Submitted URL: http://offer.widgetbear.com/
Effective URL: https://offer.widgetbear.com/
Submission: On May 23 via manual from US — Scanned from NL

Summary

This website contacted 21 IPs in 4 countries across 14 domains to perform 93 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is offer.widgetbear.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 13th 2022. Valid for: a year.
This is the only time offer.widgetbear.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
49 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:205... 16509 (AMAZON-02)
4 151.101.194.133 54113 (FASTLY)
2 34.96.102.137 396982 (GOOGLE-CL...)
4 2.16.186.160 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 172.217.16.198 15169 (GOOGLE)
2 2620:1ec:29:1... 8075 (MICROSOFT...)
1 3 2a00:1450:400... 15169 (GOOGLE)
2 151.101.66.133 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 38.154.122.135 55286 (SERVER-MANIA)
3 20.96.88.162 8075 (MICROSOFT...)
2 142.250.185.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
93 21
Apex Domain
Subdomains
Transfer
50 widgetbear.com
offer.widgetbear.com
434 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 952
k.clarity.ms — Cisco Umbrella Rank: 20329
c.clarity.ms — Cisco Umbrella Rank: 1495
23 KB
7 doubleclick.net
11293261.fls.doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
5 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 68
region1.analytics.google.com — Cisco Umbrella Rank: 3686
1 KB
6 klaviyo.com
static.klaviyo.com — Cisco Umbrella Rank: 2799
static-tracking.klaviyo.com — Cisco Umbrella Rank: 3506
39 KB
5 google.nl
www.google.nl — Cisco Umbrella Rank: 9529
841 B
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 715
101 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
223 KB
3 sendlane.com
sendlane.com — Cisco Umbrella Rank: 107661
track.sendlane.com — Cisco Umbrella Rank: 179660
23 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 174
20 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
21 KB
2 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4307
2 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 232
739 B
1 3dsintegrator.com
cdn.3dsintegrator.com — Cisco Umbrella Rank: 191482
6 KB
93 14
Domain Requested by
50 offer.widgetbear.com 1 redirects offer.widgetbear.com
5 www.google.nl offer.widgetbear.com
11293261.fls.doubleclick.net
4 www.google.com 1 redirects offer.widgetbear.com
4 analytics.tiktok.com offer.widgetbear.com
analytics.tiktok.com
4 static.klaviyo.com offer.widgetbear.com
static.klaviyo.com
3 k.clarity.ms www.clarity.ms
3 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
3 www.googletagmanager.com offer.widgetbear.com
www.googletagmanager.com
2 c.clarity.ms 1 redirects
2 www.googleadservices.com 11293261.fls.doubleclick.net
www.googleadservices.com
2 track.sendlane.com sendlane.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 static-tracking.klaviyo.com static.klaviyo.com
2 www.clarity.ms offer.widgetbear.com
www.clarity.ms
2 11293261.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 dev.visualwebsiteoptimizer.com offer.widgetbear.com
1 c.bing.com 1 redirects
1 region1.analytics.google.com www.googletagmanager.com
1 adservice.google.com 11293261.fls.doubleclick.net
1 cdn.3dsintegrator.com offer.widgetbear.com
1 sendlane.com offer.widgetbear.com
93 22

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-09-13 -
2023-09-13
a year crt.sh
*.sendlane.com
E1
2023-04-12 -
2023-07-11
3 months crt.sh
*.3dsintegrator.com
Amazon RSA 2048 M01
2023-02-01 -
2024-02-29
a year crt.sh
static.klaviyo.com
R3
2023-05-18 -
2023-08-16
3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2
2022-07-04 -
2023-08-05
a year crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1
2023-03-13 -
2024-04-12
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2022-12-01 -
2023-12-01
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh
static-tracking.klaviyo.com
R3
2023-03-27 -
2023-06-25
3 months crt.sh
www.google.com
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh
*.google.nl
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh
sltrack.cloudmanagementsuite.com
R3
2023-04-04 -
2023-07-03
3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06
2023-02-13 -
2024-02-08
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh
*.google.com
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh

This page contains 2 frames:

Primary Page: https://offer.widgetbear.com/
Frame ID: 9A0D32F6243D767162EBC602393B543E
Requests: 88 HTTP requests in this frame

Frame: https://11293261.fls.doubleclick.net/activityi;dc_pre=CPDGy4X2i_8CFROIsgodczUNMw;src=11293261;type=invmedia;cat=remar0;ord=8438219840593;gtm=45He35h0;auiddc=1328838875.1684861458;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Foffer.widgetbear.com%2F
Frame ID: 8FD6A2A4C26536D3391AAFAD51C3C875
Requests: 5 HTTP requests in this frame

Screenshot

Page Title

Widget Bear

Page URL History Show full URLs

  1. http://offer.widgetbear.com/ HTTP 301
    https://offer.widgetbear.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • klaviyo\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

93
Requests

98 %
HTTPS

61 %
IPv6

14
Domains

22
Subdomains

21
IPs

4
Countries

896 kB
Transfer

2013 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://offer.widgetbear.com/ HTTP 301
    https://offer.widgetbear.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://11293261.fls.doubleclick.net/activityi;src=11293261;type=invmedia;cat=remar0;ord=8438219840593;gtm=45He35h0;auiddc=1328838875.1684861458;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Foffer.widgetbear.com%2F HTTP 302
  • https://11293261.fls.doubleclick.net/activityi;dc_pre=CPDGy4X2i_8CFROIsgodczUNMw;src=11293261;type=invmedia;cat=remar0;ord=8438219840593;gtm=45He35h0;auiddc=1328838875.1684861458;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Foffer.widgetbear.com%2F
Request Chain 89
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/304317728/?random=391708092&cv=9&fst=1684861458434&num=1&npa=1&label=cehMCMPHroEDEKCKjpEB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11293261.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPDGy4X2i_8CFROIsgodczUNMw%3Bsrc%3D11293261%3Btype%3Dinvmedia%3Bcat%3Dremar0%3Bord%3D8438219840593%3Bgtm%3D45He35h0%3Bauiddc%3D1328838875.1684861458%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buam%3D%3Buamb%3D0%3Buap%3D%3Buapv%3D%3Buaw%3D0%3B~oref%3Dhttps%253A%252F%252Foffer.widgetbear.com%252F%3F&ref=https%3A%2F%2Foffer.widgetbear.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=EvJsZLa2HKaSxwKB7rz4CQ&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/304317728/?random=391708092&cv=9&fst=1684861458434&num=1&npa=1&label=cehMCMPHroEDEKCKjpEB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11293261.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPDGy4X2i_8CFROIsgodczUNMw%3Bsrc%3D11293261%3Btype%3Dinvmedia%3Bcat%3Dremar0%3Bord%3D8438219840593%3Bgtm%3D45He35h0%3Bauiddc%3D1328838875.1684861458%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buam%3D%3Buamb%3D0%3Buap%3D%3Buapv%3D%3Buaw%3D0%3B~oref%3Dhttps%253A%252F%252Foffer.widgetbear.com%252F%3F&ref=https%3A%2F%2Foffer.widgetbear.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=EvJsZLa2HKaSxwKB7rz4CQ&cid=CAQSKQBygQiD-MGZyeL31WXTL-pGkxHFiFkH8foI_x-JSCDGNVYmIRB1LsIR&random=130831005&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.nl/pagead/1p-conversion/304317728/?random=391708092&cv=9&fst=1684861458434&num=1&npa=1&label=cehMCMPHroEDEKCKjpEB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11293261.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPDGy4X2i_8CFROIsgodczUNMw%3Bsrc%3D11293261%3Btype%3Dinvmedia%3Bcat%3Dremar0%3Bord%3D8438219840593%3Bgtm%3D45He35h0%3Bauiddc%3D1328838875.1684861458%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buam%3D%3Buamb%3D0%3Buap%3D%3Buapv%3D%3Buaw%3D0%3B~oref%3Dhttps%253A%252F%252Foffer.widgetbear.com%252F%3F&ref=https%3A%2F%2Foffer.widgetbear.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=EvJsZLa2HKaSxwKB7rz4CQ&cid=CAQSKQBygQiD-MGZyeL31WXTL-pGkxHFiFkH8foI_x-JSCDGNVYmIRB1LsIR&random=130831005&resp=GooglemKTybQhCsO&ipr=y
Request Chain 90
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4D2E37F7DA054340BD9D3DF18E5DC83F&RedC=c.clarity.ms&MXFR=0E0C5B475580654225B1485D51806B1D HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4D2E37F7DA054340BD9D3DF18E5DC83F&MUID=2F5C112150296A65024C023B518A6B71

93 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
offer.widgetbear.com/
Redirect Chain
  • http://offer.widgetbear.com/
  • https://offer.widgetbear.com/
79 KB
18 KB
Document
General
Full URL
https://offer.widgetbear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98457f55394f010dba002ee611a2ea017cacfb2fbad4e592373ad814e1b4c348

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7cbee072aa35b7b5-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 23 May 2023 17:04:17 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S9T414RcT0YoJ%2FE9xWBJG%2FcBHVyqKoJ%2BVaw2NghCtMx53KY6oXZeNuC38Lmk66r%2BX%2Bh3XBJ4JM7jbMSvnmZi1xTyJKPByBtkYHNfaCjn1tylmQaBf1ULkoAnXb%2FREqeJnUH8MiLmenoF5AKwPR3hCyBFQw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding Accept-Encoding,User-Agent

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
7cbee07028deb8e4-AMS
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 23 May 2023 17:04:12 GMT
Location
https://offer.widgetbear.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=usGUMoiwA62n4g4Dv3qM0axLpGAtkEQnmbWSRHgE2%2BZi7eLG6cLBfN40CiwkZ5pAdVujVdg%2F1c%2BGSMbtptaiESZ70FFppD%2BHF4XTlCWBdINPDPCjFg85XV8u3i8ySZt5G7%2FUG19kGq%2FQ%2F0mys5SNdJUIWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
app-new.css
offer.widgetbear.com/app/desktop/css/
12 KB
3 KB
Stylesheet
General
Full URL
https://offer.widgetbear.com/app/desktop/css/app-new.css?v=1.1
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df5ebeb53aa8d99388829e8710449ccc803e5ea0bcefa439e621fdefa542d3a8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iv87FiHACw0h3lCMIi0DSpmoCWxWyBIycCuKZck7FT2jjfkAutPQneualFCo2IUFApXVYiFNLBU%2B3K9L%2BhqWRpf4JVTgHCvrZgNKlzKP1aFHZToSCJFaPIiBZ7qCeZEBG4me2PyWkez7fyRLZpgBnaOgmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language
en-us
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
cf-ray
7cbee08c5effb7b5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 22 May 2024 17:04:17 GMT
conbind-new.css
offer.widgetbear.com/app/desktop/index_assets/css/
31 KB
7 KB
Stylesheet
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/css/conbind-new.css
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2648181eb6c5c957b14d17a179437764f0777bc4d445daccd002a12470a0e40d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6v6tg69CKdNvkAJEfoLznEme%2FnucTCbLF0fr1q5DARJTZ6sLioFhdcM6YJm11keTMwKdpWr%2F4oXZ6iFufGoRSMYpIqVTriKo%2FOH3kz%2B2VwoFXQecCa2I%2BIupZLrdPFo6zE%2FdDlHqIbv6UUnAXioBZB6ggg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language
en-us
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
cf-ray
7cbee08c5f01b7b5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 22 May 2024 17:04:17 GMT
pusher.js
sendlane.com/scripts/
62 KB
21 KB
Script
General
Full URL
https://sendlane.com/scripts/pusher.js
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a706 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a43142d9a9f71d509babd7ff4e32cf67486489cd182c5f8cd01448dde005373
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Tue, 23 May 2023 00:41:23 GMT
server
cloudflare
etag
W/"f7b6-5fc51a5854c6b-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=30
cf-ray
7cbee08e4f620bc8-AMS
expires
Tue, 23 May 2023 17:04:47 GMT
logo.png
offer.widgetbear.com/app/desktop/index_assets/images/
2 KB
3 KB
Image
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/images/logo.png
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fe771dcd0b6ee7d728d2302baff0a8fbfcaa2f849a3f98a963df8c03db02560

