www.onlinemedium.nu Open in urlscan Pro
81.171.38.183 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.textifier.net/
Effective URL:
https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
Submission: On September 10 via api (September 10th 2020, 4:56:19 pm UTC) from US

Summary HTTP 40 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 11 domains to perform 40 HTTP transactions. The main IP is 81.171.38.183, located in Netherlands and belongs to BIP-AS BIP Backbone ASN, NL. The main domain is www.onlinemedium.nu.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 30th 2020. Valid for: 3 months.

This is the only time www.onlinemedium.nu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2a00:1450:400... 2a00:1450:4001:816::2013	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
2 3	213.32.106.141 213.32.106.141	16276 (OVH) (OVH)
1 1	213.227.134.196 213.227.134.196	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	178.63.30.126 178.63.30.126	24940 (HETZNER-AS) (HETZNER-AS)
1 22	81.171.38.183 81.171.38.183	34343 (BIP-AS BI...) (BIP-AS BIP Backbone ASN)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:818::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
40	12

2 2a00:1450:4001:816::2013 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.textifier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.32.106.141 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip141.ip-213-32-106.eu

www.mobilecontents.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.134.196 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

admoustache.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.63.30.126 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.126.30.63.178.clients.your-server.de

1d656349cee.trccmpnsl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 81.171.38.183 (Netherlands) 1 redirects

ASN34343 (BIP-AS BIP Backbone ASN, NL)
PTR: 183.xldomein.nl

onlinemedium.nu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.onlinemedium.nu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	onlinemedium.nu 1 redirects onlinemedium.nu www.onlinemedium.nu	747 KB
6	googletagmanager.com www.googletagmanager.com	209 KB
4	google-analytics.com www.google-analytics.com	18 KB
3	mobilecontents.mobi 2 redirects www.mobilecontents.mobi	5 KB
2	gstatic.com fonts.gstatic.com	18 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	30 KB
2	textifier.net 1 redirects www.textifier.net	20 KB
1	doubleclick.net stats.g.doubleclick.net	87 B
1	trccmpnsl.com 1d656349cee.trccmpnsl.com	1 KB
1	go2affise.com 1 redirects admoustache.go2affise.com	221 B
1	bootstrapcdn.com stackpath.bootstrapcdn.com	21 KB
40	11

	Domain	Requested by
21	www.onlinemedium.nu	www.onlinemedium.nu
6	www.googletagmanager.com	www.onlinemedium.nu www.googletagmanager.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.mobilecontents.mobi	2 redirects www.textifier.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.textifier.net	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	ajax.googleapis.com	www.onlinemedium.nu
1	fonts.googleapis.com	www.onlinemedium.nu
1	onlinemedium.nu	1 redirects
1	1d656349cee.trccmpnsl.com	www.mobilecontents.mobi
1	admoustache.go2affise.com	1 redirects
1	stackpath.bootstrapcdn.com	www.textifier.net
40	13

This site contains no links.

Subject Issuer	Validity	Valid
www.textifier.net GTS CA 1D2	`2020-08-24` - `2020-11-22`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
www.mobilecontents.mobi Let's Encrypt Authority X3	`2020-08-25` - `2020-11-23`	3 months	crt.sh
*.trccmpnsl.com Let's Encrypt Authority X3	`2020-07-31` - `2020-10-29`	3 months	crt.sh
mail.onlinemedium.nu Let's Encrypt Authority X3	`2020-08-30` - `2020-11-28`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
Frame ID: D008964AD832A927C2E815807022E58E
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.textifier.net/ HTTP 301
https://www.textifier.net/ Page URL
https://www.mobilecontents.mobi/?sl=3079283-76bc4&data1=Track1&data2=Track2 Page URL
https://www.mobilecontents.mobi/?sl=3079283-76bc4&data1=Track1&data2=Track2&eyeg=75b9a4cb47f05d57962e71529bf... HTTP 302
https://www.mobilecontents.mobi/?sl=3079283-76bc4&data1=Track1&data2=Track2&oyeg=75b9a4cb47f05d57962e71529bf... HTTP 301
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=453&sub1=3300062818c34f22e38ba489fcf0bc5e... HTTP 302
https://1d656349cee.trccmpnsl.com/?p=6597&media_type=mainstream&click_id=5f5a5aa1d796fb000178929d Page URL
https://onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597 HTTP 301
https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597 Page URL

