
content-encoding
gzip
via
1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
date
Tue, 11 Oct 2022 17:04:19 GMT
x-amz-cf-pop
FRA6-C1
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 31 Aug 2022 18:38:15 GMT
server
AmazonS3
etag
W/"89433988af6d2092f3069374e44c8694"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
WhUJTVc3HAbyz-00ybb3fynT2rM-J1ukvIjXbEVCMJIgUCdFiA0Wig==
mbempire_bold.woff2
www.bhg.com/font/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/font/mbempire_bold.woff2?577-hash
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/style-8ae1c575963a0a6e7446-hash.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
b9ecfe8c19ae92c88710ac6974a052b6794950d544b6d7f8aa9ca092bfb342e8
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

Referer
https://www.bhg.com/dist/style-8ae1c575963a0a6e7446-hash.css
Origin
https://www.bhg.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
via
1.1 df08ba5d249ec7fb2513313ea66b59f8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:17 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
IAD50-C2
age
1408939
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
content-length
20144
x-served-by
cache-iad-kjyo7100059-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 18:36:36 GMT
server
nginx
x-timer
S1665507858.603816,VS0,VE91
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
font/woff2
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
rcd65U034skMqQ2BAi2NB64napV1r5N1nrNwd03Bq4pLhQ_TYPQf1w==
x-cache-hits
0, 0
cardillac.woff2
www.bhg.com/font/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/font/cardillac.woff2?577-hash
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/style-8ae1c575963a0a6e7446-hash.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
8703aa3c2f9daecb069d5125aa27ca5b775b8e8f9aae226fcf5c13b228bbcef6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

Referer
https://www.bhg.com/dist/style-8ae1c575963a0a6e7446-hash.css
Origin
https://www.bhg.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
via
1.1 ccb414ab5bdb778a5639e83972f955e6.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:17 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
IAD55-P2
age
1412082
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
content-length
38296
x-served-by
cache-iad-kiad7000122-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 18:36:36 GMT
server
nginx
x-timer
S1665507858.604590,VS0,VE89
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
font/woff2
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
Cetp0imNlqpcOglHxQQ2NsirNaVb5sK4hBFUTMcA6Nbxm591E3ihlg==
x-cache-hits
0, 0
mbempire_book.woff2
www.bhg.com/font/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/font/mbempire_book.woff2?577-hash
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/style-8ae1c575963a0a6e7446-hash.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
83f3e7c351858f2931bf8eece4a63dffd4763a86b8336ff6cadf6b792e2553df
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

Referer
https://www.bhg.com/dist/style-8ae1c575963a0a6e7446-hash.css
Origin
https://www.bhg.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
via
1.1 2fe9a0911fd5e1ae25ba0f8aacc15254.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:17 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
DFW55-C2
age
789262
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
content-length
20192
x-served-by
cache-iad-kcgs7200173-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 18:36:36 GMT
server
nginx
x-timer
S1665507858.604782,VS0,VE127
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
font/woff2
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
F04bwMHp2QFEXEnpDIImSfBHTu1bF5fGt-VX5trLWPx8ABOAHFfA_g==
x-cache-hits
0, 0
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a48ba6d11055a2a6f840befa14e603650d8ca3d752e16daccd828d3869fb791

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e775ba70a052bd4b7c633816a031dbf4311646957b5616ad5e08f8bfbfe0e69b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
91469371-b862-4352-bde6-6d5e496dc719.json
cdn.cookielaw.org/consent/91469371-b862-4352-bde6-6d5e496dc719/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/91469371-b862-4352-bde6-6d5e496dc719/91469371-b862-4352-bde6-6d5e496dc719.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6e5fba4ffd34be6fc84e5c2d1c3cf130e725190e520620383e881f21f95b295
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Oct 2022 17:04:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ynkVxK59cPr4qSung/5Q/Q==
age
9777
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1633
x-ms-lease-status
unlocked
last-modified
Tue, 09 Aug 2022 17:10:37 GMT
server
cloudflare
etag
0x8DA7A2A14705194
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6f4c48ad-301e-015a-7a13-ac9832000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75892c8ede1c9b46-FRA
expires
Tue, 11 Oct 2022 21:04:17 GMT
_puzzle.js
api-secure.solvemedia.com/papi/ 		71 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-secure.solvemedia.com/papi/_puzzle.js
Requested by
Host: api-secure.solvemedia.com
URL: https://api-secure.solvemedia.com/papi/challenge.ajax
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.139.206.22 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-206-22.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 () mod_apreq2-20090110/2.8.0 mod_perl/2.0.11 Perl/v5.16.3 /
Resource Hash
16530dee878b8175869b8a059aaf33be6509d9b74a0cd452728a2190621a0b41