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJGSXnqgy3CBiDVYvfLd1fvjfYC4XC98%2FrjKyUR069nxHrrmJO12Z%2B9euxcqZTqEwf0JaNGkFCn6GPwkSXaXlHdeiD81mzZ7e6E8Ti3TmQL0dZm7h48C28BgrM%2FJigB%2FaBImqW608oH90dsibdH1WWE4Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
7cbee08ddb7f0b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2375
expires
Wed, 22 May 2024 17:04:17 GMT
secure-seal.png
offer.widgetbear.com/app/desktop/index_assets/images/
4 KB
5 KB
Image
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/images/secure-seal.png
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
372accf9c0be754c3547a11739b2772d5a8f5528c0aa96aed2f5021e00fb8c49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtOiYkueuwq3FxVmYM6UECIVzh3vRkuEiClRXeeL%2FJhzMfO%2BTi1bOc%2B6XOu44sdXqpSZIjagRX0GjjL5HSpK83MVoM9K5ydDHjrBVnxK0TggKNw2kgG%2F7zX7JY%2B4wd%2FvIZTuwdzdVvGd8kmE%2B7HFp84i2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
7cbee08ddb820b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4345
expires
Wed, 22 May 2024 17:04:17 GMT
chk-bnr-prd.png
offer.widgetbear.com/app/desktop/index_assets/images/
20 KB
21 KB
Image
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/images/chk-bnr-prd.png
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db684c3d54b4d93f47c1b43d828c466b085ba639c5f96414149627e4febc9d36

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xCaIjB5vieBHUntqpWbzquS71cplm15qOXGCDf%2BwU0nwEKImDB1VTiIYm4BVySQQWSbS60KzVBWfnYLkiyLTZsuP2%2BafWZe9JIyfwm5jlefDz35QRsfhONz5RkYyv1YTNzHjEahBQear%2Fbro2IeflrFxVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
7cbee08ddb830b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20856
expires
Wed, 22 May 2024 17:04:17 GMT
mny-bk-seal.png
offer.widgetbear.com/app/desktop/index_assets/images/
6 KB
7 KB
Image
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/images/mny-bk-seal.png
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7364d0c1e0067d7ea2837e068c998428f7b2388b101a0cffc365137454ce50d9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBeVkpiOM9ly9ij58XI%2FeZtmi72aIIYX%2Flbf8APqQqHz0Uvc9DU%2F1fM2rZIEeq3%2BznDlHF%2B30x2Q7Ze1S55qqq6jgL5d3uD1fxbvmawP4tgTKpbtqY7bOru3GQr2qdNkC8%2BnPJQjc1V7%2FQv%2BVIv2HUztYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
7cbee08ddb840b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6625
expires
Wed, 22 May 2024 17:04:17 GMT
bnr-ico1.png
offer.widgetbear.com/app/desktop/index_assets/images/
2 KB
2 KB
Image
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/images/bnr-ico1.png
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269162fa1ad32e1ab068fa539fc47ffa6f678e9c5e2c81fe0941de379b7f95bc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RihfgGydeGsDoCgSn%2FPKPvx05A5zr0KPVDQyOJzR2kME9wnBJAbJ2MiTQoXr2pAHFLEAG%2BeLHdEknpVPHk87XY0fu8nN59QZr%2FXPqN%2BvVh90efH%2Fo%2FmL4xt%2BYPgOXViiYh1QDEH8jWbo%2BnyCi%2BzFf6t4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
7cbee08ddb860b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1999
expires
Wed, 22 May 2024 17:04:17 GMT
bnr-ico2.png
offer.widgetbear.com/app/desktop/index_assets/images/
3 KB
3 KB
Image
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/images/bnr-ico2.png
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ce60b539a405940c15b686d9aa3319a984d9f2bbe087fa48069d991208d66d0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pyWkZnBxrJkqnGeUwRV4nepAGwe2FqjXF714OtWCCkzCxORJWLkHZWJ5QkMKv8YpvG4vlk2itu6jDsVzIFoN2IEZEJTfzTYMabxLgNLCbVExG5%2FP37Wuk8mY9eVivagnPtmlO6vwObwYPK5gOb4%2Bmk%2Blsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
7cbee08ddb880b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2919
expires
Wed, 22 May 2024 17:04:17 GMT
bnr-ico3.png
offer.widgetbear.com/app/desktop/index_assets/images/
2 KB
2 KB
Image
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/images/bnr-ico3.png
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0eac34248591fa86706ba7b48dd08f456ccdad36673ff461b0e4fde9225aafd0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4D0FY2wMt%2FqUrc0GqwauOgHSJ86aiSNwwBI2ok8ipI3qtt1FZNbSsHx9QXrXfoMqnuScCXZArvLjVWuyIgE22B%2BTVnzBB8odyfyYthN%2FryxdgoMJZHQdMKzUguhBjsopooTlvneWLwb%2FlDKXg%2BRj9DD2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
7cbee08ddb890b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1590
expires
Wed, 22 May 2024 17:04:17 GMT
bnr-ico4.png
offer.widgetbear.com/app/desktop/index_assets/images/
2 KB
2 KB
Image
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/images/bnr-ico4.png
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b297e0306503b0a87182433fdc63561cb93957b1d613363e55ab66670cc7759

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
cf-cache-status
MISS
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZrWuCq8tQoZYIeXK1LqoK7GY7USZwMuLGJT1v3DHjBDiG08nIAklOjGLwgHxrSwly7EYLmeYuKMNi78%2FGnbUOFxDvo%2FA%2B4eBD54zAIiEFB4krMzCOGE6w%2FiffvHRMxYEGRYthf4DtXXPFTwnIOiMme53g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
7cbee08ddb8c0b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1905
expires
Wed, 22 May 2024 17:04:17 GMT
mob-bnr-bg.jpg
offer.widgetbear.com/app/desktop/index_assets/images/
42 KB
43 KB
Image
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/images/mob-bnr-bg.jpg
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8228f554504d6df8f277da1bee7c07ac73872214b55dca85f9d9e4c46eb6b68e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
cf-cache-status
MISS
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1y6Wd27Y%2BZ3ZNylnNXwP3ELPuv8dp5%2BpTYYFGWwBuZCuOLY2%2BfW5QfEYGh7XBBRw6dags2Ij5Xsa%2BzGk7VVOpxmGY1EKzNkIc70V83DJc2Ru0wscEO7VL41xV6rpBjM0b2ep0uZGCCu%2FnMURKmNH8WVuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
7cbee08ddb8e0b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43192
expires
Wed, 22 May 2024 17:04:17 GMT
secure-logo.png
offer.widgetbear.com/app/desktop/index_assets/images/
9 KB
10 KB
Image
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/images/secure-logo.png
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
155fc7909078c55acca64323937639c53d9a6188f394d92c2f78a8f14f8ddd3a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
cf-cache-status
MISS
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MjwoEZj%2FCtvmPfqu6IvfF2NH06alZiCJEm%2Bp80CzQpVy2TaOoyXgWbfihoMLKUmc3zo7SAH5S%2FueiuLe8EpLLgYFl6h0QBYEYwKPHdtsdLgbYpTIXjVIuRqsqAQF7fSqPoFytfjlkAtt2yug85%2FT94D9ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
7cbee08ddb8f0b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9645
expires
Wed, 22 May 2024 17:04:17 GMT
secure-logo-mob.png
offer.widgetbear.com/app/desktop/index_assets/images/
6 KB
7 KB
Image
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/images/secure-logo-mob.png
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3579657a6a302f8dee718238af3739ef1061d7960c43580a2f911a2fafce2670

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
cf-cache-status
MISS
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BeqrWAgL4ZWDL9622PbmcFLtVit%2BI75PCbl5YUXhLuo9%2B1Dl4WctCM7f%2Bga97Dk7L4PrPRkdRacDFGEfaJ2eLNMc%2FnFSniSi4mquZEDHcI73flFfTlXekYTpajclpVmdJjl53X9qN1cEf%2F7FlLziypjr7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
7cbee08ddb910b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6391
expires
Wed, 22 May 2024 17:04:17 GMT
product.png
offer.widgetbear.com/app/desktop/index_assets/images/
4 KB
5 KB
Image
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/images/product.png
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaff68a7cc6f0d88ecdf2feb359d682113222d0fdcf8be7a88abb55a53fcaabe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
cf-cache-status
MISS
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDbx40O3OcK0JV6OBhdYR6fbX6gfgVUKBM8i29chWviu6xfw902FaLXkEfKzzzJqu2YecSKKeFxWV%2FrpjClfD5EZ5%2FnJAMd8Dab99F0P5esA6xEy4IsPgLP4QHu0w%2BKva3WIZSyzWI61EJ89qt3bQQwKQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
7cbee08ddb930b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4114
expires
Wed, 22 May 2024 17:04:17 GMT
star.png
offer.widgetbear.com/app/desktop/index_assets/images/
2 KB
3 KB
Image
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/images/star.png
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f161154014f7bfac68386cf1d5daf64e5739f7012e863dc79e281bc83c9a0e6e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
cf-cache-status
MISS
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nz3e9FeIQ5cbmxL3Y6QsbyNhhGieVByfJ8g6sG6fCnMHIMinZxgClJHNKqBvk4g3Uyich%2BVFazQ1I6RZnktVCAfuZ6KqAty%2BIb6b6oU1jhaF1tI0v%2FVoYQdnIs6r1X2k8UxtgXtOweQYJVqYFW60YwtRFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
7cbee08ddb940b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2127
expires
Wed, 22 May 2024 17:04:17 GMT
save-arw.png
offer.widgetbear.com/app/desktop/index_assets/images/
198 B
724 B
Image
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/images/save-arw.png
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35dc9d578a04c534b953bf74fdc3f6b0582e752696fc18ab0c22ee1a08bfc8e2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQ8wvBVbApYxs6VgFS8gnvcJl5mivLmOBn%2F3Sj5QYdF1emKy6N%2FjgsODcyL6dVqqN2kClRSQ6XonEn4i3h93CQgOd951nU4YiZATW19RpeD8cuOG1fv2%2FUwBc9XDyH8IVXoTGqVi94POTPWp9PjEwONsWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
7cbee08ddb950b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
198
expires
Wed, 22 May 2024 17:04:17 GMT
chk-m-seal.png
offer.widgetbear.com/app/desktop/index_assets/images/
7 KB
7 KB
Image
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/images/chk-m-seal.png
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd95fe809be782dee9b3f6639fd28f134c54f92ec4e3e48b20cac12def745f25