Detected technologies

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

OpenGSE (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

40
Requests

100 %
HTTPS

69 %
IPv6

11
Domains

13
Subdomains

12
IPs

4
Countries

1068 kB
Transfer

1831 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.textifier.net/ HTTP 301
https://www.textifier.net/ Page URL
https://www.mobilecontents.mobi/?sl=3079283-76bc4&data1=Track1&data2=Track2 Page URL
https://www.mobilecontents.mobi/?sl=3079283-76bc4&data1=Track1&data2=Track2&eyeg=75b9a4cb47f05d57962e71529bfc30d2&eyer=0.8717614690798865&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=www.textifier.net HTTP 302
https://www.mobilecontents.mobi/?sl=3079283-76bc4&data1=Track1&data2=Track2&oyeg=75b9a4cb47f05d57962e71529bfc30d2&eyer=0.8717614690798865&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=www.textifier.net&eyeg=3 HTTP 301
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=453&sub1=3300062818c34f22e38ba489fcf0bc5e178390910-202009-flb*3079283-76bc4**sl_3079283-76bc4*37c88a92c31a4ba818d64f453c560b927dc9ea3d** HTTP 302
https://1d656349cee.trccmpnsl.com/?p=6597&media_type=mainstream&click_id=5f5a5aa1d796fb000178929d Page URL
https://onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597 HTTP 301
https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.textifier.net/ HTTP 301
https://www.textifier.net/

Request Chain 3

https://www.mobilecontents.mobi/?sl=3079283-76bc4&data1=Track1&data2=Track2&eyeg=75b9a4cb47f05d57962e71529bfc30d2&eyer=0.8717614690798865&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=www.textifier.net HTTP 302
https://www.mobilecontents.mobi/?sl=3079283-76bc4&data1=Track1&data2=Track2&oyeg=75b9a4cb47f05d57962e71529bfc30d2&eyer=0.8717614690798865&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=www.textifier.net&eyeg=3 HTTP 301
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=453&sub1=3300062818c34f22e38ba489fcf0bc5e178390910-202009-flb*3079283-76bc4**sl_3079283-76bc4*37c88a92c31a4ba818d64f453c560b927dc9ea3d** HTTP 302
https://1d656349cee.trccmpnsl.com/?p=6597&media_type=mainstream&click_id=5f5a5aa1d796fb000178929d

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
www.textifier.net/
Redirect Chain

http://www.textifier.net/
https://www.textifier.net/

71 KB
19 KB

226ms
193ms

Document
text/html

2a00:1450:4001:816::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.textifier.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.textifier.net
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
x-robots-tag: all
content-type: text/html; charset=UTF-8
expires: Thu, 10 Sep 2020 16:56:01 GMT
date: Thu, 10 Sep 2020 16:56:01 GMT
cache-control: private, max-age=0
last-modified: Tue, 08 Sep 2020 15:19:03 GMT
etag: W/"ac8588bb11d1db7b9bc23d5e6514d24c63c947f8ab50ebdd55e9fdc6f94384cf"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 19613
server: GSE

Redirect headers

Location: https://www.textifier.net/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Thu, 10 Sep 2020 16:56:00 GMT
Expires: Thu, 10 Sep 2020 16:56:00 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 174
Server: GSE

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/ 137 KB
21 KB 29ms
11ms Stylesheet
text/css 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css

Requested by

Host: www.textifier.net
URL: https://www.textifier.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.textifier.net
Referer: https://www.textifier.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 16:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:34:10 GMT
status: 200
etag: "1544639650"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 21024

GET
H/1.1 200
OK / Show response
www.mobilecontents.mobi/ 4 KB
4 KB 145ms
30ms Document
text/html 213.32.106.141
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mobilecontents.mobi/?sl=3079283-76bc4&data1=Track1&data2=Track2
Requested by: Host: www.textifier.net
URL: https://www.textifier.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.32.106.141 , France, ASN16276 (OVH, FR),
Reverse DNS: ip141.ip-213-32-106.eu
Software: /
Resource Hash: e8d4437988a94b961de9e9500790dda68349c9112dc4a88423742d8cd5fbfdd6

Request headers

Host: www.mobilecontents.mobi
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://www.textifier.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.textifier.net/

Response headers

Date: Thu, 10 Sep 2020 16:56:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-transform

GET
H/1.1

200
OK

Cookie set / Show response
1d656349cee.trccmpnsl.com/
Redirect Chain

https://www.mobilecontents.mobi/?sl=3079283-76bc4&data1=Track1&data2=Track2&eyeg=75b9a4cb47f05d57962e71529bfc30d2&eyer=0.8717614690798865&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=www.textifier.net
https://www.mobilecontents.mobi/?sl=3079283-76bc4&data1=Track1&data2=Track2&oyeg=75b9a4cb47f05d57962e71529bfc30d2&eyer=0.8717614690798865&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=www.textifier.net...
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=453&sub1=3300062818c34f22e38ba489fcf0bc5e178390910-202009-flb*3079283-76bc4**sl_3079283-76bc4*37c88a92c31a4ba818d64f453c560b927d...
https://1d656349cee.trccmpnsl.com/?p=6597&media_type=mainstream&click_id=5f5a5aa1d796fb000178929d