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 17:04:17 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 10:41:02 GMT
server
Apache/2.4.46 () mod_apreq2-20090110/2.8.0 mod_perl/2.0.11 Perl/v5.16.3
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-ac-origin
aws-us-east-2-prod-57
cache-control
public,max-age=86400
expires
Wed, 12 Oct 2022 17:04:17 GMT
/
www.bhg.com/hermes/ 		0
999 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/hermes/?keys=globalTI_SID,muuid_date,last_request_id,visit_ts,previous_ts,first_request_id,pageview_count,hid,muuid_origin&domains=all
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 17:04:17 GMT
via
1.1 ec22576e88e707bf58c11e0ee75d019c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
IAD50-C2
x-cache
LambdaGeneratedResponse from cloudfront, MISS, MISS
content-length
0
x-served-by
cache-iad-kjyo7100074-IAD, cache-ams21052-AMS
server
CloudFront
x-timer
S1665507858.770576,VS0,VE118
access-control-allow-methods
GET,HEAD
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
access-control-allow-origin
https://www.bhg.com
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
kCfkSLBoBXZnWCWHbHFeq5f2U3mW4cyqGXW8fMrGmQjcpaAQVnZkLA==
x-cache-hits
0, 0
202-9c632708491e11e99738-hash.js
www.bhg.com/dist/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/202-9c632708491e11e99738-hash.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
50828b57123b56e674aa31e2147099a05dad1cc6e3b7aaa641d4ab25daa19a41
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 5451b84324d9bca0bdd03e4c4009ae10.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:17 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
IAD50-C2
age
3044948
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kjyo7100093-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507858.770552,VS0,VE148
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
Lzr7vPWaWDNjCrL7U40O_vlVcVkHa33adxnUtkqP3Vus1_UnCGXhhQ==
x-cache-hits
0, 0
8945-6f78e9c46660486f7f9b-hash.js
www.bhg.com/dist/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/8945-6f78e9c46660486f7f9b-hash.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
cf14352cd24776d3f99c38f13ab3536978863afa728577a44a10dce35cd5bae3
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 f99016c858f903f368ea65409c60a470.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:17 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
DFW55-C2
age
46592
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kcgs7200045-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507858.770511,VS0,VE120
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
upk4YDd3abWOSk6ew2UzWZLdC9mQbl2CfgGN4XO4-i1UyNl93qD7Ug==
x-cache-hits
0, 0
940-b2dabc9aeaf74670859c-hash.js
www.bhg.com/dist/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/940-b2dabc9aeaf74670859c-hash.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
d3240c3136299e5b04c5f744652ef2751549913a4f3c1803873af75cd0a67d5e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 ead5a4c5fbab9ab09302c9bd4c52b4b4.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:17 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
IAD50-C2
age
1211940
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kjyo7100108-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507858.770474,VS0,VE94
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
t8KKt4GyemNCbnCuCjclukYRSeUi9ePHr2mp5F4w5f3XLFh_8THE6A==
x-cache-hits
0, 0
241-c9151caa14de321429aa-hash.js
www.bhg.com/dist/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/241-c9151caa14de321429aa-hash.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
85620f2bcc2cadcc272dc2c7f593cd78a0e83177f627c365aee01c8dc1dec808
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 07b0e28d0c589c8a26610bbc5dcd660a.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:17 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
IAD50-C2
age
1249720
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kjyo7100179-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507858.770467,VS0,VE88
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
xzC2wSJQ782sRZIF0TeVyXPv9kZiCR51Wu4ETCSPMrxvHfSRZLmD7Q==
x-cache-hits
0, 0
1083-64c8a2c822f85dc08c88-hash.js
www.bhg.com/dist/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/1083-64c8a2c822f85dc08c88-hash.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
41f4b9cc257e2f684f7f1dbbf55f936639854294e3e2bd456f07fb6943c5934c
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 c8fc06f86464f0d2b6c79379eb99a0d4.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:17 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
DFW55-C2
age
997035
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kcgs7200167-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507858.770344,VS0,VE120
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
fdo2tN6MvSOWN94s2ZeciCOlK_mYl7ab-d4jLcXPQ-ZiFEdhcAs1DQ==
x-cache-hits
0, 0
8011-485a50083b9e17d77880-hash.js
www.bhg.com/dist/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/8011-485a50083b9e17d77880-hash.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
87c9e23af51f0043a4591e9cebeb42c1250bf9a42826b27887e876e57eec2156
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 c378d79f6d61c9af35c366d426990acc.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:17 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
IAD55-P2
age
3481845
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kiad7000152-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507858.770292,VS0,VE90
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
ppyftCnSHT7ILN-8RJeDSw47MK3hqdEZyhFTy0hVQIxuuUJJqCG9Rg==
x-cache-hits
0, 0
9663-080c8bc3e80a5a5db991-hash.js
www.bhg.com/dist/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/9663-080c8bc3e80a5a5db991-hash.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
7cd9b65444f3b3e659bebbf42d1803140cf54aa497ba2fa6a8fe311b58389c27
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 a2da30f5dacfbd28d77cf4c9702318f8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:17 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
IAD50-C2
age
3166479
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kjyo7100103-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507858.770263,VS0,VE87
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
ZXuWo0Hlnbp5GwpBzOn8nExfYS2MnspifhvbwZ_XOk5JSBUiZ79qmg==
x-cache-hits
0, 0
2186-9a79533e85c301072bcf-hash.js
www.bhg.com/dist/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/2186-9a79533e85c301072bcf-hash.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
caed2f07f0582d35f00609d17579f030984814e190b0d463615a44a1ad7c1548
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:17 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
IAD50-C2
age
111275
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kjyo7100149-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507858.770236,VS0,VE88
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
9JEzyCFfcOlzbhXwQDHGowpSN2m2n5vAX_O7ZZFzUZ9Ftb5x-J93Fw==
x-cache-hits
0, 0
2656-cb61351609f7a6dfa8b7-hash.js
www.bhg.com/dist/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/2656-cb61351609f7a6dfa8b7-hash.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
46feee2578892dbe463ee10c4cb6c55dbac8e8d6538929fdc84908504e1b642b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 1531d925e2f1f9058974d2e519bbc57e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:17 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
IAD55-P2
age
3888466
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kiad7000099-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507858.770194,VS0,VE89
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
h5LT1UXkmRLgl8tXtcw181BJAaZk4Ol7cECmtOvr0v4QOeof_bkFQw==
x-cache-hits
0, 0
5142-d0fe502bd5a32304cae3-hash.js
www.bhg.com/dist/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/5142-d0fe502bd5a32304cae3-hash.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
bbe5b074544008fe06a3ec0a222ad27f6d0f1ef200346d571e1ab3ab308fe910
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 aadc36bc93844687d7ba70137223bc20.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:17 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
IAD55-P2
age
3166504
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kiad7000109-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507858.773469,VS0,VE87
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
LuaM8cZuoJbdRO6H-OPAYp7ZbZOhx_BYjP53aqAPYm-_Hj3ULGftWA==
x-cache-hits
0, 0
5952-fce9cfc83ff2a05e4b9e-hash.js
www.bhg.com/dist/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/5952-fce9cfc83ff2a05e4b9e-hash.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
6655b121c76e377685630e72a696c1eabdea5b423ea801e70b66a72abc52ee23
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 6a615842cf9e2c637f2872ee9b70eb72.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:17 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
IAD50-C2
age
2216305
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kjyo7100041-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507858.773448,VS0,VE91
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
EDkORE9UU-SC6UE4olRLV_fqieYs4LAumsSuIs495sPLCQBOn1XJ5w==
x-cache-hits
0, 0
9669-801794f1a614e9ae0727-hash.js
www.bhg.com/dist/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/9669-801794f1a614e9ae0727-hash.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
2d1a8df4382a35430b429995a4162deef9d8bbb4db406b207546408c5fb87d5d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 e14296585c8339d0a32f7c1d34fc00f2.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:17 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
IAD55-P2
age
3888462
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kiad7000164-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507858.773423,VS0,VE96
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
0P-Krffvbb8Ctp6ob77oZA8Q17J2tQjOS8E-UsYD_Bd_Fw2DeInsZQ==
x-cache-hits
0, 0
569-5d5e75cd8d60b46ed6d0-hash.js
www.bhg.com/dist/ 		56 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/569-5d5e75cd8d60b46ed6d0-hash.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
297f84c02c0c3fcfa96d86602382c5b87e89bfb385f113e0573673356e4fa437
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 f7d45b5ebcd04bf5d37f0688d4b90670.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:17 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
IAD55-P2
age
4342908
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kiad7000103-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507858.779041,VS0,VE91
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
Q5WYGyog_S8hFOXOzalnIA43N27Q4uQ3WOfSWD_GZLiv47iRaV7gjw==
x-cache-hits
0, 0
679-e0c2cdfbdffe7c0db9f8-hash.js
www.bhg.com/dist/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/679-e0c2cdfbdffe7c0db9f8-hash.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
5016b4275552cfb0267070075e953263cd2619d016a664c11a0fb3b4226c822f
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 78487ffbca2380a1b0612e6718bb8f2e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:17 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
DFW55-C2
age
1125447
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kcgs7200119-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507858.779020,VS0,VE122
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
vt1gqjhniB6OO4VT3aqjyM4gt9mCBFfOJ64wFzxYg_GlfGWcrk_CsQ==
x-cache-hits
0, 0
5164-a0dbd77289ec31931a7d-hash.js
www.bhg.com/dist/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/5164-a0dbd77289ec31931a7d-hash.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
8b0a7d2e1cb999698b532334e4741152c51b64463673ea483325d0c35cb2c9f1
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 ead5a4c5fbab9ab09302c9bd4c52b4b4.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:17 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
IAD50-C2
age
543822
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kjyo7100122-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507858.779002,VS0,VE99
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
pyjczT-CEsgemvynjsYNgPXe939Eq8221A07fsnlTEt2KhMpxQH0Vg==
x-cache-hits
0, 0
9367-e8edf76461a11326da2f-hash.js
www.bhg.com/dist/ 		60 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/9367-e8edf76461a11326da2f-hash.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
1b111fa40c2ff9a17c7dd46cf304fd87d3d05fc8ffa4df3ccabbcdc4fdd1bbff
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 495082db97d209f49efad4679b8a6f28.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:17 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
IAD55-P2
age
3166412
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kiad7000057-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507858.778981,VS0,VE88
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
ROpODJJq76VZ9kqGzLse8Va8wcVOiWUMkWZK3j4maEadbgA_b_SAsA==
x-cache-hits
0, 0
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		156 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76d22dc3ab1e4f1d50106855f2c521d376684912d4f45e78f778f005692e9c10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.bhg.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 17:04:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
75892c8faebb6939-FRA
access-control-allow-headers
Content-Type
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_ddm.bhg.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce8a771c5f4543058c1460c39b725cc69e3e623b808c50706343bedd8d3c710e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 17:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27737
x-xss-protection
0
server
sffe
etag
"1360 / 152 of 1000 / last-modified: 1665486568"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 11 Oct 2022 17:04:18 GMT
segments
d30qdagvt44524.cloudfront.net/production/ 		15 B
358 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d30qdagvt44524.cloudfront.net/production/segments?muid=56f4c392-4c2c-4d45-85ed-b34758c3395c
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_ddm.bhg.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:3400:19:bcbe:a700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
727b3ff0c716fa8e38788e3dab83691b06edf37ca523b826f9ef67700021516b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 17:04:18 GMT
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amzn-trace-id
Root=1-6345a212-0add40f16f66520220c8502a;Sampled=0
x-amzn-requestid
6c5d1bc5-38ef-459c-8278-157bd849b00a
x-cache
Miss from cloudfront
content-type
text/javascript
x-amz-apigw-id
Z2ZC2GV8IAMFv3Q=
content-length
15
x-amz-cf-id
5MNfhLffmNyx6VxQbbsDeP_8qM5aHQcH35_gp4c8kHQTEEWiXftPlg==
184003-52190608802424.js
js-sec.indexww.com/ht/p/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_ddm.bhg.com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5800f312944709b8d8e2e638a4c64704be610892c2fd06e962ac74b222615e19