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
cf-cache-status
MISS
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTSJh8A0VIa4OXMwrUdUGKlNka5crQTDbGoT%2B7xwuBcJsEcEdi0XypAykq58NeyuRiDQrTYLzmeM71UsrgihNoVFsq79yWDAErkM4GEmZNJX8HurxpjhQZZPBEQYzXbxrT9%2F7yAfsaIe28xjL9U18Lj8Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
7cbee08ddb970b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7022
expires
Wed, 22 May 2024 17:04:17 GMT
postal-logo.png
offer.widgetbear.com/app/desktop/index_assets/images/
2 KB
3 KB
Image
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/images/postal-logo.png
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aebdecf46e9ac47095eb0ccafad88d54d8b7a241ca7dda0207ad42401525ed9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
cf-cache-status
MISS
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7CJfeyDJ8h%2BUu8SzS9anfRu%2BTL6fghVHlzOtuhCjwHaMJAQCP65hQgakiPEwZapgBCm6DTyR9edikLyoI98nXrWkXy8rmvepR0fd5lj5kKnVxL2xcsuiNEhBH%2FbI5TElccZtKc3FjP2jqEP%2BsGXWixhgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
7cbee08ddb980b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2305
expires
Wed, 22 May 2024 17:04:17 GMT
card-ax.png
offer.widgetbear.com/app/desktop/images/
4 KB
5 KB
Image
General
Full URL
https://offer.widgetbear.com/app/desktop/images/card-ax.png
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f126ba6ccd97b2a467357bfcd11e54510ff47dbb893cd41f572d0bef67b9f474

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
cf-cache-status
MISS
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=duWRn1vCJN%2BElba3%2FNtKQ3UXs3B8hwmtllXZpn9EQ5e0m6tgztWfH0U76C%2FM135vWiEphNlOxBgpTBxa%2BTCkAswwggkv%2B%2FnoFCAChp8KTmoG%2BaBZMyg3MlsgxmIz5RpKetJVBnqIrLG673snTKatKj4pGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
7cbee08ddb990b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4505
expires
Wed, 22 May 2024 17:04:17 GMT
safecheckout-logo-new.png
offer.widgetbear.com/app/desktop/index_assets/images/
12 KB
13 KB
Image
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/images/safecheckout-logo-new.png
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7fccf52249461fe70c1b23178660fdaab440976059b1d100ace4a3f51b968b4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pekODJC7SqB38rjzQbFgqn8H%2B1MRweEeZjzJG%2BY4FQQbcb8IIW22UWrmFsJN9Fcggenz2OQv0ZKcKM3hOpA9McOCvnZohBeXlNfrA7zzm6tUARb4Wc0JW7Cq07o847ZYisGygmbkjsVjnVS8LjTn7S946g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
7cbee08ddb9c0b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12718
expires
Wed, 22 May 2024 17:04:17 GMT
star-rvw.png
offer.widgetbear.com/app/desktop/index_assets/images/
700 B
1 KB
Image
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/images/star-rvw.png
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1cc984877281f6dc160103a1fa42e40bfd7ae5545e191da773e9b811fbcb31c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
cf-cache-status
MISS
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQoOG5lfPwv%2FHsXOmZZnWOL4bH%2FFegPos3Koru%2BdeTltZd6cfUtK0ScqAgMkeF8g0%2FH8UNGVKVE1QAVFQskPruFs7AX%2By1jrojsFZQziMJGLOGexw9ZmNCM%2FRzcPNyRAVoQ4YOAh49YVVKtmnXAWnvVvQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
7cbee08ddb9e0b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
700
expires
Wed, 22 May 2024 17:04:17 GMT
t-img1.jpg
offer.widgetbear.com/app/desktop/index_assets/images/
8 KB
9 KB
Image
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/images/t-img1.jpg
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
716a3ecb12708507f887715e2908ba6b6d4239563937ae6ae15ff41ff896e2c3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
cf-cache-status
MISS
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2J%2F2T9GgrpohS0Gh8g%2FcRDk%2BtbHQSHNhhL3TyrfALr84LpzVEWFY9KuQzdgOHldoQcn0yEXTtMX9fBavD2CIZEF0x5zaETMRB%2BZyU3oihC35ge7aZpeKjj4HsrdO3nw2TQzdTCuuqCPka3DZDmd5S2pdLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
7cbee08ddba10b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8437
expires
Wed, 22 May 2024 17:04:17 GMT
t-man1.png
offer.widgetbear.com/app/desktop/index_assets/images/
4 KB
5 KB
Image
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/images/t-man1.png
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcf9bafd6b1d8c3ed3cefdb29e790aa507a1394499da679d9596546e00df030f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ouWJFXYExrTkdT%2BMTL%2BfQGyaOqSNsKQ4ZCuALUchbsLdOaaGA5tqiS%2FQ2meMDBjIKqp5iPGPycqS%2FMbJ86j549fp9kCr65bCaZZCbOZLJtBQO4g4Qobp9DPvEqiNol71ONs8u7irYEC09VldqIorSEwl5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
7cbee08ddba50b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4181
expires
Wed, 22 May 2024 17:04:17 GMT
t-img3.jpg
offer.widgetbear.com/app/desktop/index_assets/images/
13 KB
14 KB
Image
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/images/t-img3.jpg
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8249002e8ea57bcdde8320e38420c9103e65a9519a3885a482bf11036d1c8851

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:18 GMT
cf-cache-status
MISS
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hlymzGyE0r7oaEhVqVo2Q%2FbDvQ2YxxDCbo%2Ffn%2F3h7%2FDU%2FNa53gieeTNV1MRSqfGt8%2F9SMZ%2Fns7I9zL1y%2FVPdmO2SguZu2xH0xrS4%2FL3AorlzqBNm5px32fEGmB%2FxNzTtPsffqtcne39SKOg0qyWRDUELhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
7cbee08ddba80b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13419
expires
Wed, 22 May 2024 17:04:18 GMT
t-man2.png
offer.widgetbear.com/app/desktop/index_assets/images/
4 KB
4 KB
Image
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/images/t-man2.png
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d97dcef78d5055c5b984beabacd47f55a282c75f3df14d7b65a1200984825130

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
cf-cache-status
MISS
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VDR9DQ2R1CAeIckaS7iAwfAvRIuz0KvzpsG4QWbhUwws5HaDSl%2B%2FkLo%2F1Ex1TPtYgR5WZLpTME6GD8tMsSkOGDQoYmd%2BEKzrDtNeO0kdZxkYaoI5JqpNDEdpHY0cgPtsBKHJSjE6bTcr17cmsXRjHTGlEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
7cbee08ddbab0b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3989
expires
Wed, 22 May 2024 17:04:17 GMT
t-img2.jpg
offer.widgetbear.com/app/desktop/index_assets/images/
9 KB
9 KB
Image
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/images/t-img2.jpg
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e2870b0f859e4a836b14b371120dfa3676a2fab05e48c8c0529031dd2de5e6d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:18 GMT
cf-cache-status
MISS
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BsO8Fw9uBOjcWiyaD%2FyMdoHPK8GYS9F9RuJiLljy450ry33QdiUw0vR4Y2pLUyftSo78KMxs7vgUy0o3vT6WpkXNoZMEf%2B3IZZiksgR6xU11sYdlaJMVXEDuDONmestUfHHIKwW7aOrW2vW8tzEpJTmL4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
7cbee08ddbaf0b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9067
expires
Wed, 22 May 2024 17:04:18 GMT
t-man3.png
offer.widgetbear.com/app/desktop/index_assets/images/
4 KB
4 KB
Image
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/images/t-man3.png
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c29489f9bef7f3d03220223a42129549a77703a280c74941e6ae261dfd25ff1e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxreuISBT54r8KFAST7XZfDfa3WcoiIl97ZQORpwGilO8rBkFWcOF3UxyRGj7jPHe%2Bbvp7CKfob34gsllX0%2FVO1hXEPTiMWB6kXENCJ2CZEIzfeukob%2B4UFKiOlkpZj1LkdNHnoE5sdzBZ2n5HrsGRE8pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
7cbee08ddbb00b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3905
expires
Wed, 22 May 2024 17:04:17 GMT
prod-watch.png
offer.widgetbear.com/app/desktop/index_assets/images/
34 KB
34 KB
Image
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/images/prod-watch.png
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a6cb3020ac1c99335eef53ef2de17b150a2114d17e187fd41501ffd7d3cc90

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
cf-cache-status
MISS
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJq3zqpN76BJdueXNydyegugPHhJgSQI732QenH008OdfQtKulCgddWmXY%2FphomFfco5sSCV21bSYOsq0%2F3d6KC9FSKLmvualLO8BVIz01zGns6EUXYTEdPdQVxHdmbcsfBSOz47sedZGNLZYrKSrXMMRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
7cbee08ddbb30b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34588
expires
Wed, 22 May 2024 17:04:17 GMT
threeds.min.2.1.0.js
cdn.3dsintegrator.com/
29 KB
6 KB
Script
General
Full URL
https://cdn.3dsintegrator.com/threeds.min.2.1.0.js
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7600:a:3d5:af40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
PAAY CDN /
Resource Hash
2635076aeb9f9cb720712567f90f2f39f70f792a59a910bbe0bafc6ed15adbe5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
br
via
1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
date
Mon, 22 May 2023 22:22:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA6-C1
age
67286
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 08 Sep 2021 13:11:54 GMT
server
PAAY CDN
etag
W/"e07b4787ca9393ad1319a91a40cadf55"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
public, max-age=604800, immutable
x-amz-cf-id
xf2ic524VfRVlC7KTkGAaEC_3l_Ai3KX_IhUsTmGimaKH8sAM4VA7g==
promise.min.js
offer.widgetbear.com/assets/js/
2 KB
2 KB
Script
General
Full URL
https://offer.widgetbear.com/assets/js/promise.min.js
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd6f215cb3909ac889cca094c0e80e82b50f7b9a49e8c8fad2aacee610ba8c13