818 B
1 KB

125ms
60ms

Document
text/html

178.63.30.126
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1d656349cee.trccmpnsl.com/?p=6597&media_type=mainstream&click_id=5f5a5aa1d796fb000178929d
Requested by: Host: www.mobilecontents.mobi
URL: https://www.mobilecontents.mobi/?sl=3079283-76bc4&data1=Track1&data2=Track2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.30.126 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.126.30.63.178.clients.your-server.de
Software: /
Resource Hash: b47e29bbba8068c24767bb6ed1c4224be862ba09f56d2ac5d9c0490c9843ecc2

Request headers

Host: 1d656349cee.trccmpnsl.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.mobilecontents.mobi/?sl=3079283-76bc4&data1=Track1&data2=Track2

Response headers

Date: Thu, 10 Sep 2020 16:56:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
Set-Cookie: t-uuid=5o56jwj5926ek8g0lew1wowkw; expires=Tue, 10-Sep-2030 16:56:01 GMT; Max-Age=315532800; path=/; domain=.trccmpnsl.com traffic-visited-offers=%7C%7C148092%7Cunspecified; expires=Fri, 11-Sep-2020 16:56:01 GMT; Max-Age=86400; path=/; domain=.trccmpnsl.com traffic-back=ok; expires=Thu, 10-Sep-2020 16:56:31 GMT; Max-Age=30; path=/; domain=.trccmpnsl.com rts-trck=1; expires=Thu, 10-Sep-2020 17:06:01 GMT; Max-Age=600; path=/; domain=1d656349cee.trccmpnsl.com
Last-Modified: Thu, 10 Sep 2020 16:56:01 GMT
Expires: Thu, 10 Sep 2020 16:56:01 GMT
Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma: no-cache
X-Robots-Tag: noindex, nofollow
Content-Encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 10 Sep 2020 16:56:01 GMT
content-type: text/html; charset=utf-8
content-length: 128
location: https://1d656349cee.trccmpnsl.com/?p=6597&media_type=mainstream&click_id=5f5a5aa1d796fb000178929d
set-cookie: afclick=5f5a5aa1d796fb000178929d; Expires=Fri, 10 Sep 2021 16:56:01 GMT; Secure; SameSite=None

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.onlinemedium.nu/lp/5/
Redirect Chain

https://onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597

92 KB
14 KB

1074ms
981ms

Document
text/html

81.171.38.183
BIP-AS BIP Backbo...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS: 183.xldomein.nl
Software: nginx / PHP/7.3.18
Resource Hash: 1a1f3c3a3248a8ad660c5bc5b0817d3ecd792ce09a26f93385e7efcf72ad898a

Request headers

Host: www.onlinemedium.nu
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://1d656349cee.trccmpnsl.com/?p=6597&media_type=mainstream&click_id=5f5a5aa1d796fb000178929d
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://1d656349cee.trccmpnsl.com/?p=6597&media_type=mainstream&click_id=5f5a5aa1d796fb000178929d

Response headers

Server: nginx
Date: Thu, 10 Sep 2020 16:56:02 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 13277
Connection: keep-alive
X-Powered-By: PHP/7.3.18
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: sec_session_id=6b6ihhmrvh61k0c4sbgoj4dopu; path=/; domain=onlinemedium.nu; secure; HttpOnly; SameSite=None ref_id=8; expires=Sat, 10-Oct-2020 16:56:02 GMT; Max-Age=2592000; path=/; domain=onlinemedium.nu; secure; HttpOnly; SameSite=None ref_pi=kex1znii70wdji3ciq88kc404%2C14550878%2C5%2C6597; expires=Sat, 10-Oct-2020 16:56:02 GMT; Max-Age=2592000; path=/; domain=onlinemedium.nu; secure; HttpOnly; SameSite=None google_analytics=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=onlinemedium.nu; secure; HttpOnly; SameSite=None google_adwords=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=onlinemedium.nu; secure; HttpOnly; SameSite=None google_adwords_conversion=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=onlinemedium.nu; secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Thu, 10 Sep 2020 16:56:01 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597

GET
H/1.1 200
OK bootstrap.css
www.onlinemedium.nu/lp/5/css/ 101 KB
22 KB 180ms
176ms Stylesheet
text/css 81.171.38.183
BIP-AS BIP Backbo...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlinemedium.nu/lp/5/css/bootstrap.css
Requested by: Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS: 183.xldomein.nl
Software: nginx /
Resource Hash: d1506a4eb0d2470a9e22fd40120105428326848b610e67a4209188f50eaad464

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 16:56:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Aug 2020 14:15:13 GMT
Server: nginx
ETag: W/"5f2abef1-1955a"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 10 Oct 2020 16:56:02 GMT

GET
H/1.1 200
OK styles.css
www.onlinemedium.nu/lp/5/css/ 48 KB
12 KB 226ms
195ms Stylesheet
text/css 81.171.38.183
BIP-AS BIP Backbo...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlinemedium.nu/lp/5/css/styles.css
Requested by: Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS: 183.xldomein.nl
Software: nginx /
Resource Hash: 8264cdb6a356e9f634da2a6047268f7877539776d5b3e7016e0fd51c17fd44ff