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 17:04:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Oct 2022 17:00:58 GMT
Server
Apache
ETag
"7612d8-9a4c-5eac53859a0e4"
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13270
Expires
Tue, 11 Oct 2022 18:04:18 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		176 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_ddm.bhg.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d5aeb863142a8ddac2ae6d950ad4995d72ecb88e8657e7d9c505459dc930ba7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 16:38:23 GMT
content-encoding
gzip
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront), 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified
Thu, 06 Oct 2022 22:15:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-C1
age
1556
x-amz-server-side-encryption
AES256
etag
W/"13600701857be6a3c4cd98a7b8e7133a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
aNfo3ZGzkYiuKf_aMkdeSyWBWX3T_ntYZY2BIgp7BVSvR8sHJ0HE_w==
x.gif
d9jj3mjthpub.cloudfront.net/ 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9jj3mjthpub.cloudfront.net/x.gif?pulse=-1&v=l1.0.21&type=karma&globalTI_SID=56f4c392-4c2c-4d45-85ed-b34758c3395c&request_id=fa5560f8-a8f3-4dc8-82d9-a53d7fc405ef&url=https%3A%2F%2Fwww.bhg.com%2Fsweepstakes%2Fentry%2Fpay-off-your-bills-25000-sweepstakes%2F950714%2F%3Fgclid%3D6f5599r7scic3e%26city%3D%26isp%3DLeaseWeb%2520Netherlands%2520B.V.%26ip%3D2001%253A1af8%253A4700%253Aa08a%253A4%253A%253A15%26geo%3DNL%26uclick%3D9r7sci%26uclickhash%3D9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1&host=www.bhg.com&ua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F106.0.5249.91%20safari%2F537.36&muuid_origin=bhg.com
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3200:11:e0c9:84c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 17:23:05 GMT
via
1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
last-modified
Sun, 24 Feb 2019 04:40:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
85274
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
z6vafB2vPXkHNd7br42oBFYqiCHB4_YYwzO80GpixH9ZqH9rmvUWLw==
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.31.0/ 		334 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe4946db1f133c18e59bde7de4f6e87a50d288f85ec8440451b998e0f3f17e66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Oct 2022 17:04:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
D263R6OySncrpIc5uRH3nQ==
age
10277
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
80955
x-ms-lease-status
unlocked
last-modified
Fri, 11 Mar 2022 07:14:24 GMT
server
cloudflare
etag
0x8DA032EC5D12B02
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
87503e4e-701e-00d1-3b20-3565b9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75892c903e7490c7-FRA
generic-image.svg
www.bhg.com/img/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bhg.com/img/icons/generic-image.svg
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
44dc69834c553ee139de5320d3c46dbf4fd8c33abf85023d5d3786f935ef927b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 941f9399edc1f082afabdbb29c8909b8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:18 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
IAD55-P2
age
1296519
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kiad7000108-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 18:36:36 GMT
server
nginx
x-timer
S1665507858.985121,VS0,VE87
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
aNidjUqrNfWTNhvZOLO-rSjwFIESm6wlc0UBTvJlEdloz_xx_dptZQ==
x-cache-hits
0, 0
image
imagesvc.meredithcorp.io/v3/mm/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2F2022%2F06%2F21%2F1244x830_14475_BHG_25kFall_PayOffYourBills_Sweepstakes_2022.jpg&w=640&h=428&c=sc&poi=face&q=60
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-103.fra56.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
8ae758ad7e8d6b418ce464b759a091c249040b43be4dbe8a1e72ad5b833447fa

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 13:11:50 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
last-modified
Fri, 09 Sep 2022 13:11:50 GMT
server
nginx/1.18.0
x-amz-cf-pop
FRA56-P7
age
2778748
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
public, max-age=31536000
x-img-msg
PROCESSED
x-amz-cf-id
iVipyBSXpBzeqjpJzi9ER-LTeUxgxkh-RWAaWxMxCmQ7vR4pHKOFjw==
quick-signup
www.bhg.com/account/ Frame A31F 		59 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/account/quick-signup?modal=true&type=quick-signup&regsource=8kpg48&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=950714&originatingSource=sweepstakes
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
e44665f76cd04b4ed779022a79760cb6f5be7c4efa14149872322f0112b6702f
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