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Feb 2023 08:11:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9FpgEHczajrNriFjGSu3gk%2B1rVLn90lm8k8w1BfZ%2FSFZWWZJI3%2BH1uh7lyp%2F61UX0grmPvl7IWAbgX7%2BQxwzZWb1b%2FK8zle0mz9JNP%2F%2Bym1tDf7QRpYYW7MOP374QzF5TQPpus1wYoZhxM0u3pFT9Le5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language
en-us
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
7cbee08dcb560b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 22 May 2024 17:04:01 GMT
jquery.min.js
offer.widgetbear.com/assets/js/
81 KB
30 KB
Script
General
Full URL
https://offer.widgetbear.com/assets/js/jquery.min.js
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df3a60b75e9fd4cd88883724d28748f77b91b8aeb9cbbaa0d775faeed51a50e4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Feb 2023 08:11:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MEIFAoGzpxY2fTmOimBZTC6pdjMzd2Y0fKXIMYdNnu%2FYpLsRGV3xCQJF5G6lOf5f76pcCSBogpIJOoSSs1Ba4x1Ax6vQKU1xD497p6KJ4vMMnVGHjwZILaaDtHdMpqjGciSsdNQYF%2FLfhAKf3ai%2Ft5PEhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language
en-us
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
7cbee08dcb590b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 22 May 2024 17:04:01 GMT
jquery.mask.min.js
offer.widgetbear.com/assets/js/
6 KB
3 KB
Script
General
Full URL
https://offer.widgetbear.com/assets/js/jquery.mask.min.js
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1b9a05b09dfdbda80e5a007582d94069a582da1ea93452f77230e85fb1197b5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Feb 2023 08:11:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgtnoaTpjj6bD6Pjjt%2Bxa2HSaABjsGtJVo0N5k%2B0A5pdxPE31XKk%2BQEUgY7ETkEBlD9QIrGdwDtHNaXQDl%2FxxG1mZG5gvCix%2FUpAxgxXDFVNas190GsYU2jnMhgRov35r6s%2ByHc%2FfwjcG5agwgz7JhwG%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language
en-us
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
7cbee08ddb680b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 22 May 2024 17:04:02 GMT
validator.js
offer.widgetbear.com/assets/js/
5 KB
2 KB
Script
General
Full URL
https://offer.widgetbear.com/assets/js/validator.js
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbb8abe41740092dc71e3376f825336759f062760481c60d95f921c833f27a8f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Feb 2023 08:11:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMWuYFSdo%2FpLpsEYbWQ6rAZmnnPy41DgNpOlDXHQcxQFHn3NYpfPIH8UZxM4Os3MapRoFosmPsP4nNFnNwQtD7%2BA7HKyqiz4cZEN27FXoNUhbZ2jrLLQGmzLVU0bN%2FWfITRt7UKe6MsEgdH9VBVTTpp54w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language
en-us
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
7cbee08ddb6d0b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 22 May 2024 17:04:02 GMT
codebase.js
offer.widgetbear.com/assets/js/
26 KB
5 KB
Script
General
Full URL
https://offer.widgetbear.com/assets/js/codebase.js
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d21d61f81b252719547ffc3db5099ba4101c57079daa9da0a130eb1486a34a2c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Feb 2023 08:11:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MduyohFEA0DkdU4bFSNFg7YoJW6ZHyUQzwEf%2BANamskQOo0%2BhUUAe4Fa1WoBq0hcE%2Frt1uljCivAeR036utuBubFFw18XxMU%2FXkLwgeyZD6AS7AjHLC7OfDKoHvMjPGIZ9J2vS2bIIx1WSaeaRLdM8NXUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language
en-us
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
7cbee08ddb6e0b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 22 May 2024 17:04:03 GMT
form_handler.js
offer.widgetbear.com/assets/js/
25 KB
5 KB
Script
General
Full URL
https://offer.widgetbear.com/assets/js/form_handler.js
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9917ec2c7b7d9fe59452c4bf39ca1d333cb7f35ed5c49260fa8b8b3de23f95dd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Feb 2023 08:11:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n67jixRtVONWp4fXf2cB8luJGOYbQRJNp9Dk9ZD2k5LSwOoITTLe7MXfhoLh4V5BLcnw3uA2xUzGj6EaWa2XPhshhN0NLIJFsbfvM9QxRXOqgDb8ovbhiacWXFBCTcYCuI0ct%2FxY1Pzl0Bvw%2FEZABzQ68w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language
en-us
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
7cbee08ddb6f0b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 22 May 2024 17:04:04 GMT
app.js
offer.widgetbear.com/assets/js/
12 KB
4 KB
Script
General
Full URL
https://offer.widgetbear.com/assets/js/app.js
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee87b33f2961363db212bf9d5817026b9aa7d7d86304b593e84e0dd38e533afc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Feb 2023 08:11:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kDL8lk14fa5N%2BM5eTcTK74Pl1Ar0OX%2Fm65RHmkVq9eD46SMLQwDaqpPqpwCJmdF2W4S%2Fm9ItRzji29pnLzJlprZhYZNlmQ%2BrwIJ23v9RGnK3N%2BtZxDpGuGZdllMPjnRBSGJgZmOG%2BRlL8qyudv4dENlLQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language
en-us
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
7cbee08ddb720b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 22 May 2024 17:04:04 GMT
outro.js
offer.widgetbear.com/assets/js/
4 KB
2 KB
Script
General
Full URL
https://offer.widgetbear.com/assets/js/outro.js
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
717c1e30a97c59911b5c41462d952f0cc70536a09878e57cd50ea6c3dbcd4b01

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Feb 2023 08:11:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGHJf40o9RzTufS1Rd5XkRmGiP3cAyZgHR0RXAhwDzfITl965%2Faup406AJYequG5arZcFUrlrIJPr9kqSS%2BTlXd6duQpkiB7x6We2vgxgd1cIdSAJpbTfFBv%2F2jDHhA2TGQ0kCAY4k34%2FFlgXNCl5AbbPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language
en-us
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
7cbee08ddb740b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 22 May 2024 17:04:05 GMT
cb-util-pkg.js
offer.widgetbear.com/extensions/CbUtilityPackage/js/
402 B
753 B
Script
General
Full URL
https://offer.widgetbear.com/extensions/CbUtilityPackage/js/cb-util-pkg.js
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34bdbc24a32f7d11b673e014b46efef065e5fbc7d3c83ba8a75386fa71c3fdbd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 23 Feb 2022 09:07:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4O0IUMBNvPyUGXPjbdI%2FRS%2Bz%2FhAfImXP8G5aqPRi7Ren5VzHKqztGKPdpzUFOzD5n3szvXkKAi5yZyAh8cDys0ehJBz8q3jKQtMDAuwPzd2ci%2FaIkAnx2w2Ftur%2B7i%2BFnysUZutEy4EmxSb%2BTwo8QZcWcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language
en-us
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
7cbee08ddb780b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 22 May 2024 17:04:00 GMT
paay-call.js
offer.widgetbear.com/extensions/Paay_3DS/js/
43 KB
7 KB
Script
General
Full URL
https://offer.widgetbear.com/extensions/Paay_3DS/js/paay-call.js
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17333cbe5a58e0eb4e8d5f4e8bdb8ff471472b0e5faf1d89051d9bbb553c247a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Jan 2022 08:59:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddO1eYIAV%2BQ5S2v9pAh9jghnIS2l28uOs9Fev%2BwsqnJLLEDoHUUBtom1N67h2i0EzPDR58KsPNjzjachLkF1%2BcspQFwn3ouKzR%2BAqnq2ARRYnFxp1kdatSn4z36OuNoPi6oBvJnLeSozaRqah6laurIy5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language
en-us
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
7cbee08ddb7b0b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 22 May 2024 17:04:01 GMT
klaviyo.js
static.klaviyo.com/onsite/js/
2 KB
1 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=TXR3H9
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b47e5a632d6c17772f1167eff5359bc764e0b58d779ed84c5c1033a804a85843

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
649
content-security-policy-report-only
script-src 'strict-dynamic' 'unsafe-eval'; object-src 'none'; base-uri 'none'; frame-ancestors 'self'
x-cache
HIT, HIT
content-length
921
x-served-by
cache-lga21934-LGA, cache-ewr18153-EWR
server
nginx
x-timer
S1684861458.838317,VS0,VE1
etag
W/"367afaca5eef75e01f5c7ceba3490620"
allow
GET, OPTIONS
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=1, stale-while-revalidate=10800
access-control-allow-credentials
true
vary
Accept-Encoding
x-resp-is-stale
true
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
3, 1
jquery.psgTimer.js
offer.widgetbear.com/app/desktop/index_assets/js/
11 KB
3 KB
Script
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/js/jquery.psgTimer.js
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e08ffbb2a56d12f38290642e7cb05a2ddd697c3d43196c02eacb02fdbfc97eb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cexH0A2gN6E09aSyWfY%2BuuMnYNPlJn4H39ii4HMANDqIe7CNZnAoARhMarfUOu8taoa7sSh1TD%2BN0PprgPM83eEREi2vHIGNBGUec6JMvIy37cbu3r8ryTHJdk11Yk0DtDlMs%2FftCFoNPleEjlUKCV9OOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language
en-us
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
7cbee08ddb7d0b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 22 May 2024 17:04:02 GMT
j.php
dev.visualwebsiteoptimizer.com/
3 KB
1 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=574024&u=https%3A%2F%2Foffer.widgetbear.com%2F&f=1&r=0.2473367818021701
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
17f8e487ae998148d80fdbed51f4a408c8f7b5a93580a51c2dd0bb7a2f86ec93

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
content-encoding
gzip
via
1.1 google
server
gams1
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, no-cache, must-revalidate
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
events.js
analytics.tiktok.com/i18n/pixel/
5 KB
2 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7PHLHJ9OPOOJ4K3V6VG&lib=ttq
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-160.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cb4507b85ddaa0d594dea3fb5884d9a68877e15ce24f24107ff2526126db4377

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-request-id
4d88ee97.29da7926
date
Tue, 23 May 2023 17:04:17 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-186-156.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
x-parent-response-time
93,2.16.186.156
server-timing
cdn-cache; desc=MISS, edge; dur=82, origin; dur=12, inner; dur=2
content-length
1568
pragma
no-cache
server
nginx
x-tt-logid
20230523170417FE256167E592BF04FB98
x-cache-remote
TCP_MISS from a184-28-190-199.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
12,184.28.190.199
x-tt-trace-host
016ce3768a4b2ac30b2a5429ccdc5682b49257f53c08a4210dc90511274215408b3599f82122973f170b5b827742cd24c63fc4ad24322a417afa852af618c589d8444cfe3a126d711039a1ae9fa95852c85cc8ab9ab2af340fd602d5bb183fa4e45ab5f18705f2ca27ddeb201f1c40b202
expires
Tue, 23 May 2023 17:04:17 GMT
gtm.js
www.googletagmanager.com/
183 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NFM5CFL
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9b7bb64351d3ca3dae3248936c4978940a9780bc76a9309e31ab1afa38a73a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68888
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:10:04 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 May 2023 17:04:17 GMT
bnr-bg.jpg
offer.widgetbear.com/app/desktop/index_assets/images/
34 KB
34 KB
Image
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/images/bnr-bg.jpg
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/app/desktop/index_assets/css/conbind-new.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f8ac4ff4cdf03786837923fbf3fba5bcbeef242dd87bc053e468e914e6d0074

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/app/desktop/index_assets/css/conbind-new.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:18 GMT
cf-cache-status
MISS
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BWxaZjczO%2FeHfGWpmInf%2BccoHqLEGpMdtlmBwWxKtuane4H22viE%2BmFZgrxLux%2BTjhSBeX9AYWl6%2BTikLH0Atn9RN2xQELawC11rXlhD3SPUMfkmOaJzafYHfUe2DAiE6PaEDgIORUlHRBfgE9N1sRYXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
7cbee08ddbb90b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34620
expires
Wed, 22 May 2024 17:04:18 GMT
top_chk.png
offer.widgetbear.com/app/desktop/index_assets/images/
1 KB
2 KB
Image
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/images/top_chk.png
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/app/desktop/index_assets/css/conbind-new.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79fcb3c14a2cc79a8d22cf0a0f655efa63fbba9423f99ade97f65ddfc4820619

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/app/desktop/index_assets/css/conbind-new.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
cf-cache-status
MISS
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U05Jj2M61g1%2BQtnX0lLkG1aSsVeLcnYR%2BjYU1qSeZe1L%2Bb5ovIm2YYpz%2FDy6FrUyfEY7zNGryGA%2F8Hf20HQLrnvFOxXOBiCspvXknEMHDaUYtOQ7diXkv9vRjYy%2B6OVCB73HVVPMeIuNNwBDGxAlaFR2LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
7cbee08ddbba0b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1181
expires
Wed, 22 May 2024 17:04:17 GMT
dwn-arw.png
offer.widgetbear.com/app/desktop/index_assets/images/
1 KB
2 KB
Image
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/images/dwn-arw.png
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/app/desktop/index_assets/css/conbind-new.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df6a09f5b159cead9eb1f23702c0ca1fbe22beb863852b1a10e776fa49945976