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 16:56:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Aug 2020 14:14:13 GMT
Server: nginx
ETag: W/"5f2abeb5-be2a"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 10 Oct 2020 16:56:02 GMT

GET
H/1.1 200
OK landingpage.css
www.onlinemedium.nu/lp/5/css/ 829 B
706 B 207ms
176ms Stylesheet
text/css 81.171.38.183
BIP-AS BIP Backbo...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlinemedium.nu/lp/5/css/landingpage.css
Requested by: Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS: 183.xldomein.nl
Software: nginx /
Resource Hash: d1a3fad5cb15031e741d66a5f97c6b0407ccf7c29d3b78bfcf7a23715802aca2

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 16:56:02 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Aug 2020 13:48:33 GMT
Server: nginx
ETag: "33d-5ad9fd7a6ee40-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
X-Accel-Version: 0.01
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 313
Expires: Sat, 10 Oct 2020 16:56:02 GMT

GET
H/1.1 200
OK verify.css
www.onlinemedium.nu/lp/5/css/ 426 B
624 B 220ms
189ms Stylesheet
text/css 81.171.38.183
BIP-AS BIP Backbo...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlinemedium.nu/lp/5/css/verify.css
Requested by: Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS: 183.xldomein.nl
Software: nginx /
Resource Hash: 7a01234f49b1ce6faed8d755cc1d27633ca0655f8c75b0f09d6fd565f19e0194

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 16:56:02 GMT
Content-Encoding: gzip
Last-Modified: Sun, 28 Jun 2020 18:51:07 GMT
Server: nginx
ETag: "1aa-5a9296cc29cc0-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
X-Accel-Version: 0.01
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 231
Expires: Sat, 10 Oct 2020 16:56:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
889 B 19ms
15ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800

Requested by

Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

89ac351147aec12359e5c68d4c3bb936e658fff87ce2337f04a5050fe75719c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 15:27:13 GMT
server: ESF
date: Thu, 10 Sep 2020 16:56:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Sep 2020 16:56:02 GMT

GET
H/1.1 200
OK lp-5.css
www.onlinemedium.nu/cache/whitelabels/onlinemedium.nu/css/ 684 B
663 B 264ms
206ms Stylesheet
text/css 81.171.38.183
BIP-AS BIP Backbo...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlinemedium.nu/cache/whitelabels/onlinemedium.nu/css/lp-5.css
Requested by: Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS: 183.xldomein.nl
Software: nginx /
Resource Hash: f9127c112e52a7cc5c0329c9aa139804af68130b9ee66f6883578ac66bd4afd4

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 16:56:02 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 Mar 2020 12:29:15 GMT
Server: nginx
ETag: "2ac-5a21199617cc0-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
X-Accel-Version: 0.01
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 270
Expires: Sat, 10 Oct 2020 16:56:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 26ms
22ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-67322249-2

Requested by

Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

24808e45a845d60532f7f2842e08b025d60f55baaf82f80af070d0fbe1e5cfdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 16:56:02 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35656
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 16:08:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 10 Sep 2020 16:56:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 23ms
20ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-104886971-6

Requested by

Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1ba7df4a19516cfda8cf97aa3f78260a0e68c405371e7957d00763623daed2b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 16:56:02 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35647
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 16:08:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 10 Sep 2020 16:56:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 26ms
23ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-157401228-1

Requested by

Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6c27a0f534cec01e67feccda8a71dda38e19c21966869df700aa69e5f7529811

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 16:56:02 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35646
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 16:08:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 10 Sep 2020 16:56:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
35 KB 20ms
16ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=

Requested by

Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cc6dd578e8e4fa3a200cd612081e2f4defe0fea5417d0b305482b3264b261e1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 16:56:02 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35377
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 16:08:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 10 Sep 2020 16:56:02 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 82 KB
29 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

Requested by

Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 11:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 280312
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29725
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Sep 2021 11:04:10 GMT

GET
H/1.1 200
OK logo_text_nl.png
www.onlinemedium.nu/cache/whitelabels/onlinemedium.nu/img/ 15 KB
15 KB 303ms
233ms Image
image/png 81.171.38.183
BIP-AS BIP Backbo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinemedium.nu/cache/whitelabels/onlinemedium.nu/img/logo_text_nl.png
Requested by: Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS: 183.xldomein.nl
Software: nginx /
Resource Hash: 4fb4046a8d735a8117b98110d33314df3aa3ac374d40029fcc5aaf767462d6ce

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 16:56:02 GMT
Last-Modified: Mon, 12 Aug 2019 11:14:19 GMT
Server: nginx
ETag: "5d514a0b-3a6d"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14957
Expires: Fri, 10 Sep 2021 16:56:02 GMT