Referer
https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
32
cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 11 Oct 2022 17:04:18 GMT
etag
W/"eb76-4b4/NiDhJlx45WkcHrJ5wLhiVgo"
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
server
nginx
strict-transport-security
max-age=86400; preload
via
1.1 ccb414ab5bdb778a5639e83972f955e6.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-id
_sPxRaqcdbB9pRLvNaJHCbVM4aFc6x5P4DnRBQcZZ-SwTYepULBzAg==
x-amz-cf-pop
IAD55-P2
x-cache
Hit from cloudfront, MISS, MISS
x-cache-hits
0, 0
x-powered-by
Element
x-served-by
cache-iad-kiad7000122-IAD, cache-ams21052-AMS
x-timer
S1665507858.996382,VS0,VE94
en.json
cdn.cookielaw.org/consent/91469371-b862-4352-bde6-6d5e496dc719/52a372c4-5e1c-4c39-b548-e3685b3ed8b8/ 		174 KB
30 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/91469371-b862-4352-bde6-6d5e496dc719/52a372c4-5e1c-4c39-b548-e3685b3ed8b8/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cddeae87caa0b3fcff81714d4669b01ace6dcdaf0f53e2cb4509c2b1d25aacb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Oct 2022 17:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
vs+89dB+tmu52VXAfe0Dzg==
age
6189
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
30119
x-ms-lease-status
unlocked
last-modified
Tue, 09 Aug 2022 17:10:56 GMT
server
cloudflare
etag
0x8DA7A2A1FA95EFA
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7b83e766-c01e-0062-6913-ac9f3e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75892c90aac59b46-FRA
expires
Tue, 11 Oct 2022 21:04:18 GMT
pubads_impl_2022100401.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100401.js?cb=31070165
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95dc3fe7bed6cc66d192c34a90ac7912453305c15c62634159227882d6656ddb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 10:49:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
195283
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131625
x-xss-protection
0
last-modified
Tue, 04 Oct 2022 08:36:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 09 Oct 2023 10:49:35 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		142 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bhg.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf3d9a2793f6b920835ae9182bb4cb553a44fae608292cb8befe765131cacf4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 17:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
expires
Tue, 11 Oct 2022 17:04:18 GMT
style-8ae1c575963a0a6e7446-hash.css
www.bhg.com/dist/ Frame A31F 		1 MB
161 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/style-8ae1c575963a0a6e7446-hash.css
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/account/quick-signup?modal=true&type=quick-signup&regsource=8kpg48&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=950714&originatingSource=sweepstakes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
4897f11b3356880886fca7c4091cded15825ce2b56a01c7a842d261207247ae7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/account/quick-signup?modal=true&type=quick-signup&regsource=8kpg48&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=950714&originatingSource=sweepstakes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 48b970169016f7185b7cff9e185ee0b2.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:18 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
IAD50-C2
age
3704921
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kjyo7100175-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507858.116680,VS0,VE101
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
text/css; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
wAiHPLYUf_TANz_0niFU2vRRuucLlj24z5fSKKDqhnxv1rRgpgt0Qg==
x-cache-hits
0, 0
main-8dcba99cb08b1a481f19-hash.js
www.bhg.com/dist/ Frame A31F 		277 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/account/quick-signup?modal=true&type=quick-signup&regsource=8kpg48&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=950714&originatingSource=sweepstakes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
52ffb8d3c732dad48d5e637a005ee74604fb2a44d4d7dfcca9a27de35d0d4add
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/account/quick-signup?modal=true&type=quick-signup&regsource=8kpg48&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=950714&originatingSource=sweepstakes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 d01a0cfc47d6e412dd81c986ff5d69da.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:18 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
IAD50-C2
age
4403708
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kjyo7100175-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507858.117063,VS0,VE91
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
ThNv_4OGMGe-Yz4AIsOTIIGJJ_MzXPCUATPmCwhUUpqh6AFOtViiWA==
x-cache-hits
0, 0
bLayout-en.json
cdn.cookielaw.org/consent/91469371-b862-4352-bde6-6d5e496dc719/52a372c4-5e1c-4c39-b548-e3685b3ed8b8/ 		14 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/91469371-b862-4352-bde6-6d5e496dc719/52a372c4-5e1c-4c39-b548-e3685b3ed8b8/bLayout-en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7abefc15c8621677230c1134dd4a53f5fc40fae39ae83e6e09a4eec9e11a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Oct 2022 17:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1936
content-length
2946
x-ms-lease-status
unlocked
last-modified
Tue, 09 Aug 2022 17:10:59 GMT
server
cloudflare
etag
0x8DA7A2A21ACAFCE
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
a331f196-e01e-0090-1114-ac4daa000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75892c91ddb99b46-FRA
expires
Tue, 11 Oct 2022 21:04:18 GMT
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.31.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42da203fcc4325bd58c8c868e9213def8ca9b8d58e79d68e86c0fd8a5744e72d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Oct 2022 17:04:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
2HSefDmVwJneRQMu6SXIPw==
age
9209
x-ms-lease-status
unlocked
last-modified
Fri, 11 Mar 2022 07:14:31 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
ce1f2392-a01e-00fa-4107-491101000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
75892c91ddbc9b46-FRA
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bhg.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100401.js?cb=31070165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 17:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		2 KB