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/app/desktop/index_assets/css/conbind-new.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qADUSS0aEEse34rrdcVDYPA1nyy2RHElIycNXYZNf9VjKk8ebGKbg%2FpcmOsyQrMLVJz6pFBpd7p8QwLsZVP0oxvinIsa4khFlUdL6osjJNtpOMcM9KkGvnyV1dqB%2FrBo4ZOrSOErhGUP9jVgnOKy92vuUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
7cbee08ddbbd0b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1097
expires
Wed, 22 May 2024 17:04:17 GMT
ProximaNova-Bold.woff2
offer.widgetbear.com/app/desktop/index_assets/fonts/
30 KB
31 KB
Font
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/fonts/ProximaNova-Bold.woff2
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/app/desktop/index_assets/css/conbind-new.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da6bdb6316644c202097988feb3746f04c422cb2c2c94f42c493b9862cb7c7cb

Request headers

Referer
https://offer.widgetbear.com/app/desktop/index_assets/css/conbind-new.css
Origin
https://offer.widgetbear.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
cf-cache-status
MISS
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lan2ZqsJQ41lcN4YBbtMJ6L7katmOu%2B2WeENO2FOyF%2BwcaHBTSab1YDypVZ9htmJqQdP66zSGB8TY4bwksu2HPt9VJsjX6dJ%2BE5IrNfHeco44vBRgliKLIbbD0ojkL88wjN%2Bc6WH4ReT9YnKDe%2BgIzmIpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7cbee08ddbbf0b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30820
ProximaNova-Regular.woff2
offer.widgetbear.com/app/desktop/index_assets/fonts/
30 KB
31 KB
Font
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/fonts/ProximaNova-Regular.woff2
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/app/desktop/index_assets/css/conbind-new.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7d5f5ddbcc47ab313cfc7c9930c31050c4b7bfbeefe013fc5ec1ce0cab5b008

Request headers

Referer
https://offer.widgetbear.com/app/desktop/index_assets/css/conbind-new.css
Origin
https://offer.widgetbear.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
cf-cache-status
MISS
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3kBpUWcSyZkaUVz4Mi1TVxiWYHWpHFFbh3UwZNR028hXpyDjL5hTwaeJr3h7bxhMRQail%2BjI4Y0l23JTMIL%2B975bHXPXbFnIXcNUhC2f61EDAYha0m2QXkf%2F%2F2hSyQKIMcTogRGbFvG7rnMhcElV795Og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7cbee08ddbc10b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31104
ProximaNova-Semibold.woff2
offer.widgetbear.com/app/desktop/index_assets/fonts/
18 KB
19 KB
Font
General
Full URL
https://offer.widgetbear.com/app/desktop/index_assets/fonts/ProximaNova-Semibold.woff2
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/app/desktop/index_assets/css/conbind-new.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
862880ea59c2ff0c0b61329fa4483d5a52c7bbc5ee3a9952195708071dd8984e

Request headers

Referer
https://offer.widgetbear.com/app/desktop/index_assets/css/conbind-new.css
Origin
https://offer.widgetbear.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 10 May 2023 08:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eqUa18Z2Gmtu9SYfUnqCTrklBVaOpelbL458F5qbph9uGA1xaYBWREVCfz65BQUNwlfwYfNW%2FAvD%2Bf04MedfcUyM5OYMWFVm54f1TqsI1aEhAhaZNe6IAJgVWBWreiQ%2FT7z734uD76Rez0JlNb0aU6GAAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7cbee08ddbc30b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18492
v.gif
dev.visualwebsiteoptimizer.com/
35 B
214 B
Image
General
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=574024&d=offer.widgetbear.com&u=D1953ECFA221C8F5B62197CFB423E41F6&h=3959b69e39c53548dcf93cfe9172952c&t=false&r=0.11506564642543649
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv3c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 17:04:16 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv3c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
analytics.js
www.google-analytics.com/
51 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NFM5CFL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 23 May 2023 15:04:56 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
7161
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Tue, 23 May 2023 17:04:56 GMT
activityi;dc_pre=CPDGy4X2i_8CFROIsgodczUNMw;src=11293261;type=invmedia;cat=remar0;ord=8438219840593;gtm=45He35h0;auiddc=1328838875.1684861458;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=htt...
11293261.fls.doubleclick.net/ Frame 8FD6
Redirect Chain
  • https://11293261.fls.doubleclick.net/activityi;src=11293261;type=invmedia;cat=remar0;ord=8438219840593;gtm=45He35h0;auiddc=1328838875.1684861458;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=...
  • https://11293261.fls.doubleclick.net/activityi;dc_pre=CPDGy4X2i_8CFROIsgodczUNMw;src=11293261;type=invmedia;cat=remar0;ord=8438219840593;gtm=45He35h0;auiddc=1328838875.1684861458;uaa=;uab=;uafvl=;u...
1 KB
834 B
Document
General
Full URL
https://11293261.fls.doubleclick.net/activityi;dc_pre=CPDGy4X2i_8CFROIsgodczUNMw;src=11293261;type=invmedia;cat=remar0;ord=8438219840593;gtm=45He35h0;auiddc=1328838875.1684861458;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Foffer.widgetbear.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NFM5CFL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f6.1e100.net
Software
cafe /
Resource Hash
31f879e79cd78066b9a48c057d4237e1ce1449840cf794e4509623834e8537d4
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offer.widgetbear.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
495
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 May 2023 17:04:18 GMT
expires
Tue, 23 May 2023 17:04:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 May 2023 17:04:17 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://11293261.fls.doubleclick.net/activityi;dc_pre=CPDGy4X2i_8CFROIsgodczUNMw;src=11293261;type=invmedia;cat=remar0;ord=8438219840593;gtm=45He35h0;auiddc=1328838875.1684861458;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Foffer.widgetbear.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/
189 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11038834407
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NFM5CFL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
066b2cd615d7c1119303bc05830d12fc15eebcbfa5079baa2b4276d56ad96a61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69182
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:10:04 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 May 2023 17:04:17 GMT
fa16dhjog3
www.clarity.ms/tag/
1 KB
2 KB
Script
General
Full URL
https://www.clarity.ms/tag/fa16dhjog3?ref=gtm2
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ba1fdb18175e44af8acde480f3f1d24d3ed9ca386ed34fb1a4fe9542abdf11c7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

request-context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
date
Tue, 23 May 2023 17:04:17 GMT
x-azure-ref
0EfJsZAAAAAAyJGU2pON9QoPqx8RRPwPfRlJBMjMxMDUwNDE5MDUzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
1213
expires
-1
main.MWI2MzlmMWJmMA.js
analytics.tiktok.com/i18n/pixel/static/
242 KB
67 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7PHLHJ9OPOOJ4K3V6VG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-160.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9b3a955ac158e9fbedea40a6d9494a44669dee5d1bbb18895e1b211244f8f16e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-request-id
29da7991
date
Tue, 23 May 2023 17:04:17 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202305150500307C6C08F603A58E596636
vary
Accept-Encoding
x-cache
TCP_HIT from a2-16-186-156.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01c22becb7fdba348502839a39144ba12a19df45868f8ad5f74f7156c1b52a52a8a85c0e09c6715b70717ecc795c4c42672cae3684642049d8e77084d8c80671543d7dc9dcb5dfb169620e56c928c3c105d5f26fbb39064dc356c62ac0009f8144
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
68097
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11038834407/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11038834407/?random=1684861457858&cv=11&fst=1684861457858&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.widgetbear.com%2F&hn=www.googleadservices.com&frm=0&tiba=Widget%20Bear&auid=1328838875.1684861458&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11038834407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d3859f9f2cc119def21a95084393955eb429cb95a2f005167cf899a65bdc00c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 17:04:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1308
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
identify_738b3.js
analytics.tiktok.com/i18n/pixel/static/
114 KB
31 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_738b3.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-160.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-request-id
29da79e2
date
Tue, 23 May 2023 17:04:17 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202305081131209EE4E4461B405EC59708
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-16-186-156.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
010232dbbb044b88326ddfd8b44c43690d14a372f8cb217b7b3369f69becb61393c0885dd8e2321985026494b19da91393848720d4ccab4c79c24420dea8a0f1d763d82c187c8c5de254db2a9b6c1d8b7d0677f084d38255c8e5db303ba8a3c1f1
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length
30644
pixel
analytics.tiktok.com/api/v2/
0
694 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-160.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://offer.widgetbear.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
a68eba76.29da7a09
date
Tue, 23 May 2023 17:04:18 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-186-156.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
x-parent-response-time
124,2.16.186.156
server-timing
cdn-cache; desc=MISS, edge; dur=93, origin; dur=36, inner; dur=34
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202305231704180952C37F98AB2BFFD054
x-cache-remote
TCP_MISS from a23-220-105-91.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48589741) (-)
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
36,23.220.105.91
x-tt-trace-host
016ce3768a4b2ac30b2a5429ccdc5682b47ff423db7a441434825f9154e0f996700c76bfeeb384a901e528d887bee4044d73e0fb02d08eb3d01784cafafe2f57b3aabc1dd94d4756b33c23a8748cef1bb773fae7f4acfe5d055cde9947323726272f5de02b4df8cf2792ba888480058de5
expires
Tue, 23 May 2023 17:04:18 GMT
collect
www.google-analytics.com/j/
4 B
212 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=986341034&t=pageview&_s=1&dl=https%3A%2F%2Foffer.widgetbear.com%2F&ul=en-us&de=UTF-8&dt=Widget%20Bear&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAAI~&jid=733650837&gjid=105100078&cid=874194767.1684861458&tid=UA-195791296-1&_gid=1535768159.1684861458&_r=1&_slc=1&gtm=45He35h0n81NFM5CFL&z=102450158
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://offer.widgetbear.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 May 2023 17:04:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offer.widgetbear.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
fender_analytics.23194ba60b06f2efa3bc.js
static-tracking.klaviyo.com/onsite/js/
28 KB
11 KB
Script
General
Full URL
https://static-tracking.klaviyo.com/onsite/js/fender_analytics.23194ba60b06f2efa3bc.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=TXR3H9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
048452cd583bfd33f45594e1dd0d118ace4e4965bd239497e60a4a40785ab8fb

Request headers

Referer
https://offer.widgetbear.com/
Origin
https://offer.widgetbear.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
7b2H0bg2BN6z_23QGHWyFZO1fWD8HCj3
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 23 May 2023 17:04:18 GMT
x-amz-request-id
686422QB6P3GJ9CB
age
697
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
10897
x-amz-id-2
i/LmBG5/8AiY1cNajcvzsvPJSU19rEVxcH0tGkyvo71JbJeKBu5sRABL34St+XnvcXtB7xJZum4=
x-served-by
cache-lga21924-LGA, cache-ewr18123-EWR
last-modified
Mon, 27 Mar 2023 20:35:38 GMT
server
AmazonS3
etag
"92e411307e5423f1ac52a47687d78a3a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
57, 46
static.7040eccfb11ebc1531fa.js
static-tracking.klaviyo.com/onsite/js/
2 KB
1 KB
Script
General
Full URL
https://static-tracking.klaviyo.com/onsite/js/static.7040eccfb11ebc1531fa.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=TXR3H9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b67937e196ca4f5d300b5770862dc94f450015e8e21508e8108590dd1786e66