GET
H/1.1 200
OK feeling_sad.png
www.onlinemedium.nu/lp/5/img/ 20 KB
20 KB 266ms
266ms Image
image/png 81.171.38.183
BIP-AS BIP Backbo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinemedium.nu/lp/5/img/feeling_sad.png
Requested by: Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS: 183.xldomein.nl
Software: nginx /
Resource Hash: 2b13d3c54d7824f506e5c2283abf87cc4b417901ff39350bfe870aba53a1a656

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 16:56:03 GMT
Last-Modified: Wed, 05 Aug 2020 13:41:01 GMT
Server: nginx
ETag: "5f2ab6ed-5021"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20513
Expires: Fri, 10 Sep 2021 16:56:02 GMT

GET
H/1.1 200
OK feeling_normal.png
www.onlinemedium.nu/lp/5/img/ 20 KB
20 KB 195ms
195ms Image
image/png 81.171.38.183
BIP-AS BIP Backbo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinemedium.nu/lp/5/img/feeling_normal.png
Requested by: Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS: 183.xldomein.nl
Software: nginx /
Resource Hash: 50afa5f9b502bca15fe3d0cc01f80952c8735e33e06dc58ba2253ad22f24bbb7

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 16:56:03 GMT
Last-Modified: Wed, 05 Aug 2020 13:41:00 GMT
Server: nginx
ETag: "5f2ab6ec-503d"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20541
Expires: Fri, 10 Sep 2021 16:56:02 GMT

GET
H/1.1 200
OK feeling_happy.png
www.onlinemedium.nu/lp/5/img/ 66 KB
66 KB 211ms
211ms Image
image/png 81.171.38.183
BIP-AS BIP Backbo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinemedium.nu/lp/5/img/feeling_happy.png
Requested by: Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS: 183.xldomein.nl
Software: nginx /
Resource Hash: 65136ae9e2e962be01773406cf3329cf590ce54239be713f3b84e9156a29b68a

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 16:56:03 GMT
Last-Modified: Mon, 12 Aug 2019 11:03:50 GMT
Server: nginx
ETag: "5d514796-1078c"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 67468
Expires: Fri, 10 Sep 2021 16:56:02 GMT

GET
H/1.1 200
OK liefde-relaties.png
www.onlinemedium.nu/lp/5/img/ 2 KB
2 KB 173ms
173ms Image
image/png 81.171.38.183
BIP-AS BIP Backbo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinemedium.nu/lp/5/img/liefde-relaties.png
Requested by: Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS: 183.xldomein.nl
Software: nginx /
Resource Hash: c3c79d497ac5b8ae1235b9156b6148a39f43c208e79e8496238e7a2314278849

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 16:56:03 GMT
Last-Modified: Wed, 05 Aug 2020 13:41:12 GMT
Server: nginx
ETag: "5f2ab6f8-75d"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1885
Expires: Fri, 10 Sep 2021 16:56:02 GMT

GET
H/1.1 200
OK break-up.png
www.onlinemedium.nu/lp/5/img/ 2 KB
3 KB 417ms
416ms Image
image/png 81.171.38.183
BIP-AS BIP Backbo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinemedium.nu/lp/5/img/break-up.png
Requested by: Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS: 183.xldomein.nl
Software: nginx /
Resource Hash: f283cd2496ca2bceb0cbac9cd2405db15822c8682f072b09a01752f9f536d14f

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 16:56:03 GMT
Last-Modified: Wed, 05 Aug 2020 13:41:20 GMT
Server: nginx
ETag: "5f2ab700-91c"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2332
Expires: Fri, 10 Sep 2021 16:56:02 GMT

GET
H/1.1 200
OK gezondheid.png
www.onlinemedium.nu/lp/5/img/ 2 KB
3 KB 502ms
194ms Image
image/png 81.171.38.183
BIP-AS BIP Backbo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinemedium.nu/lp/5/img/gezondheid.png
Requested by: Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS: 183.xldomein.nl
Software: nginx /
Resource Hash: 7c8b10d3b4048acf8883729edb99d2e143a0fec90b56f8eb9625741dc8bd3158

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 16:56:03 GMT
Last-Modified: Wed, 05 Aug 2020 13:41:11 GMT
Server: nginx
ETag: "5f2ab6f7-8db"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2267
Expires: Fri, 10 Sep 2021 16:56:03 GMT

GET
H/1.1 200
OK familie-vrienden.png
www.onlinemedium.nu/lp/5/img/ 3 KB
3 KB 430ms
191ms Image
image/png 81.171.38.183
BIP-AS BIP Backbo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinemedium.nu/lp/5/img/familie-vrienden.png
Requested by: Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS: 183.xldomein.nl
Software: nginx /
Resource Hash: 22102ced1cf09d4ba1bd314893d28060472b8714994bc1b49be7788bf23b0aa8