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2007848760123048&correlator=1292852595922228&eid=31060439%2C31068457%2C31070046%2C31070165%2C44768258%2C31070232%2C21065724&output=ldjh&gdfp_req=1&vrg=2022100401&ptt=17&impl=fifs&npa=1&iu_parts=3865%2Cddm.bhg.com%2Ctier1%2Cother%2Csweepstakes&enc_prev_ius=0%2F1%2F2%2F3%2F4%2C0%2F1%2F2%2F3%2F4%2C0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90%7C970x90%7C970x250%2C1x1%2C1x1&ifi=1&adks=2371513339%2C2385621551%2C2239645985&sfv=1-0-38&ists=3&fsapi=false&prev_scp=slot%3Dleaderboard-flex-1%26refreshType%3Dhard%7Cslot%3Dinterstitial%26refreshType%3Dhard%7Cslot%3Dwallpaper%26refreshType%3Dhard&eri=1&cust_params=path%3Dsweepstakes%252Centry%252Cpay-off-your-bills-25000-sweepstakes%252C950714%26channel%3Dsweepstakes%26ctype%3DsweepEntry%26type%3Dother%26tags%3D%26id%3D1c0c59af-a78b-48c9-863a-210c88f9c235%26abTest%3Dmdextest%26concepts%3D%26taxons%3D%26mtax%3D%26pv%3D1%26otabc%3D0%26npa%3D1%26otgeo%3D1%26muid%3D56f4c392-4c2c-4d45-85ed-b34758c3395c%26mrid%3Dfa5560f8-a8f3-4dc8-82d9-a53d7fc405ef%26dockedleaderboard%3Dfalse%26dockedrail%3Dtrue&ppid=56f4c392-4c2c-4d45-85ed-b34758c3395c&sc=1&cookie_enabled=1&abxe=1&dt=1665507858298&lmt=1665507858&dlt=1665507857346&idt=794&adxs=436%2C0%2C0&adys=16%2C2058%2C2058&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bhg.com%2Fsweepstakes%2Fentry%2Fpay-off-your-bills-25000-sweepstakes%2F950714%2F%3Fgclid%3D6f5599r7scic3e%26city%3D%26isp%3DLeaseWeb%2520Netherlands%2520B.V.%26ip%3D2001%253A1af8%253A4700%253Aa08a%253A4%253A%253A15%26geo%3DNL%26uclick%3D9r7sci%26uclickhash%3D9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1&frm=20&vis=1&psz=1600x106%7C1600x2058%7C1600x2058&msz=1600x90%7C1600x0%7C1600x0&fws=0%2C0%2C0&ohw=0%2C0%2C0&ga_vid=885866191.1665507858&ga_sid=1665507858&ga_hid=917338425&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100401.js?cb=31070165
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9480eecc5fd5c197c2a0160694ebc49442aac32f8a2854cc4714cace7b4af8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 17:04:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
539
x-xss-protection
0
google-lineitem-id
-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bhg.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
669fc8285cb9705d5a4a0f6fc411f28d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2956 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://669fc8285cb9705d5a4a0f6fc411f28d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100401.js?cb=31070165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bhg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 11 Oct 2022 17:04:18 GMT
expires
Wed, 11 Oct 2023 17:04:18 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
config
c.amazon-adsystem.com/cdn/prod/ 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3446&u=https%3A%2F%2Fwww.bhg.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 12:19:43 GMT
via
1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
age
17075
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.bhg.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
gOwOKjPHKNntuS5OrUvI5nTD2-P72s4U-IisE8Ltu-664rRn-Ssorg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
YousslGi_alc9N7i1PBVBMNtdY1LkTzi
content-encoding
gzip
via
1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
date
Tue, 11 Oct 2022 03:02:05 GMT
x-amz-cf-pop
FRA56-C1
age
55609
x-cache
Hit from cloudfront
last-modified
Thu, 06 Oct 2022 01:32:47 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
TBqKHwt4rN6ZHwVgVBNf420lQK9BVO9dfpnVdabqi0oTqNRTbdMMYA==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ Frame A31F 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/account/quick-signup?modal=true&type=quick-signup&regsource=8kpg48&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=950714&originatingSource=sweepstakes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Oct 2022 17:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
7BKk7WQU1Z9EDMZmf1T6Vg==
age
13177
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
7151
x-ms-lease-status
unlocked
last-modified
Tue, 11 Oct 2022 04:36:25 GMT
server
cloudflare
etag
0x8DAAB4227F058BE
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e22d2222-901e-013a-6044-dddd10000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75892c92ca1490c7-FRA
analytics.min.js
cdn.segment.com/analytics.js/v1/j3vsxnyLrmr4Q0LJHYdbrYIvmstsTPwv/ Frame A31F 		96 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/j3vsxnyLrmr4Q0LJHYdbrYIvmstsTPwv/analytics.min.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/account/quick-signup?modal=true&type=quick-signup&regsource=8kpg48&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=950714&originatingSource=sweepstakes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8552107b3bd487a9f7c4c5c8f05b1de3e39aa1c494f52f598a9cea72e6df13fe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
RaPw6KnA68XxNY0wrhvam9LY8D1eqXdp
content-encoding
gzip
via
1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
date
Tue, 11 Oct 2022 17:04:19 GMT
x-amz-cf-pop
FRA6-C1
age
0
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 31 Aug 2022 18:38:15 GMT
server
AmazonS3
etag
W/"89433988af6d2092f3069374e44c8694"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
AiXE46GVIy3QWUZonJn5EEBec7NSkrTwNS6IHJvKqvlPbzQvDw-iwg==
truncated
/ 		817 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
gpc.min.js
ddrvjrfwnij7n.cloudfront.net/js/gpc/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ddrvjrfwnij7n.cloudfront.net/js/gpc/gpc.min.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%20Netherlands%20B.V.&ip=2001%3A1af8%3A4700%3Aa08a%3A4%3A%3A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-25.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a3c094f715a9c193a30aad95c8eb496fa0bd758b2fb192527f202f96d44b5dd3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 07:15:17 GMT
Via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
Last-Modified
Tue, 28 Sep 2021 17:12:35 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA6-C1
Age
35353
ETag
"0595aed5727019b05fd2c207a5b462bf"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5706
X-Amz-Cf-Id
Tb-HPuLeNYth5oUarGe5lFhrHEKSsLPTa-RfgcYxaC5YBuq-Ysf5Ag==
cardillac.woff2
www.bhg.com/font/ Frame A31F 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/font/cardillac.woff2?577-hash
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/style-8ae1c575963a0a6e7446-hash.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
8703aa3c2f9daecb069d5125aa27ca5b775b8e8f9aae226fcf5c13b228bbcef6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

Referer
https://www.bhg.com/dist/style-8ae1c575963a0a6e7446-hash.css
Origin
https://www.bhg.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
via
1.1 972475a90ca36cd44d9a9e3be6e1990e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:18 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
IAD55-P2
age
1412083
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
content-length
38296
x-served-by
cache-iad-kiad7000090-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 18:36:36 GMT
server
nginx
x-timer
S1665507858.443474,VS0,VE93
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
font/woff2
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
V62e0FOE1pRLxgovIE-n3eIy-EHuh7N1DfC4QTTpD-lhMIVogyVe_g==
x-cache-hits
0, 0
mbempire_bold.woff2
www.bhg.com/font/ Frame A31F 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/font/mbempire_bold.woff2?577-hash
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/style-8ae1c575963a0a6e7446-hash.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
b9ecfe8c19ae92c88710ac6974a052b6794950d544b6d7f8aa9ca092bfb342e8
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