Request headers

Referer
https://offer.widgetbear.com/
Origin
https://offer.widgetbear.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
R6NxKKoeX.cIyjWGvjcRigXw2f5deMd5
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 23 May 2023 17:04:18 GMT
x-amz-request-id
686AN6R28RQDC3NF
age
696
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
979
x-amz-id-2
9zX6bZg7aav+9zmc6W5hm9o2JlbwIcXAp/Cw1InLnNWbDsDFUzAnJuzRtIYN56hPtzqOsYzlHvw=
x-served-by
cache-lga21957-LGA, cache-ewr18123-EWR
last-modified
Mon, 27 Mar 2023 20:35:38 GMT
server
AmazonS3
etag
"0c759341e54d6115279ccd042a294daf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
58, 43
runtime.d9cb00e39e8feac91d2e.js
static.klaviyo.com/onsite/js/
19 KB
8 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/runtime.d9cb00e39e8feac91d2e.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=TXR3H9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24bd9dc265298a8a9640ebc495b7bc9f9433947ba542490941735a911cb1c74e

Request headers

Referer
https://offer.widgetbear.com/
Origin
https://offer.widgetbear.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
GYn6L15808yOp6uH90j0ya8cXqCN73IO
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 23 May 2023 17:04:18 GMT
x-amz-request-id
A413ZPBKFM28VXGX
age
696
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
8070
x-amz-id-2
oyBtVCSDOG1SDWqi/HPp/7GdQ6mquWCRNhC41NoJiQwxD/u117vR18Be2aTdX24WPEXpHC29lF8=
x-served-by
cache-lga21971-LGA, cache-ewr18182-EWR
last-modified
Tue, 02 May 2023 14:43:05 GMT
server
AmazonS3
etag
"97ed719153faec2a3310ad3f2e3c6003"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
32, 54
sharedUtils.545afc238f7fa31ca92c.js
static.klaviyo.com/onsite/js/
40 KB
16 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/sharedUtils.545afc238f7fa31ca92c.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=TXR3H9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f9b2c18e955e566d4add27121d26c1a8758b65cbbe9510401c6de2335ce6da1

Request headers

Referer
https://offer.widgetbear.com/
Origin
https://offer.widgetbear.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
BX4ftgjhRBviwmUL1W79sCdRsgnCjgVw
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 23 May 2023 17:04:18 GMT
x-amz-request-id
J1ZZKCJB3FXH8M5B
age
68
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
15804
x-amz-id-2
J0l67QkoQNJO/WxhOCzoOfUxoujYZjYILUhMx+L7SdEf/KTGB8YIbFbiz3JnmIbws5WabGcOBb4=
x-served-by
cache-lga13625-LGA, cache-ewr18182-EWR
last-modified
Mon, 01 May 2023 18:25:16 GMT
server
AmazonS3
etag
"4da2a148d0dfd3b9953996993ce14e6b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
1, 55
clarity.js
www.clarity.ms/s/0.7.8/
57 KB
20 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.8/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/fa16dhjog3?ref=gtm2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:17 GMT
content-encoding
br
last-modified
Mon, 22 May 2023 19:56:45 GMT
x-azure-ref-originshield
03UxsZAAAAABvGgxugKKqTpMw87oTU4pQRlJBMjMxMDUwNDE4MDExADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag
"0x8DB5AFEAC12A9CC"
x-azure-ref
0EvJsZAAAAACHg/uKGjiPRaOOUnBvgfJqRlJBMjMxMDUwNDE5MDUzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
5a8b02e0-801e-0048-7d24-8d33ec000000
cache-control
public, max-age=86400
x-ms-version
2018-03-28
accept-ranges
bytes
collect
stats.g.doubleclick.net/j/
4 B
352 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-195791296-1&cid=874194767.1684861458&jid=733650837&gjid=105100078&_gid=1535768159.1684861458&_u=YGBACEAABAAAACAAI~&z=492631393
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://offer.widgetbear.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 23 May 2023 17:04:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offer.widgetbear.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/11038834407/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/11038834407/?random=1684861457858&cv=11&fst=1684861200000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.widgetbear.com%2F&frm=0&tiba=Widget%20Bear&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4113693386&rmt_tld=0&ipr=y
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 17:04:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/11038834407/
42 B
455 B
Image
General
Full URL
https://www.google.nl/pagead/1p-user-list/11038834407/?random=1684861457858&cv=11&fst=1684861200000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.widgetbear.com%2F&frm=0&tiba=Widget%20Bear&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4113693386&rmt_tld=1&ipr=y
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 17:04:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
262 KB
87 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3GBK2G477X&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NFM5CFL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cf3e9e6130f6536f8a17445f3de815da98c30c18444984eb01e88bd79e92003a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89250
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 May 2023 17:04:18 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11038834407/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11038834407/?random=1684861458087&cv=11&fst=1684861458087&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.widgetbear.com%2F&hn=www.googleadservices.com&frm=0&tiba=Widget%20Bear&auid=1328838875.1684861458&uamb=0&uaw=0&data=event%3DClarity%3BeventCategory%3DClarity%3BeventAction%3D1xrdold%3BnonInteraction%3Dtrue%3Bclaritydimension%3Dhttps%3A%2F%2Fclarity.microsoft.com%2Fga%2Ffa16dhjog3%2F10jy2tw%2F1xrdold&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11038834407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5ef63f18af0253a3e2e2626b59a1de31a467b6f8e8765e9b2ccaa85e3d3ec81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 17:04:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1389
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
track.sendlane.com/track/
0
726 B
Script
General
Full URL
https://track.sendlane.com/track/event?cacheBust=40488191733&uri=https%3A%2F%2Foffer.widgetbear.com%2F&event_id=Zym9FMnwnsxPW
Requested by
Host: sendlane.com
URL: https://sendlane.com/scripts/pusher.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.154.122.135 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 23 May 2023 17:04:18 GMT
Cache-Control
no-cache, private, max-age=2592000
X-RateLimit-Limit
60
Server
Apache
Connection
close
X-RateLimit-Remaining
58
Expires
Thu, 22 Jun 2023 17:04:18 GMT
event
track.sendlane.com/track/
0
726 B
Script
General
Full URL
https://track.sendlane.com/track/event?cacheBust=1435014711382&uri=https%3A%2F%2Foffer.widgetbear.com%2F&event_id=rdkmCvprIatwI
Requested by
Host: sendlane.com
URL: https://sendlane.com/scripts/pusher.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.154.122.135 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 23 May 2023 17:04:18 GMT
Cache-Control
no-cache, private, max-age=2592000
X-RateLimit-Limit
60
Server
Apache
Connection
close
X-RateLimit-Remaining
59
Expires
Thu, 22 Jun 2023 17:04:18 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-195791296-1&cid=874194767.1684861458&jid=733650837&_u=YGBACEAABAAAACAAI~&z=388772120
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 17:04:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/
42 B
107 B
Image
General
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-195791296-1&cid=874194767.1684861458&jid=733650837&_u=YGBACEAABAAAACAAI~&z=388772120
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 17:04:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
k.clarity.ms/
0
300 B
XHR
General
Full URL
https://k.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://offer.widgetbear.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://offer.widgetbear.com
Date
Tue, 23 May 2023 17:04:18 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
conversion.js
www.googleadservices.com/pagead/ Frame 8FD6
48 KB
18 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: 11293261.fls.doubleclick.net
URL: https://11293261.fls.doubleclick.net/activityi;dc_pre=CPDGy4X2i_8CFROIsgodczUNMw;src=11293261;type=invmedia;cat=remar0;ord=8438219840593;gtm=45He35h0;auiddc=1328838875.1684861458;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Foffer.widgetbear.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
74e3d02421a7753c30f52691f521b82ed2485c5b98bf53d62ed6ceef38e73da0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://11293261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18124
x-xss-protection
0
server
cafe
etag
1252024406824803242
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 23 May 2023 17:04:18 GMT
dc_pre=CPDGy4X2i_8CFROIsgodczUNMw;src=11293261;type=invmedia;cat=remar0;ord=8438219840593;gtm=45He35h0;auiddc=*;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Foffer.widgetbear.co...
adservice.google.com/ddm/fls/z/ Frame 8FD6
42 B
401 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPDGy4X2i_8CFROIsgodczUNMw;src=11293261;type=invmedia;cat=remar0;ord=8438219840593;gtm=45He35h0;auiddc=*;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Foffer.widgetbear.com%2F
Requested by
Host: 11293261.fls.doubleclick.net
URL: https://11293261.fls.doubleclick.net/activityi;dc_pre=CPDGy4X2i_8CFROIsgodczUNMw;src=11293261;type=invmedia;cat=remar0;ord=8438219840593;gtm=45He35h0;auiddc=1328838875.1684861458;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Foffer.widgetbear.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://11293261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 17:04:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/11038834407/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/11038834407/?random=1684861458087&cv=11&fst=1684861200000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.widgetbear.com%2F&frm=0&tiba=Widget%20Bear&data=event%3DClarity%3BeventCategory%3DClarity%3BeventAction%3D1xrdold%3BnonInteraction%3Dtrue%3Bclaritydimension%3Dhttps%3A%2F%2Fclarity.microsoft.com%2Fga%2Ffa16dhjog3%2F10jy2tw%2F1xrdold&fmt=3&is_vtc=1&random=2448378322&rmt_tld=0&ipr=y
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 17:04:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/11038834407/
42 B
108 B
Image
General
Full URL
https://www.google.nl/pagead/1p-user-list/11038834407/?random=1684861458087&cv=11&fst=1684861200000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.widgetbear.com%2F&frm=0&tiba=Widget%20Bear&data=event%3DClarity%3BeventCategory%3DClarity%3BeventAction%3D1xrdold%3BnonInteraction%3Dtrue%3Bclaritydimension%3Dhttps%3A%2F%2Fclarity.microsoft.com%2Fga%2Ffa16dhjog3%2F10jy2tw%2F1xrdold&fmt=3&is_vtc=1&random=2448378322&rmt_tld=1&ipr=y
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 17:04:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
klaviyo.js
static.klaviyo.com/onsite/js/
2 KB
1019 B
Other
General
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=TXR3H9
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b47e5a632d6c17772f1167eff5359bc764e0b58d779ed84c5c1033a804a85843

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:18 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
649
content-security-policy-report-only
script-src 'strict-dynamic' 'unsafe-eval'; object-src 'none'; base-uri 'none'; frame-ancestors 'self'
x-cache
HIT, HIT
content-length
921
x-served-by
cache-lga21934-LGA, cache-ewr18153-EWR
server
nginx
x-timer
S1684861458.243696,VS0,VE0
etag
W/"367afaca5eef75e01f5c7ceba3490620"
allow
GET, OPTIONS
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=1, stale-while-revalidate=10800
access-control-allow-credentials
true
vary
Accept-Encoding
x-resp-is-stale
true
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
3, 3
paay.css
offer.widgetbear.com/extensions/Paay_3DS/css/
1 KB
976 B
Stylesheet
General
Full URL
https://offer.widgetbear.com/extensions/Paay_3DS/css/paay.css
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/assets/js/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38bf43980a23e071de296b9a99b2aa91123035aa167da3aa90260e195c3b3b4a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:04:18 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 12 Jul 2019 08:27:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fole1eeRerP3HxLwCduWpDOsNyfoh%2FUXYymcoseoRPyfD5eZArPfcAWCuOPAUH%2FrmrxHoGdN4%2BWb1bNQzivbp0uOSyBXWK4j6TLYbfDE1HTBbzo%2BKCBgeG8Px8SiM24rrLw2YdZGbJeTjglF50rW9c1eog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language
en-us
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
cf-ray
7cbee091da890b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 22 May 2024 17:04:18 GMT
fire-import-click
offer.widgetbear.com/ajax.php/extensions/connectservice/
63 B
586 B
XHR
General
Full URL
https://offer.widgetbear.com/ajax.php/extensions/connectservice/fire-import-click
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/assets/js/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5e218367eb650d42866c5d5f8cfc795ec7a276fa6880c788ac05e8894ed0a15