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 16:56:03 GMT
Last-Modified: Wed, 05 Aug 2020 13:41:25 GMT
Server: nginx
ETag: "5f2ab705-a0b"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2571
Expires: Fri, 10 Sep 2021 16:56:03 GMT

GET
H/1.1 200
OK woning-carriere.png
www.onlinemedium.nu/lp/5/img/ 2 KB
2 KB 308ms
211ms Image
image/png 81.171.38.183
BIP-AS BIP Backbo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinemedium.nu/lp/5/img/woning-carriere.png
Requested by: Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS: 183.xldomein.nl
Software: nginx /
Resource Hash: 7ae85c988368c0cac22f1ce95f68ef6b7c82e13172274c8492ba238b6d364d52

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 16:56:03 GMT
Last-Modified: Wed, 05 Aug 2020 13:41:17 GMT
Server: nginx
ETag: "5f2ab6fd-860"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2144
Expires: Fri, 10 Sep 2021 16:56:03 GMT

GET
H/1.1 200
OK spiritueleontwikkeling.png
www.onlinemedium.nu/lp/5/img/ 3 KB
4 KB 317ms
175ms Image
image/png 81.171.38.183
BIP-AS BIP Backbo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinemedium.nu/lp/5/img/spiritueleontwikkeling.png
Requested by: Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS: 183.xldomein.nl
Software: nginx /
Resource Hash: b3993a5cbfe1e6a5bc42809f499e00b1881c6199dc3e2dd00726efb28022a2b0

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 16:56:03 GMT
Last-Modified: Wed, 05 Aug 2020 13:41:16 GMT
Server: nginx
ETag: "5f2ab6fc-cec"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3308
Expires: Fri, 10 Sep 2021 16:56:03 GMT

GET
H/1.1 200
OK fear.png
www.onlinemedium.nu/lp/5/img/ 5 KB
5 KB 698ms
380ms Image
image/png 81.171.38.183
BIP-AS BIP Backbo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinemedium.nu/lp/5/img/fear.png
Requested by: Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS: 183.xldomein.nl
Software: nginx /
Resource Hash: 087a20b9f647b3983271c24c5148bac53e3ac20855881261f0f56811d17ccb0e

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 16:56:03 GMT
Last-Modified: Tue, 24 Mar 2020 10:48:42 GMT
Server: nginx
ETag: "5e79e58a-1440"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5184
Expires: Fri, 10 Sep 2021 16:56:03 GMT

GET
H/1.1 200
OK anderevraag.png
www.onlinemedium.nu/lp/5/img/ 2 KB
2 KB 319ms
178ms Image
image/png 81.171.38.183
BIP-AS BIP Backbo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinemedium.nu/lp/5/img/anderevraag.png
Requested by: Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS: 183.xldomein.nl
Software: nginx /
Resource Hash: 414eab35263f05e897651a03328a68ede6131e96e96367d7ab8069986c5f2ba3

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 16:56:03 GMT
Last-Modified: Wed, 05 Aug 2020 13:41:19 GMT
Server: nginx
ETag: "5f2ab6ff-68f"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1679
Expires: Fri, 10 Sep 2021 16:56:03 GMT

GET
H/1.1 200
OK free-credits-nl.png
www.onlinemedium.nu/lp/5/img/ 82 KB
83 KB 189ms
189ms Image
image/png 81.171.38.183
BIP-AS BIP Backbo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinemedium.nu/lp/5/img/free-credits-nl.png
Requested by: Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS: 183.xldomein.nl
Software: nginx /
Resource Hash: ff9d3d2f485cfe2180a95ce285f2e449467b832485f1344ef44448553441bda2

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 16:56:03 GMT
Last-Modified: Wed, 05 Aug 2020 13:41:11 GMT
Server: nginx
ETag: "5f2ab6f7-149ec"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 84460
Expires: Fri, 10 Sep 2021 16:56:03 GMT

GET
H/1.1 200
OK bgspace2.jpg
www.onlinemedium.nu/lp/5/img/ 234 KB
234 KB 238ms
203ms Image
image/jpeg 81.171.38.183
BIP-AS BIP Backbo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinemedium.nu/lp/5/img/bgspace2.jpg
Requested by: Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/5/css/styles.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS: 183.xldomein.nl
Software: nginx /
Resource Hash: adbf12cc9ac3e7bb78235a677349d81c5e426f09e6a9a6b1f0aa111c08b727b2

Request headers

Referer: https://www.onlinemedium.nu/lp/5/css/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 16:56:03 GMT
Last-Modified: Mon, 12 Aug 2019 11:17:25 GMT
Server: nginx
ETag: "5d514ac5-3a896"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 239766
Expires: Fri, 10 Sep 2021 16:56:02 GMT