Referer
https://www.bhg.com/dist/style-8ae1c575963a0a6e7446-hash.css
Origin
https://www.bhg.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
via
1.1 77dc0904034d14a129bafe4c9d954f08.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:18 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
IAD50-C2
age
1408940
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
content-length
20144
x-served-by
cache-iad-kjyo7100093-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 18:36:36 GMT
server
nginx
x-timer
S1665507858.443463,VS0,VE93
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
font/woff2
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
5M32qEvGn5UqYcYG68Y9sSZxpwrGdG-sqFOqTvYpkjZql1EwufyqrQ==
x-cache-hits
0, 0
mbempire_book.woff2
www.bhg.com/font/ Frame A31F 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/font/mbempire_book.woff2?577-hash
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/style-8ae1c575963a0a6e7446-hash.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
83f3e7c351858f2931bf8eece4a63dffd4763a86b8336ff6cadf6b792e2553df
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

Referer
https://www.bhg.com/dist/style-8ae1c575963a0a6e7446-hash.css
Origin
https://www.bhg.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
via
1.1 9ac471895811a7ff78c729bcc099e068.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:18 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
IAD55-P2
age
789263
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
content-length
20192
x-served-by
cache-iad-kiad7000078-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 18:36:36 GMT
server
nginx
x-timer
S1665507858.443395,VS0,VE93
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
font/woff2
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
Dd656jGwrHc4Ibzz89en4rjpBvfoEYSzg-hXdt09m_fmfNyA_q7NvQ==
x-cache-hits
0, 0
settings
cdn.segment.com/v1/projects/j3vsxnyLrmr4Q0LJHYdbrYIvmstsTPwv/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/j3vsxnyLrmr4Q0LJHYdbrYIvmstsTPwv/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/j3vsxnyLrmr4Q0LJHYdbrYIvmstsTPwv/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed2c2fc3f3625f2cad5f9040a8a1f5f6eb4b86a8957258648deb972b94179a02

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
GTApJSegQkCrye60oYrv0V43IoxlvQOl
content-encoding
gzip
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
date
Tue, 11 Oct 2022 16:38:54 GMT
x-amz-cf-pop
FRA6-C1
age
1672
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 27 Jul 2022 14:41:32 GMT
server
AmazonS3
etag
W/"b225949d571b307afb7a702b2db70575"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
lrNxhiMsY7Wfu0VxHfWgcC0SGrUP6b5qQJ3nus-IFDI5WmFn45RXNQ==
91469371-b862-4352-bde6-6d5e496dc719.json
cdn.cookielaw.org/consent/91469371-b862-4352-bde6-6d5e496dc719/ Frame A31F 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/91469371-b862-4352-bde6-6d5e496dc719/91469371-b862-4352-bde6-6d5e496dc719.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6e5fba4ffd34be6fc84e5c2d1c3cf130e725190e520620383e881f21f95b295
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Oct 2022 17:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ynkVxK59cPr4qSung/5Q/Q==
age
9778
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1633
x-ms-lease-status
unlocked
last-modified
Tue, 09 Aug 2022 17:10:37 GMT
server
cloudflare
etag
0x8DA7A2A14705194
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6f4c48ad-301e-015a-7a13-ac9832000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75892c93ca7c9b46-FRA
expires
Tue, 11 Oct 2022 21:04:18 GMT
202-9c632708491e11e99738-hash.js
www.bhg.com/dist/ Frame A31F 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/202-9c632708491e11e99738-hash.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
50828b57123b56e674aa31e2147099a05dad1cc6e3b7aaa641d4ab25daa19a41
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/account/quick-signup?modal=true&type=quick-signup&regsource=8kpg48&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=950714&originatingSource=sweepstakes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 866c2f8fa4f7f0fef980f137edf9736a.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:18 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
DFW55-C2
age
1204780
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kcgs7200148-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507859.528990,VS0,VE129
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
hFxLr_PxWslXwLsRTG6upYURGI_QSGhZ_3AGc2MYIG65s08CoQkc3w==
x-cache-hits
0, 0
8945-6f78e9c46660486f7f9b-hash.js
www.bhg.com/dist/ Frame A31F 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/8945-6f78e9c46660486f7f9b-hash.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
cf14352cd24776d3f99c38f13ab3536978863afa728577a44a10dce35cd5bae3
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/account/quick-signup?modal=true&type=quick-signup&regsource=8kpg48&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=950714&originatingSource=sweepstakes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 5443600a954c786f2e851cd6ea9e7e98.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:18 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
IAD55-P2
age
3166499
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kiad7000173-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507859.531864,VS0,VE90
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
nnbz9rIvNOdSKYfQNpeD8bR4DR8tNIx6r9JhsH5Ol2ApAnVGLA2sFg==
x-cache-hits
0, 0
940-b2dabc9aeaf74670859c-hash.js
www.bhg.com/dist/ Frame A31F 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/940-b2dabc9aeaf74670859c-hash.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
d3240c3136299e5b04c5f744652ef2751549913a4f3c1803873af75cd0a67d5e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/account/quick-signup?modal=true&type=quick-signup&regsource=8kpg48&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=950714&originatingSource=sweepstakes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 6d06c1cebf839017775983f86078f53a.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:18 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
IAD55-P2
age
3403913
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kiad7000168-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507859.532883,VS0,VE90
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
d29DzrO1qRzr0KQifJGk84V8AL62JkPixStHviJ9F73z2W3JwDphKQ==
x-cache-hits
0, 0
241-c9151caa14de321429aa-hash.js
www.bhg.com/dist/ Frame A31F 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/241-c9151caa14de321429aa-hash.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
85620f2bcc2cadcc272dc2c7f593cd78a0e83177f627c365aee01c8dc1dec808
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/account/quick-signup?modal=true&type=quick-signup&regsource=8kpg48&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=950714&originatingSource=sweepstakes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 94d91ef74fd7aa50877163a89eadc42c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:18 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
IAD55-P2
age
3645286
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kiad7000036-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507859.532851,VS0,VE95
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
Sift-Gs2nFzHUbRylEBueZztAzW4zXa2jjYeekDr-hMWMPi-94xSTQ==
x-cache-hits
0, 0
1083-64c8a2c822f85dc08c88-hash.js
www.bhg.com/dist/ Frame A31F 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/1083-64c8a2c822f85dc08c88-hash.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
41f4b9cc257e2f684f7f1dbbf55f936639854294e3e2bd456f07fb6943c5934c
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/account/quick-signup?modal=true&type=quick-signup&regsource=8kpg48&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=950714&originatingSource=sweepstakes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 77dc0904034d14a129bafe4c9d954f08.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:18 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
IAD50-C2
age
3948881
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kjyo7100104-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507859.534190,VS0,VE89
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
jf26Uxi5jMJpnyoTTIrtdZRnjD8GLpzRFTcnndJ7oLCWWxTwAKVviw==
x-cache-hits
0, 0
8011-485a50083b9e17d77880-hash.js
www.bhg.com/dist/ Frame A31F 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/8011-485a50083b9e17d77880-hash.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
87c9e23af51f0043a4591e9cebeb42c1250bf9a42826b27887e876e57eec2156
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/account/quick-signup?modal=true&type=quick-signup&regsource=8kpg48&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=950714&originatingSource=sweepstakes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 165ed32c12154887fba331169c8022ee.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:18 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
IAD50-C2
age
3481846
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kjyo7100028-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507859.535199,VS0,VE96
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
LkqoV7oRPZbHTMEHCa32Zlqi18ifCa6YyhC2unnqZBQvD4hs5LdI8Q==
x-cache-hits
0, 0
9663-080c8bc3e80a5a5db991-hash.js
www.bhg.com/dist/ Frame A31F 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/9663-080c8bc3e80a5a5db991-hash.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
7cd9b65444f3b3e659bebbf42d1803140cf54aa497ba2fa6a8fe311b58389c27
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/account/quick-signup?modal=true&type=quick-signup&regsource=8kpg48&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=950714&originatingSource=sweepstakes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 8665f9406bb78184b32be2ca021b358c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:18 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
DFW55-C2
age
1006675
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kcgs7200041-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507859.536473,VS0,VE124
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
zHfXLBqNzrpPiXPTDfzE95ok044uB-uImCfLjrRpsZXkbUwlExP4RA==
x-cache-hits
0, 0
2186-9a79533e85c301072bcf-hash.js
www.bhg.com/dist/ Frame A31F 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/2186-9a79533e85c301072bcf-hash.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
caed2f07f0582d35f00609d17579f030984814e190b0d463615a44a1ad7c1548
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/account/quick-signup?modal=true&type=quick-signup&regsource=8kpg48&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=950714&originatingSource=sweepstakes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 9f7949d33ad36c79bedae3c5172d64aa.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:18 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
DFW55-C2
age
1861198
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kcgs7200048-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507859.538841,VS0,VE126
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
TKLWtsNU0iaOvAVhyRf1TCreN98WBCEyjpdmlbT8ZqB5XpT5r3hxiA==
x-cache-hits
0, 0
2656-cb61351609f7a6dfa8b7-hash.js
www.bhg.com/dist/ Frame A31F 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/2656-cb61351609f7a6dfa8b7-hash.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
46feee2578892dbe463ee10c4cb6c55dbac8e8d6538929fdc84908504e1b642b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/account/quick-signup?modal=true&type=quick-signup&regsource=8kpg48&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=950714&originatingSource=sweepstakes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 6306947fb6ab60dc617ca2e025941652.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:18 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
IAD50-C2
age
1207829
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kjyo7100105-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507859.539374,VS0,VE88
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
SgxCaMlFK2twVgnVxQHyjtgxAc2kZb860F_QngvIKxF1boC5Ob5ojg==
x-cache-hits
0, 0
5952-fce9cfc83ff2a05e4b9e-hash.js
www.bhg.com/dist/ Frame A31F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bhg.com/dist/5952-fce9cfc83ff2a05e4b9e-hash.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/dist/main-8dcba99cb08b1a481f19-hash.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Element
Resource Hash
6655b121c76e377685630e72a696c1eabdea5b423ea801e70b66a72abc52ee23
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/account/quick-signup?modal=true&type=quick-signup&regsource=8kpg48&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=950714&originatingSource=sweepstakes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=86400; preload
content-encoding
gzip
via
1.1 4e5f2b8e9e0148e42635b902814767e4.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Tue, 11 Oct 2022 17:04:18 GMT
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop
IAD55-P2
age
3515330
x-powered-by
Element
x-cache
Hit from cloudfront, MISS, MISS
x-served-by
cache-iad-kiad7000052-IAD, cache-ams21052-AMS
last-modified
Thu, 07 Jul 2022 19:12:00 GMT
server
nginx
x-timer
S1665507859.539370,VS0,VE92
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7822/re.p"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=32140800
accept-ranges
bytes
x-amz-cf-id
mZiLEJahToFwUDqJ4c1RQg1oYLHVzL6ha1LhWV6OarwtkZvsdVxniA==
x-cache-hits
0, 0
settings
cdn.segment.com/v1/projects/j3vsxnyLrmr4Q0LJHYdbrYIvmstsTPwv/ Frame A31F 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/j3vsxnyLrmr4Q0LJHYdbrYIvmstsTPwv/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/j3vsxnyLrmr4Q0LJHYdbrYIvmstsTPwv/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed2c2fc3f3625f2cad5f9040a8a1f5f6eb4b86a8957258648deb972b94179a02