Request headers

Accept
*/*
Referer
https://offer.widgetbear.com/
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 17:04:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qq4UCP2315csV8RgnlkpEG6qrMYNS5To9hWISEnu6Qwy0%2BdNyljBbOubAaBG47AIc7sNNEUSfwSAtXGY9E0QHj77kmo3w%2FD8faqGQAh8903euGVBSPw5hcOyspEGakGCzvtLnlwvT%2B8uoZxtF4AKfB2e7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, max-age=0, no-cache, no-store, must-revalidate
cf-ray
7cbee091ea8e0b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 11 Jan 1984 05:00:00 GMT
collect
region1.analytics.google.com/g/
0
248 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-3GBK2G477X&gtm=45je35h0&_p=986341034&_gaz=1&cid=874194767.1684861458&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1684861458&sct=1&seg=0&dl=https%3A%2F%2Foffer.widgetbear.com%2F&dt=Widget%20Bear&en=Clarity&_fv=1&_ss=1&_ee=1&ep.eventCategory=Clarity&ep.eventAction=1xrdold&ep.nonInteraction=true&ep.claritydimension=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Ffa16dhjog3%2F10jy2tw%2F1xrdold
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3GBK2G477X&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 17:04:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offer.widgetbear.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
56 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3GBK2G477X&cid=874194767.1684861458&gtm=45je35h0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3GBK2G477X&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 17:04:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offer.widgetbear.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/
42 B
107 B
Image
General
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3GBK2G477X&cid=874194767.1684861458&gtm=45je35h0&aip=1&z=2094417769
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 17:04:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
set-ga-client-id
offer.widgetbear.com/ajax.php/
13 B
543 B
XHR
General
Full URL
https://offer.widgetbear.com/ajax.php/set-ga-client-id
Requested by
Host: offer.widgetbear.com
URL: https://offer.widgetbear.com/assets/js/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0604567db1b7fc7ae5e4386e243433e0b1f9571b6a33d3778b156f8f5ceaa7aa

Request headers

Accept
*/*
Referer
https://offer.widgetbear.com/
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 23 May 2023 17:04:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DW4lpeojsAZXwtpAeKa8TCG5iCMW6P%2FX%2FChqlfAKu%2Fhi%2Bx167183AjPf%2Bxmpz%2Fdyl%2FISYhJjlZwT0bnoWcLKXT9RFwV5JOYpJQKQmf0c2MkfrCnhC6rR2r%2Flm89BbWtoQi%2F5BSY6w18Q0H5gguwq24Nn3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, max-age=0, no-cache, no-store, must-revalidate
cf-ray
7cbee0924b490b48-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13
expires
Wed, 11 Jan 1984 05:00:00 GMT
collect
k.clarity.ms/
0
300 B
XHR
General
Full URL
https://k.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://offer.widgetbear.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://offer.widgetbear.com
Date
Tue, 23 May 2023 17:04:18 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
/
www.googleadservices.com/pagead/conversion/304317728/ Frame 8FD6
3 KB
2 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/304317728/?random=1684861458434&cv=9&fst=1684861458434&num=1&npa=1&label=cehMCMPHroEDEKCKjpEB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11293261.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPDGy4X2i_8CFROIsgodczUNMw%3Bsrc%3D11293261%3Btype%3Dinvmedia%3Bcat%3Dremar0%3Bord%3D8438219840593%3Bgtm%3D45He35h0%3Bauiddc%3D1328838875.1684861458%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buam%3D%3Buamb%3D0%3Buap%3D%3Buapv%3D%3Buaw%3D0%3B~oref%3Dhttps%253A%252F%252Foffer.widgetbear.com%252F%3F&ref=https%3A%2F%2Foffer.widgetbear.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
1606c98ce30d0c4149c42ea9f427c7728bd1cfcbea8a2a16353c7bca15c4eb29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://11293261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 17:04:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1546
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-conversion/304317728/ Frame 8FD6
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/304317728/?random=391708092&cv=9&fst=1684861458434&num=1&npa=1&label=cehMCMPHroEDEKCKjpEB&guid=ON&resp=GooglemKTybQhCsO&eid=37560326...
  • https://www.google.com/pagead/1p-conversion/304317728/?random=391708092&cv=9&fst=1684861458434&num=1&npa=1&label=cehMCMPHroEDEKCKjpEB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C51224...
  • https://www.google.nl/pagead/1p-conversion/304317728/?random=391708092&cv=9&fst=1684861458434&num=1&npa=1&label=cehMCMPHroEDEKCKjpEB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247...
42 B
64 B
Image
General
Full URL
https://www.google.nl/pagead/1p-conversion/304317728/?random=391708092&cv=9&fst=1684861458434&num=1&npa=1&label=cehMCMPHroEDEKCKjpEB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11293261.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPDGy4X2i_8CFROIsgodczUNMw%3Bsrc%3D11293261%3Btype%3Dinvmedia%3Bcat%3Dremar0%3Bord%3D8438219840593%3Bgtm%3D45He35h0%3Bauiddc%3D1328838875.1684861458%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buam%3D%3Buamb%3D0%3Buap%3D%3Buapv%3D%3Buaw%3D0%3B~oref%3Dhttps%253A%252F%252Foffer.widgetbear.com%252F%3F&ref=https%3A%2F%2Foffer.widgetbear.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=EvJsZLa2HKaSxwKB7rz4CQ&cid=CAQSKQBygQiD-MGZyeL31WXTL-pGkxHFiFkH8foI_x-JSCDGNVYmIRB1LsIR&random=130831005&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: 11293261.fls.doubleclick.net
URL: https://11293261.fls.doubleclick.net/activityi;dc_pre=CPDGy4X2i_8CFROIsgodczUNMw;src=11293261;type=invmedia;cat=remar0;ord=8438219840593;gtm=45He35h0;auiddc=1328838875.1684861458;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Foffer.widgetbear.com%2F?
Protocol
H3
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://11293261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 17:04:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 May 2023 17:04:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.nl/pagead/1p-conversion/304317728/?random=391708092&cv=9&fst=1684861458434&num=1&npa=1&label=cehMCMPHroEDEKCKjpEB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11293261.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPDGy4X2i_8CFROIsgodczUNMw%3Bsrc%3D11293261%3Btype%3Dinvmedia%3Bcat%3Dremar0%3Bord%3D8438219840593%3Bgtm%3D45He35h0%3Bauiddc%3D1328838875.1684861458%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buam%3D%3Buamb%3D0%3Buap%3D%3Buapv%3D%3Buaw%3D0%3B~oref%3Dhttps%253A%252F%252Foffer.widgetbear.com%252F%3F&ref=https%3A%2F%2Foffer.widgetbear.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=EvJsZLa2HKaSxwKB7rz4CQ&cid=CAQSKQBygQiD-MGZyeL31WXTL-pGkxHFiFkH8foI_x-JSCDGNVYmIRB1LsIR&random=130831005&resp=GooglemKTybQhCsO&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4D2E37F7DA054340BD9D3DF18E5DC83F&RedC=c.clarity.ms&MXFR=0E0C5B475580654225B1485D51806B1D
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4D2E37F7DA054340BD9D3DF18E5DC83F&MUID=2F5C112150296A65024C023B518A6B71
42 B
466 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4D2E37F7DA054340BD9D3DF18E5DC83F&MUID=2F5C112150296A65024C023B518A6B71
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://offer.widgetbear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 17:04:18 GMT
last-modified
Thu, 04 May 2023 15:33:28 GMT
server
Microsoft-IIS/10.0
etag
"6de038c69d7ed91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 23 May 2023 17:04:18 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 01E25ED0F7EF46EE89D9D4668F5A614A Ref B: AMS04EDGE2022 Ref C: 2023-05-23T17:04:18Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4D2E37F7DA054340BD9D3DF18E5DC83F&MUID=2F5C112150296A65024C023B518A6B71
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
k.clarity.ms/
0
300 B
XHR
General
Full URL
https://k.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://offer.widgetbear.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://offer.widgetbear.com
Date
Tue, 23 May 2023 17:04:20 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 boolean| credentialless number| settings_timer number| _vwo_settings_timer object| _vwo_code string| TiktokAnalyticsObject object| ttq object| dataLayer object| _Sendlane string| AJAX_PATH object| app_config object| app_lang object| paay_3D_settings undefined| vwo_e number| _vwo_j_e string| _vwo_mt string| _vwo_tm string| g object| vwo_iehack_queue function| ThreeDS object| cbUtilConfig object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| clarity function| $ function| jQuery object| validator object| cb object| FwUtils number| cSpeed number| cWidth number| cHeight number| cTotalFrames number| cFrameWidth string| cImageSrc boolean| cImageTimeout number| cIndex number| cXpos boolean| cPreloaderTimeout number| SECONDS_BETWEEN_FRAMES function| startAnimation function| continueAnimation function| stopAnimation function| imageLoader function| openNewWindow function| openWindow function| queryString function| asyncProspect object| AppHelpers object| appLocation function| xverifyCustomHtml function| getClientId function| setClientId function| addCsrfTokenToForm function| ouibounce object| paayformArr string| errorClass string| validClass string| dev_mode number| timeout boolean| enable_loader number| count number| totalInitialisation boolean| isTrigger undefined| Cavv undefined| Eci undefined| Xid string| prevString boolean| is_process_started boolean| isLegacy undefined| initial_xid undefined| initial_cavv undefined| initial_eci undefined| initial_authenticationValue undefined| initial_dsTransactionId undefined| initial_status undefined| rebill_xid undefined| rebill_cavv undefined| rebill_eci undefined| rebill_authenticationValue undefined| rebill_dsTransactionId undefined| rebill_status undefined| split_xid undefined| split_cavv undefined| split_eci undefined| split_authenticationValue undefined| split_dsTransactionId undefined| split_status undefined| split_rebill_xid undefined| split_rebill_cavv undefined| split_rebill_eci undefined| split_rebill_authenticationValue undefined| split_rebill_dsTransactionId undefined| split_rebill_status function| storeCookie function| deleteSavedCookies function| placeCookies function| getSavedCookie function| resolve function| reject function| gtag object| GooglebQhCsO object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| gaplugins object| gaGlobal object| gaData object| _learnq string| __klKey object| webpackChunksendlane object| regeneratorRuntime function| PsgTimer object| regex function| trackViewedItem function| AddToCart function| getDate boolean| isMobile object| firstArray object| lastArray object| locationArray object| quantityArray function| popUp function| startPopUp string| event_type string| url number| days function| onYouTubeIframeAPIReady object| webpackChunk_klaviyo_onsite_modules object| core object| _klOnsite object| klaviyo