GET
H/1.1 200
OK bg-lp5.jpg
www.onlinemedium.nu/cache/whitelabels/onlinemedium.nu/img/landers/ 234 KB
234 KB 288ms
195ms Image
image/jpeg 81.171.38.183
BIP-AS BIP Backbo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinemedium.nu/cache/whitelabels/onlinemedium.nu/img/landers/bg-lp5.jpg
Requested by: Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS: 183.xldomein.nl
Software: nginx /
Resource Hash: adbf12cc9ac3e7bb78235a677349d81c5e426f09e6a9a6b1f0aa111c08b727b2

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 16:56:03 GMT
Last-Modified: Mon, 12 Aug 2019 11:17:25 GMT
Server: nginx
ETag: "5d514ac5-3a896"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 239766
Expires: Fri, 10 Sep 2021 16:56:03 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.onlinemedium.nu
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 11:04:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 280323
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 07 Sep 2021 11:04:00 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.onlinemedium.nu
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 11:04:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:44 GMT
server: sffe
age: 280302
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Tue, 07 Sep 2021 11:04:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-67322249-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Aug 2020 20:46:40 GMT
server: Golfe2
age: 6023
date: Thu, 10 Sep 2020 15:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18323
expires: Thu, 10 Sep 2020 17:15:40 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 58ms
44ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-104886971-6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-67322249-2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d30eea84c64fd15584bba40806e50126fbd61f411e4a2a08c306bdf62b1d95f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 16:56:03 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35663
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 16:08:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 10 Sep 2020 16:56:03 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 51ms
38ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-157401228-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-67322249-2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b5a329c07514501f3ddfd069552894924bb2243c9a1c0f8bdfb2b3f419f98568

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 16:56:03 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35661
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 16:08:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 10 Sep 2020 16:56:03 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
69 B 13ms
13ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j85&a=1463502393&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onlinemedium.nu%2Flp%2F5%2F%3Fref_id%3D8%26ref_pi%3Dkex1znii70wdji3ciq88kc404%2C14550878%2C5%2C6597&dr=https%3A%2F%2F1d656349cee.trccmpnsl.com%2F%3Fp%3D6597%26media_type%3Dmainstream%26click_id%3D5f5a5aa1d796fb000178929d&ul=en-us&de=UTF-8&dt=Onlinemedium.nu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=180856176&gjid=1027619265&cid=785821284.1599756963&tid=UA-67322249-2&_gid=1699779531.1599756963&_r=1&gtm=2ou920&z=2058387519

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Sep 2020 16:56:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.onlinemedium.nu
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
23 B 13ms
13ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j85&a=1463502393&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onlinemedium.nu%2Flp%2F5%2F%3Fref_id%3D8%26ref_pi%3Dkex1znii70wdji3ciq88kc404%2C14550878%2C5%2C6597&dr=https%3A%2F%2F1d656349cee.trccmpnsl.com%2F%3Fp%3D6597%26media_type%3Dmainstream%26click_id%3D5f5a5aa1d796fb000178929d&ul=en-us&de=UTF-8&dt=Onlinemedium.nu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAUABAAAAAC~&jid=222946371&gjid=1437599791&cid=785821284.1599756963&tid=UA-104886971-6&_gid=1699779531.1599756963&_r=1&gtm=2ou920&z=863773584

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Sep 2020 16:56:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.onlinemedium.nu
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j85&a=1463502393&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onlinemedium.nu%2Flp%2F5%2F%3Fref_id%3D8%26ref_pi%3Dkex1znii70wdji3ciq88kc404%2C14550878%2C5%2C6597&dr=https%3A%2F%2F1d656349cee.trccmpnsl.com%2F%3Fp%3D6597%26media_type%3Dmainstream%26click_id%3D5f5a5aa1d796fb000178929d&ul=en-us&de=UTF-8&dt=Onlinemedium.nu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAUABAAAAAC~&jid=592146492&gjid=1126074779&cid=785821284.1599756963&tid=UA-157401228-1&_gid=1699779531.1599756963&_r=1&gtm=2ou920&z=551510084

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Sep 2020 16:56:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.onlinemedium.nu
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
87 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j85&tid=UA-157401228-1&cid=785821284.1599756963&jid=592146492&gjid=1126074779&_gid=1699779531.1599756963&_u=IEDAAUABAAAAAC~&z=1650960388