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
GTApJSegQkCrye60oYrv0V43IoxlvQOl
content-encoding
gzip
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
date
Tue, 11 Oct 2022 16:38:54 GMT
x-amz-cf-pop
FRA6-C1
age
1672
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 27 Jul 2022 14:41:32 GMT
server
AmazonS3
etag
W/"b225949d571b307afb7a702b2db70575"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
oI-iCy0HPyovZi9p0IfvRY5DA5Gdnj6SBplQmi8FH6pQ1GS7vdLEOQ==
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ Frame A31F 		156 B
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76d22dc3ab1e4f1d50106855f2c521d376684912d4f45e78f778f005692e9c10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.bhg.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 17:04:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
75892c94691a6939-FRA
access-control-allow-headers
Content-Type
rid
match.adsrvr.org/track/ 		63 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=184003
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
e284685f854989ba155dbc768cb1a4bcf7a11750cf8baab328c80477ae7d286a

Request headers

Referer
https://www.bhg.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 11 Oct 2022 17:04:18 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bhg.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Thu, 10 Nov 2022 17:04:18 GMT
identity
api.rlcdn.com/api/ 		44 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bhg.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 11 Oct 2022 17:04:18 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.bhg.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
id.sv.rkdms.com/identity/ 		2 B
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=MEREDITH&sv_domain=www.bhg.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.134.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-134-156.compute-1.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.bhg.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.bhg.com
date
Tue, 11 Oct 2022 17:04:18 GMT
access-control-allow-credentials
true
server
nginx/1.20.2
content-length
2
vary
Origin
content-type
application/json
p
api.segment.io/v1/ 		21 B
172 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/j3vsxnyLrmr4Q0LJHYdbrYIvmstsTPwv/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.200.57.101 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-200-57-101.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bhg.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bhg.com
date
Tue, 11 Oct 2022 17:04:19 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
t
api.segment.io/v1/ 		21 B
171 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/t
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/j3vsxnyLrmr4Q0LJHYdbrYIvmstsTPwv/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.200.57.101 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-200-57-101.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bhg.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bhg.com
date
Tue, 11 Oct 2022 17:04:19 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022100401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100401.js?cb=31070165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c3263bd785bbb492c628b1fb634381e15b6cf3736550abb32d8729d073be6b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 17:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11259
x-xss-protection
0
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.31.0/ Frame A31F 		334 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe4946db1f133c18e59bde7de4f6e87a50d288f85ec8440451b998e0f3f17e66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Oct 2022 17:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
D263R6OySncrpIc5uRH3nQ==
age
10278
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
80955
x-ms-lease-status
unlocked
last-modified
Fri, 11 Mar 2022 07:14:24 GMT
server
cloudflare
etag
0x8DA032EC5D12B02
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
87503e4e-701e-00d1-3b20-3565b9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75892c953d5190c7-FRA
en.json
cdn.cookielaw.org/consent/91469371-b862-4352-bde6-6d5e496dc719/52a372c4-5e1c-4c39-b548-e3685b3ed8b8/ Frame A31F 		174 KB
30 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/91469371-b862-4352-bde6-6d5e496dc719/52a372c4-5e1c-4c39-b548-e3685b3ed8b8/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cddeae87caa0b3fcff81714d4669b01ace6dcdaf0f53e2cb4509c2b1d25aacb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Oct 2022 17:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
vs+89dB+tmu52VXAfe0Dzg==
age
6189
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
30119
x-ms-lease-status
unlocked
last-modified
Tue, 09 Aug 2022 17:10:56 GMT
server
cloudflare
etag
0x8DA7A2A1FA95EFA
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7b83e766-c01e-0062-6913-ac9f3e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75892c957e7d9b46-FRA
expires
Tue, 11 Oct 2022 21:04:18 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100401.js?cb=31070165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 17:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 11 Oct 2022 17:04:18 GMT
bLayout-en.json
cdn.cookielaw.org/consent/91469371-b862-4352-bde6-6d5e496dc719/52a372c4-5e1c-4c39-b548-e3685b3ed8b8/ Frame A31F 		14 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/91469371-b862-4352-bde6-6d5e496dc719/52a372c4-5e1c-4c39-b548-e3685b3ed8b8/bLayout-en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7abefc15c8621677230c1134dd4a53f5fc40fae39ae83e6e09a4eec9e11a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Oct 2022 17:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1936
content-length
2946
x-ms-lease-status
unlocked
last-modified
Tue, 09 Aug 2022 17:10:59 GMT
server
cloudflare
etag
0x8DA7A2A21ACAFCE
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
a331f196-e01e-0090-1114-ac4daa000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75892c95ef609b46-FRA
expires
Tue, 11 Oct 2022 21:04:18 GMT
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.31.0/assets/ Frame A31F 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42da203fcc4325bd58c8c868e9213def8ca9b8d58e79d68e86c0fd8a5744e72d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Oct 2022 17:04:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
2HSefDmVwJneRQMu6SXIPw==
age
9209
x-ms-lease-status
unlocked
last-modified
Fri, 11 Mar 2022 07:14:31 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
ce1f2392-a01e-00fa-4107-491101000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
75892c95ef629b46-FRA
truncated
/ Frame A31F 		817 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
gpc.min.js
ddrvjrfwnij7n.cloudfront.net/js/gpc/ Frame A31F 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ddrvjrfwnij7n.cloudfront.net/js/gpc/gpc.min.js
Requested by
Host: www.bhg.com
URL: https://www.bhg.com/account/quick-signup?modal=true&type=quick-signup&regsource=8kpg48&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=950714&originatingSource=sweepstakes
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-25.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a3c094f715a9c193a30aad95c8eb496fa0bd758b2fb192527f202f96d44b5dd3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 07:15:17 GMT
Via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
Last-Modified
Tue, 28 Sep 2021 17:12:35 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA6-C1
Age
35353
ETag
"0595aed5727019b05fd2c207a5b462bf"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5706
X-Amz-Cf-Id
h4fBvP7Yvzmevn45VLStPy4UpEJP0RLjzPoHj99YeNfmkUYcMQXPlg==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2F3F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bhg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
637
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 11 Oct 2022 16:53:42 GMT
expires
Wed, 11 Oct 2023 16:53:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B97C 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
08e1df859354b7769bd1590133914c0d2a3472a00c8158e4c3ada0337a4457d0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vBXU_PhwiYEuoj8USYAX6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bhg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-vBXU_PhwiYEuoj8USYAX6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 11 Oct 2022 17:04:19 GMT
expires
Tue, 11 Oct 2022 17:04:19 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
headerstats
as-sec.casalemedia.com/ 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=830104&u=https%3A%2F%2Fwww.bhg.com%2Fsweepstakes%2Fentry%2Fpay-off-your-bills-25000-sweepstakes%2F950714%2F%3Fgclid%3D6f5599r7scic3e%26city%3D%26isp%3DLeaseWeb%2520Netherlands%2520B.V.%26ip%3D2001%253A1af8%253A4700%253Aa08a%253A4%253A%253A15%26geo%3DNL%26uclick%3D9r7sci%26uclickhash%3D9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bhg.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 17:04:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fIydonBeEeNRMlnowGRDOeR964OtC%2Bv8fe0jY9N9ef%2Fe1WYAZNZptJhM0ViaBKCOptom48T8M3u5XlLGzE3QBF57aFyVMiXuBtFNkqW1X1uYLiM11xx%2BxIvDHXI1Gg0rFwZXZU6DFx4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.bhg.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75892c96dfd99a11-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame B97C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022100401&jk=2007848760123048&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
YGBXjHGFrvOS8X60wpRSOm_fLYxf6hdhmLaY3J7KaRQ.js
pagead2.googlesyndication.com/bg/ Frame 2F3F 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YGBXjHGFrvOS8X60wpRSOm_fLYxf6hdhmLaY3J7KaRQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6060578c7185aef392f17eb4c294523a6fdf2d8c5fea176198b698dc9eca6914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 15:21:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6162
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16102
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Oct 2023 15:21:37 GMT
generate_204
tpc.googlesyndication.com/ Frame 2F3F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?4xwcRQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 17:04:19 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022100401&jk=2007848760123048&bg=!SEulSw_NAAYqRg79CkY7ACkAdvg8WtC9Mhnw2k13cu6eBCkdCrYqQF03OZN6ROMBK3BM4gTaJhhCSAIAAABgUgAAAAJoAQcKADTjXC3zD85wrKY0ste7uQQs10mvQZYYVMq7JB7pZrkVZx355Zo6d0RgiVytQ6pbBkusBhk4mQLQ98V3v08WwnkZTY9K9oTgm8BPC5SZ8O4rxH55275lAJ8bHvbg7fIekByEXYUwCa0g_XtLX1HQ9okmYu1i15JZteuJqyenmwO8VCaxGL5Hid-zMiDu1LeIv32DDxctIT5fcGGgQHlWFaSB7oVhljRBYnJXSJD3zrKNsunCPCtqHW-4odozI4JmLQNzmsJercsDChafPWHIKnCWi6m5wkO-FiskIARbcv62CBgn5rjQ4LfyadC22qeF5PXbu44XTi_bAkazaoVybu-Y22js-bRPcEu5zEJoCb3K1khhAaprMc0HdcAX28LRe8j81ijooc0fbiuetNkzgiXV3xyWh2-FeDuRCCFNtrpOX4xc7rgcdxqggT1RfqD8Vh_gmCyv9k4o0m41EXinFsO7GjyijV1wCVo0KI2PM3-o8Ayt-rbeP1sd0y1HfikXinFkI0ikmjdBDzBudhRPJ0EqjB9fpK7TOdFTfN83Rm5T8uVW0qtvtm6ELc5HixdNqn9qBMiqPbMzSbjcIbge6CS5YDhQxJA5m2sZXP7dKwqr3kyWpbM8FEax-4KAtdR9rapZl3df9Wgk1nTXBmh8ANtsRmjpSWf1vV_BRlL0P3xMUXBHsI11UG-9Y6Fq6FGU-wwzpnleq7MSR2wIhIkaSpRKd64TIN78l0b31Fs7MkauV82kWNTtPvAmPtiaYwPa822gkcyxrb1HLUrDGk3uPHJMRPr7dgrRg7zbcPO7AovDro2Ga35mThJK1Q-CbnKjqPvgJ-2Ix-tcBV_LUOUwos-xdB5iNTQm24TAyHiRBfmB8Ol6w5aU_Ru4EZ4pgC9qoa3zctAAw1Q3-wbsLeYYTbx9_LJ84YH2e9zMrcNfQi5hXvQCQW9iO5IAUGoXfMItJ4vN5eTN9FNcsFSZqwFZVcyvDIyKPl4mSVhtELwZUf6QYOfsnD9jPmQmCPZ-5keP4EzspD94p8GW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bhg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| linkElement object| mdp function| OptanonWrapper object| udl function| getQueryParam function| removeURLParameter function| setCookie function| loadKarma boolean| mdpKarmaNoAds object| karma object| analytics object| ELEMENT_CLIENT_CONFIG object| OneTrustStub object| ACPuzzleInfo object| _ACAjaxUtil object| webpackChunkbe_fe_bhg function| _ function| $ function| jQuery object| TimeInc function| EventManager object| globalTI object| googletag function| ga object| pbjs object| apstag object| karmaService string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData function| smCallback function| startSMSession object| _ACPuzzleUtil undefined| ACPuzzleCurrent function| ACPuzzleObject object| ACPuzzle object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| pbjsChunk object| _pbjsGlobals object| Optanon object| OneTrust function| processGoogleToken object| googleToken object| googleIMState number| google_unique_id object| gaGlobal boolean| apstagLOADED object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| local string| requestId string| version function| appendImage function| getBrowser function| checkHid function| decode function| encode function| storeLookup object| MUUID function| getCookie function| getDomain function| isJunk function| isUuid function| makeQueryString function| newUuid function| parseKv function| getData object| data string| pixelUrl object| headertag object| adServiceQ object| GoogleGcLKhOms object| google_image_requests