23 Cookies

Domain/Path Name / Value
offer.widgetbear.com/ Name: PHPSESSID
Value: 2cf5ea05804d8a53614c3f02d75f06d1
.offer.widgetbear.com/ Name: _vwo_uuid_v2
Value: D1953ECFA221C8F5B62197CFB423E41F6|3959b69e39c53548dcf93cfe9172952c
.widgetbear.com/ Name: _gcl_au
Value: 1.1.1328838875.1684861458
.tiktok.com/ Name: _ttp
Value: 2QCdNWbQbhtPgd0JPRwj6IadAKS
.widgetbear.com/ Name: _tt_enable_cookie
Value: 1
.widgetbear.com/ Name: _ttp
Value: S_H9e86VPR4k-1Eknv2TtKcm5cu
.widgetbear.com/ Name: _gid
Value: GA1.2.1535768159.1684861458
.widgetbear.com/ Name: _gat_UA-195791296-1
Value: 1
www.clarity.ms/ Name: CLID
Value: 04b1da6f078a440789115aace23a2179.20230523.20240522
.widgetbear.com/ Name: _clck
Value: 10jy2tw|2|fbu|0|1238
.doubleclick.net/ Name: IDE
Value: AHWqTUk2nZFnziACyxhb9sLZyPKKp4gB86YD4x05rHq41A8vulXR6yDpXyhQ1jnu
.widgetbear.com/ Name: _ga_3GBK2G477X
Value: GS1.1.1684861458.1.0.1684861458.60.0.0
.widgetbear.com/ Name: _ga
Value: GA1.1.874194767.1684861458
offer.widgetbear.com/ Name: __kla_id
Value: eyIkcmVmZXJyZXIiOnsidHMiOjE2ODQ4NjE0NTgsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vb2ZmZXIud2lkZ2V0YmVhci5jb20vIn0sIiRsYXN0X3JlZmVycmVyIjp7InRzIjoxNjg0ODYxNDU4LCJ2YWx1ZSI6IiIsImZpcnN0X3BhZ2UiOiJodHRwczovL29mZmVyLndpZGdldGJlYXIuY29tLyJ9fQ==
.widgetbear.com/ Name: _clsk
Value: 1xrdold|1684861458552|1|1|k.clarity.ms/collect
.sendlane.com/ Name: track_session
Value: eyJpdiI6Ii9FNm96UDZ0UFFWN3RNOE9nTlI4UVE9PSIsInZhbHVlIjoia04zaTNnR25VU0R1MjZCWHBId3g0cjQ4WUkyR1hwYzZLRkkrazhNaTBGcEoxRlNUeHRXOHdiRDZINm9xU1F1Zlp6T3RQTENCQjlidFRueUQ2SzRQbWRSTTFEZmJKdkFGd1AwbkJQVGZmVTVRcjZ6UFo3ZU8rWW5neEJKRFptU1EiLCJtYWMiOiI1YjYxMTdjMzYzMDlhYWY1ZGY2ZjZmZTdlODMwNzI5NDExNjYzMDU4ZDE4Njg3NDJhMDBkMGE3N2RlZDI1YmY5IiwidGFnIjoiIn0%3D
.bing.com/ Name: MUID
Value: 2F5C112150296A65024C023B518A6B71
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 2F5C112150296A65024C023B518A6B71
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 2F5C112150296A65024C023B518A6B71
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11293261.fls.doubleclick.net
adservice.google.com
analytics.tiktok.com
c.bing.com
c.clarity.ms
cdn.3dsintegrator.com
dev.visualwebsiteoptimizer.com
googleads.g.doubleclick.net
k.clarity.ms
offer.widgetbear.com
region1.analytics.google.com
sendlane.com
static-tracking.klaviyo.com
static.klaviyo.com
stats.g.doubleclick.net
track.sendlane.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
142.250.185.194
151.101.194.133
151.101.66.133
172.217.16.198
2.16.186.160
20.96.88.162
2001:4860:4802:34::36
2600:9000:2057:7600:a:3d5:af40:93a1
2606:4700::6810:a706
2620:1ec:29:1::45
2620:1ec:c11::200
2a00:1450:4001:806::2002
2a00:1450:4001:811::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9b
2a06:98c1:3120::3
2a06:98c1:3121::3
34.96.102.137
38.154.122.135
68.219.88.97
048452cd583bfd33f45594e1dd0d118ace4e4965bd239497e60a4a40785ab8fb
0604567db1b7fc7ae5e4386e243433e0b1f9571b6a33d3778b156f8f5ceaa7aa
066b2cd615d7c1119303bc05830d12fc15eebcbfa5079baa2b4276d56ad96a61
0e2870b0f859e4a836b14b371120dfa3676a2fab05e48c8c0529031dd2de5e6d
0eac34248591fa86706ba7b48dd08f456ccdad36673ff461b0e4fde9225aafd0
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
155fc7909078c55acca64323937639c53d9a6188f394d92c2f78a8f14f8ddd3a
1606c98ce30d0c4149c42ea9f427c7728bd1cfcbea8a2a16353c7bca15c4eb29
17333cbe5a58e0eb4e8d5f4e8bdb8ff471472b0e5faf1d89051d9bbb553c247a
17f8e487ae998148d80fdbed51f4a408c8f7b5a93580a51c2dd0bb7a2f86ec93
24bd9dc265298a8a9640ebc495b7bc9f9433947ba542490941735a911cb1c74e
2635076aeb9f9cb720712567f90f2f39f70f792a59a910bbe0bafc6ed15adbe5
2648181eb6c5c957b14d17a179437764f0777bc4d445daccd002a12470a0e40d
269162fa1ad32e1ab068fa539fc47ffa6f678e9c5e2c81fe0941de379b7f95bc
31f879e79cd78066b9a48c057d4237e1ce1449840cf794e4509623834e8537d4
34bdbc24a32f7d11b673e014b46efef065e5fbc7d3c83ba8a75386fa71c3fdbd
3579657a6a302f8dee718238af3739ef1061d7960c43580a2f911a2fafce2670
35dc9d578a04c534b953bf74fdc3f6b0582e752696fc18ab0c22ee1a08bfc8e2
372accf9c0be754c3547a11739b2772d5a8f5528c0aa96aed2f5021e00fb8c49
38bf43980a23e071de296b9a99b2aa91123035aa167da3aa90260e195c3b3b4a
3b297e0306503b0a87182433fdc63561cb93957b1d613363e55ab66670cc7759
6b67937e196ca4f5d300b5770862dc94f450015e8e21508e8108590dd1786e66
6ce60b539a405940c15b686d9aa3319a984d9f2bbe087fa48069d991208d66d0
6d3859f9f2cc119def21a95084393955eb429cb95a2f005167cf899a65bdc00c
6e08ffbb2a56d12f38290642e7cb05a2ddd697c3d43196c02eacb02fdbfc97eb
6f9b2c18e955e566d4add27121d26c1a8758b65cbbe9510401c6de2335ce6da1
716a3ecb12708507f887715e2908ba6b6d4239563937ae6ae15ff41ff896e2c3
717c1e30a97c59911b5c41462d952f0cc70536a09878e57cd50ea6c3dbcd4b01
7364d0c1e0067d7ea2837e068c998428f7b2388b101a0cffc365137454ce50d9
74e3d02421a7753c30f52691f521b82ed2485c5b98bf53d62ed6ceef38e73da0
79a6cb3020ac1c99335eef53ef2de17b150a2114d17e187fd41501ffd7d3cc90
79fcb3c14a2cc79a8d22cf0a0f655efa63fbba9423f99ade97f65ddfc4820619
7a43142d9a9f71d509babd7ff4e32cf67486489cd182c5f8cd01448dde005373
7aebdecf46e9ac47095eb0ccafad88d54d8b7a241ca7dda0207ad42401525ed9
7fe771dcd0b6ee7d728d2302baff0a8fbfcaa2f849a3f98a963df8c03db02560
8228f554504d6df8f277da1bee7c07ac73872214b55dca85f9d9e4c46eb6b68e
8249002e8ea57bcdde8320e38420c9103e65a9519a3885a482bf11036d1c8851
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
862880ea59c2ff0c0b61329fa4483d5a52c7bbc5ee3a9952195708071dd8984e
98457f55394f010dba002ee611a2ea017cacfb2fbad4e592373ad814e1b4c348
9917ec2c7b7d9fe59452c4bf39ca1d333cb7f35ed5c49260fa8b8b3de23f95dd
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b3a955ac158e9fbedea40a6d9494a44669dee5d1bbb18895e1b211244f8f16e
9b7bb64351d3ca3dae3248936c4978940a9780bc76a9309e31ab1afa38a73a32
9f8ac4ff4cdf03786837923fbf3fba5bcbeef242dd87bc053e468e914e6d0074
a1cc984877281f6dc160103a1fa42e40bfd7ae5545e191da773e9b811fbcb31c
aaff68a7cc6f0d88ecdf2feb359d682113222d0fdcf8be7a88abb55a53fcaabe
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b47e5a632d6c17772f1167eff5359bc764e0b58d779ed84c5c1033a804a85843
ba1fdb18175e44af8acde480f3f1d24d3ed9ca386ed34fb1a4fe9542abdf11c7
c1b9a05b09dfdbda80e5a007582d94069a582da1ea93452f77230e85fb1197b5
c29489f9bef7f3d03220223a42129549a77703a280c74941e6ae261dfd25ff1e
c5e218367eb650d42866c5d5f8cfc795ec7a276fa6880c788ac05e8894ed0a15
c7d5f5ddbcc47ab313cfc7c9930c31050c4b7bfbeefe013fc5ec1ce0cab5b008
cb4507b85ddaa0d594dea3fb5884d9a68877e15ce24f24107ff2526126db4377
cbb8abe41740092dc71e3376f825336759f062760481c60d95f921c833f27a8f
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
cf3e9e6130f6536f8a17445f3de815da98c30c18444984eb01e88bd79e92003a
d21d61f81b252719547ffc3db5099ba4101c57079daa9da0a130eb1486a34a2c
d5ef63f18af0253a3e2e2626b59a1de31a467b6f8e8765e9b2ccaa85e3d3ec81
d7fccf52249461fe70c1b23178660fdaab440976059b1d100ace4a3f51b968b4
d97dcef78d5055c5b984beabacd47f55a282c75f3df14d7b65a1200984825130
da6bdb6316644c202097988feb3746f04c422cb2c2c94f42c493b9862cb7c7cb
db684c3d54b4d93f47c1b43d828c466b085ba639c5f96414149627e4febc9d36
dd95fe809be782dee9b3f6639fd28f134c54f92ec4e3e48b20cac12def745f25
df3a60b75e9fd4cd88883724d28748f77b91b8aeb9cbbaa0d775faeed51a50e4
df5ebeb53aa8d99388829e8710449ccc803e5ea0bcefa439e621fdefa542d3a8
df6a09f5b159cead9eb1f23702c0ca1fbe22beb863852b1a10e776fa49945976
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ee87b33f2961363db212bf9d5817026b9aa7d7d86304b593e84e0dd38e533afc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f126ba6ccd97b2a467357bfcd11e54510ff47dbb893cd41f572d0bef67b9f474
f161154014f7bfac68386cf1d5daf64e5739f7012e863dc79e281bc83c9a0e6e
fcf9bafd6b1d8c3ed3cefdb29e790aa507a1394499da679d9596546e00df030f
fd6f215cb3909ac889cca094c0e80e82b50f7b9a49e8c8fad2aacee610ba8c13