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onlinemedium.nu/lp/5/?ref_id=8&ref_pi=kex1znii70wdji3ciq88kc404,14550878,5,6597
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 10 Sep 2020 16:56:03 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.onlinemedium.nu
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onlinemedium.nu/	1970-01-19 12:22:37	Name: _gat_gtag_UA_157401228_1 Value: 1
.onlinemedium.nu/	1970-01-19 13:05:48	Name: ref_pi Value: kex1znii70wdji3ciq88kc404%2C14550878%2C5%2C6597
.onlinemedium.nu/	1970-01-19 12:22:37	Name: _gat_gtag_UA_104886971_6 Value: 1
.onlinemedium.nu/	1970-01-19 12:24:03	Name: _gid Value: GA1.2.1699779531.1599756963
.onlinemedium.nu/	1970-01-19 12:22:37	Name: _gat_gtag_UA_67322249_2 Value: 1
.onlinemedium.nu/	1970-01-20 05:53:48	Name: _ga Value: GA1.2.785821284.1599756963
.onlinemedium.nu/	1970-01-19 13:05:48	Name: ref_id Value: 8
.onlinemedium.nu/	1969-12-31 23:59:59	Name: sec_session_id Value: 6b6ihhmrvh61k0c4sbgoj4dopu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1d656349cee.trccmpnsl.com
admoustache.go2affise.com
ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
onlinemedium.nu
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
www.mobilecontents.mobi
www.onlinemedium.nu
www.textifier.net
178.63.30.126
2001:4de0:ac19::1:b:1a
213.227.134.196
213.32.106.141
2a00:1450:4001:815::2003
2a00:1450:4001:816::2013
2a00:1450:4001:818::2008
2a00:1450:4001:81f::200a
2a00:1450:4001:820::200a
2a00:1450:4001:824::2008
2a00:1450:4001:824::200e
2a00:1450:400c:c06::9c
81.171.38.183
087a20b9f647b3983271c24c5148bac53e3ac20855881261f0f56811d17ccb0e
1a1f3c3a3248a8ad660c5bc5b0817d3ecd792ce09a26f93385e7efcf72ad898a
1ba7df4a19516cfda8cf97aa3f78260a0e68c405371e7957d00763623daed2b7
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
22102ced1cf09d4ba1bd314893d28060472b8714994bc1b49be7788bf23b0aa8
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
24808e45a845d60532f7f2842e08b025d60f55baaf82f80af070d0fbe1e5cfdb
2b13d3c54d7824f506e5c2283abf87cc4b417901ff39350bfe870aba53a1a656
414eab35263f05e897651a03328a68ede6131e96e96367d7ab8069986c5f2ba3
4fb4046a8d735a8117b98110d33314df3aa3ac374d40029fcc5aaf767462d6ce
50afa5f9b502bca15fe3d0cc01f80952c8735e33e06dc58ba2253ad22f24bbb7
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
65136ae9e2e962be01773406cf3329cf590ce54239be713f3b84e9156a29b68a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c27a0f534cec01e67feccda8a71dda38e19c21966869df700aa69e5f7529811
7a01234f49b1ce6faed8d755cc1d27633ca0655f8c75b0f09d6fd565f19e0194
7ae85c988368c0cac22f1ce95f68ef6b7c82e13172274c8492ba238b6d364d52
7c8b10d3b4048acf8883729edb99d2e143a0fec90b56f8eb9625741dc8bd3158
8264cdb6a356e9f634da2a6047268f7877539776d5b3e7016e0fd51c17fd44ff
89ac351147aec12359e5c68d4c3bb936e658fff87ce2337f04a5050fe75719c1
adbf12cc9ac3e7bb78235a677349d81c5e426f09e6a9a6b1f0aa111c08b727b2
b3993a5cbfe1e6a5bc42809f499e00b1881c6199dc3e2dd00726efb28022a2b0
b47e29bbba8068c24767bb6ed1c4224be862ba09f56d2ac5d9c0490c9843ecc2
b5a329c07514501f3ddfd069552894924bb2243c9a1c0f8bdfb2b3f419f98568
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
c3c79d497ac5b8ae1235b9156b6148a39f43c208e79e8496238e7a2314278849
cc6dd578e8e4fa3a200cd612081e2f4defe0fea5417d0b305482b3264b261e1b
d1506a4eb0d2470a9e22fd40120105428326848b610e67a4209188f50eaad464
d1a3fad5cb15031e741d66a5f97c6b0407ccf7c29d3b78bfcf7a23715802aca2
d30eea84c64fd15584bba40806e50126fbd61f411e4a2a08c306bdf62b1d95f8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e8d4437988a94b961de9e9500790dda68349c9112dc4a88423742d8cd5fbfdd6
f283cd2496ca2bceb0cbac9cd2405db15822c8682f072b09a01752f9f536d14f
f9127c112e52a7cc5c0329c9aa139804af68130b9ee66f6883578ac66bd4afd4
ff9d3d2f485cfe2180a95ce285f2e449467b832485f1344ef44448553441bda2

www.onlinemedium.nu Open in urlscan Pro 81.171.38.183 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

100 %HTTPS

69 %IPv6

11 Domains

13 Subdomains

12 IPs

4 Countries

1068 kBTransfer

1831 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.onlinemedium.nu Open in urlscan Pro
81.171.38.183 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

100 %
HTTPS

69 %
IPv6

11
Domains

13
Subdomains

12
IPs

4
Countries

1068 kB
Transfer

1831 kB
Size

8
Cookies

40 HTTP transactions
0 data transactions