27 Cookies

Domain/Path Name / Value
lavandencial.info/ Name: uclick
Value: 9r7sci
lavandencial.info/ Name: uclickhash
Value: 9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
www.bhg.com/ Name: globalTI_SID
Value: 56f4c392-4c2c-4d45-85ed-b34758c3395c
www.bhg.com/ Name: muuid_date
Value: 1665507857755
www.bhg.com/ Name: first_request_id
Value: fa5560f8-a8f3-4dc8-82d9-a53d7fc405ef
www.bhg.com/ Name: muuid_origin
Value: bhg.com
.bhg.com/ Name: globalTI_SID
Value: 56f4c392-4c2c-4d45-85ed-b34758c3395c
.bhg.com/ Name: muuid_date
Value: 1665507857755
.bhg.com/ Name: last_request_id
Value:
.bhg.com/ Name: visit_ts
Value: 1665507857755
.bhg.com/ Name: previous_ts
Value:
.bhg.com/ Name: first_request_id
Value: fa5560f8-a8f3-4dc8-82d9-a53d7fc405ef
.bhg.com/ Name: pageview_count
Value: 1
.bhg.com/ Name: muuid_origin
Value: bhg.com
www.bhg.com/ Name: muuid_source
Value: SERVER
d9jj3mjthpub.cloudfront.net/ Name: cross_site_muuid
Value: 3f1ea074-2014-54b0-a4ab-86bfcd69e31a
www.bhg.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.bhg.com/ Name: last_request_id
Value: fa5560f8-a8f3-4dc8-82d9-a53d7fc405ef
www.bhg.com/ Name: request_id
Value: df4fc367-6175-495d-b3da-180954d051c3
www.bhg.com/ Name: previous_ts
Value: 1665507857755
www.bhg.com/ Name: visit_ts
Value: 1665507858521
www.bhg.com/ Name: pageview_count
Value: 2
www.bhg.com/ Name: initial_referer
Value: https://www.bhg.com/sweepstakes/entry/pay-off-your-bills-25000-sweepstakes/950714/?gclid=6f5599r7scic3e&city=&isp=LeaseWeb%2520Netherlands%2520B.V.&ip=2001%253A1af8%253A4700%253Aa08a%253A4%253A%253A15&geo=NL&uclick=9r7sci&uclickhash=9r7sci-9r7sci-8n-0-3y-8w-1n-1e96b1
.bhg.com/ Name: ajs_anonymous_id
Value: 004c01e2-16e5-4857-bb37-857a48871fbc
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.bhg.com/ Name: __gads
Value: ID=c3dccf3652d3288b:T=1665507858:S=ALNI_MaRDmH4LUS5dFmw11xUTnFxVc7doA
.bhg.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Tue+Oct+11+2022+17%3A04%3A18+GMT%2B0000+(GMT)&version=6.31.0&isIABGlobal=false&hosts=&consentId=6168d553-3087-4831-8628-f2b8ce341293&interactionCount=0&landingPath=NotLandingPage&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0&AwaitingReconsent=false

1 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

637267.directfvtfwr.com
669fc8285cb9705d5a4a0f6fc411f28d.safeframe.googlesyndication.com
adservice.google.com
api-secure.solvemedia.com
api.rlcdn.com
api.segment.io
as-sec.casalemedia.com
c.amazon-adsystem.com
cdn.cookielaw.org
cdn.segment.com
d30qdagvt44524.cloudfront.net
d9jj3mjthpub.cloudfront.net
ddrvjrfwnij7n.cloudfront.net
geolocation.onetrust.com
id.sv.rkdms.com
imagesvc.meredithcorp.io
js-sec.indexww.com
karma.mdpcdn.com
lavandencial.info
match.adsrvr.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bhg.com
www.google.com
104.18.19.126
108.138.17.103
151.101.130.137
2001:19f0:5001:32cc:5400:4ff:fe1b:542a
23.35.236.247
2600:9000:206f:3200:11:e0c9:84c0:21
2600:9000:223f:6400:d:2820:3bc0:93a1
2600:9000:2250:3400:19:bcbe:a700:21
2606:4700:4400::6812:2962
2606:4700::6810:9540
2a00:1450:4001:802::2002
2a00:1450:4001:808::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2004
2a06:98c1:3121::3
3.139.206.22
3.33.220.150
34.120.133.55
34.234.134.156
54.200.57.101
65.9.71.118
99.86.4.25
99.86.8.175
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08e1df859354b7769bd1590133914c0d2a3472a00c8158e4c3ada0337a4457d0
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
16530dee878b8175869b8a059aaf33be6509d9b74a0cd452728a2190621a0b41
1b111fa40c2ff9a17c7dd46cf304fd87d3d05fc8ffa4df3ccabbcdc4fdd1bbff
297f84c02c0c3fcfa96d86602382c5b87e89bfb385f113e0573673356e4fa437
2d1a8df4382a35430b429995a4162deef9d8bbb4db406b207546408c5fb87d5d
3a48ba6d11055a2a6f840befa14e603650d8ca3d752e16daccd828d3869fb791
41f4b9cc257e2f684f7f1dbbf55f936639854294e3e2bd456f07fb6943c5934c
42da203fcc4325bd58c8c868e9213def8ca9b8d58e79d68e86c0fd8a5744e72d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44dc69834c553ee139de5320d3c46dbf4fd8c33abf85023d5d3786f935ef927b
46feee2578892dbe463ee10c4cb6c55dbac8e8d6538929fdc84908504e1b642b
4897f11b3356880886fca7c4091cded15825ce2b56a01c7a842d261207247ae7
5016b4275552cfb0267070075e953263cd2619d016a664c11a0fb3b4226c822f
50828b57123b56e674aa31e2147099a05dad1cc6e3b7aaa641d4ab25daa19a41
52ffb8d3c732dad48d5e637a005ee74604fb2a44d4d7dfcca9a27de35d0d4add
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5800f312944709b8d8e2e638a4c64704be610892c2fd06e962ac74b222615e19
5c3263bd785bbb492c628b1fb634381e15b6cf3736550abb32d8729d073be6b0
6060578c7185aef392f17eb4c294523a6fdf2d8c5fea176198b698dc9eca6914
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6655b121c76e377685630e72a696c1eabdea5b423ea801e70b66a72abc52ee23
6d5aeb863142a8ddac2ae6d950ad4995d72ecb88e8657e7d9c505459dc930ba7
727b3ff0c716fa8e38788e3dab83691b06edf37ca523b826f9ef67700021516b
76d22dc3ab1e4f1d50106855f2c521d376684912d4f45e78f778f005692e9c10
7cd9b65444f3b3e659bebbf42d1803140cf54aa497ba2fa6a8fe311b58389c27
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f3e7c351858f2931bf8eece4a63dffd4763a86b8336ff6cadf6b792e2553df
8552107b3bd487a9f7c4c5c8f05b1de3e39aa1c494f52f598a9cea72e6df13fe
85620f2bcc2cadcc272dc2c7f593cd78a0e83177f627c365aee01c8dc1dec808
8703aa3c2f9daecb069d5125aa27ca5b775b8e8f9aae226fcf5c13b228bbcef6
87c9e23af51f0043a4591e9cebeb42c1250bf9a42826b27887e876e57eec2156
89af24a46f075d3025a9e900dc3b46ee2a0bd8579175b6d654be5845c7a71a3b
8ae758ad7e8d6b418ce464b759a091c249040b43be4dbe8a1e72ad5b833447fa
8b0a7d2e1cb999698b532334e4741152c51b64463673ea483325d0c35cb2c9f1
8cddeae87caa0b3fcff81714d4669b01ace6dcdaf0f53e2cb4509c2b1d25aacb
95dc3fe7bed6cc66d192c34a90ac7912453305c15c62634159227882d6656ddb
a0323725cfa542448c01f721ea9793f8a13798581a0b2f3e10aaf54294c5137e
a3c094f715a9c193a30aad95c8eb496fa0bd758b2fb192527f202f96d44b5dd3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
b9ecfe8c19ae92c88710ac6974a052b6794950d544b6d7f8aa9ca092bfb342e8
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
bbe5b074544008fe06a3ec0a222ad27f6d0f1ef200346d571e1ab3ab308fe910
bf3d9a2793f6b920835ae9182bb4cb553a44fae608292cb8befe765131cacf4b
c6e5fba4ffd34be6fc84e5c2d1c3cf130e725190e520620383e881f21f95b295
caed2f07f0582d35f00609d17579f030984814e190b0d463615a44a1ad7c1548
cd045860a5fb07229c504ce0971aa1c2894526fcd6004248e8345a17f9bbb9aa
ce8a771c5f4543058c1460c39b725cc69e3e623b808c50706343bedd8d3c710e
cf031522843e3523d021d29398938753073f278d6900da520752a9a6b265d071
cf14352cd24776d3f99c38f13ab3536978863afa728577a44a10dce35cd5bae3
d3240c3136299e5b04c5f744652ef2751549913a4f3c1803873af75cd0a67d5e
d3f7abefc15c8621677230c1134dd4a53f5fc40fae39ae83e6e09a4eec9e11a0
d9480eecc5fd5c197c2a0160694ebc49442aac32f8a2854cc4714cace7b4af8c
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
e284685f854989ba155dbc768cb1a4bcf7a11750cf8baab328c80477ae7d286a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44665f76cd04b4ed779022a79760cb6f5be7c4efa14149872322f0112b6702f
e775ba70a052bd4b7c633816a031dbf4311646957b5616ad5e08f8bfbfe0e69b
ed2c2fc3f3625f2cad5f9040a8a1f5f6eb4b86a8957258648deb972b94179a02
fe4946db1f133c18e59bde7de4f6e87a50d288f85ec8440451b998e0f3f17e66