www.connection-sggz.nl Open in urlscan Pro
89.41.170.227 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bestadmax.com/display/?page=query/items/&aduid=13&pid=10&displaytype=9&direct=1
Effective URL:
https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Submission: On September 03 via manual (September 3rd 2021, 11:22:24 am UTC) from RO

Summary HTTP 57 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 26 domains to perform 57 HTTP transactions. The main IP is 89.41.170.227, located in Netherlands and belongs to TRANSIP-AS Amsterdam, the Netherlands, NL. The main domain is www.connection-sggz.nl.
TLS certificate: Issued by R3 on August 5th 2021. Valid for: 3 months.

This is the only time www.connection-sggz.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3031::ac43:869f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::6815:5de3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	13.224.193.120 13.224.193.120	16509 (AMAZON-02) (AMAZON-02)
1 1	198.134.116.30 198.134.116.30	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 2	2606:4700:303... 2606:4700:3034::6815:1914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2606:4700:303... 2606:4700:3037::6815:483f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.11.236 104.21.11.236	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	138.68.113.179 138.68.113.179	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2606:4700:303... 2606:4700:3030::ac43:b384	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	131.153.70.114 131.153.70.114	19437 (SS-ASH) (SS-ASH)
2 2	2a02:b48:207:... 2a02:b48:207:1::7	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	213.174.135.32 213.174.135.32	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	159.89.225.89 159.89.225.89	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
14	89.41.170.227 89.41.170.227	20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam)
4	2606:4700:303... 2606:4700:3037::6815:4e07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28d::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	3.120.95.238 3.120.95.238	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	185.138.80.178 185.138.80.178	203318 (ASBIZWAY) (ASBIZWAY)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	151.101.13.140 151.101.13.140	54113 (FASTLY) (FASTLY)
1	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:828::2013	15169 (GOOGLE) (GOOGLE)
2	64.202.112.95 64.202.112.95	23352 (SERVERCEN...) (SERVERCENTRAL)
3	185.138.80.180 185.138.80.180	203318 (ASBIZWAY) (ASBIZWAY)
57	26

2 2606:4700:3031::ac43:869f (United States)

ASN13335 (CLOUDFLARENET, US)

bestadmax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:5de3 (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.ahvclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.120 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-120.fra2.r.cloudfront.net

eneverals.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.134.116.30 (United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

redir.flowwiththetide.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::6815:1914 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bnmu.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::6815:483f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

holofiber.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.11.236 (None, )

ASN13335 (CLOUDFLARENET, US)

rtb.trade	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.68.113.179 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

extreme.new-message.support	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::ac43:b384 (United States)

ASN13335 (CLOUDFLARENET, US)

premixture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 131.153.70.114 (Ashburn, United States) 2 redirects

ASN19437 (SS-ASH, US)

images.adex.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:b48:207:1::7 (Netherlands) 2 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

ioheiy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.174.135.32 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

i.wmgtr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.225.89 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.adexmedias.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 89.41.170.227 (Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: ha-ip.cache.back-site.nl

www.connection-sggz.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28d::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.95.238 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-95-238.eu-central-1.compute.amazonaws.com

db1.connection-sggz.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.138.80.178 (Breda, Netherlands)

ASN203318 (ASBIZWAY, NL)
PTR: script01.da.adcalls.nl

script.adcalls.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

serverside.connection-sggz.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.95 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.138.80.180 (Breda, Netherlands)

ASN203318 (ASBIZWAY, NL)
PTR: api05.da.adcalls.nl

api.adcalls.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	connection-sggz.nl www.connection-sggz.nl db1.connection-sggz.nl serverside.connection-sggz.nl	662 KB
4	adcalls.nl script.adcalls.nl api.adcalls.nl	10 KB
4	fontawesome.com use.fontawesome.com	183 KB
4	new-message.support extreme.new-message.support	6 KB
4	holofiber.xyz 1 redirects holofiber.xyz	34 KB
3	outbrain.com amplify.outbrain.com tr.outbrain.com	4 KB
3	bing.com bat.bing.com	9 KB
3	typekit.net p.typekit.net use.typekit.net	50 KB
2	wmgtr.com i.wmgtr.com	11 KB
2	ioheiy.com 2 redirects ioheiy.com	272 B
2	adex.media 2 redirects images.adex.media	850 B
2	premixture.com premixture.com
2	bnmu.xyz 1 redirects bnmu.xyz	813 B
2	bestadmax.com bestadmax.com	2 KB
1	reddit.com alb.reddit.com	125 B
1	facebook.net connect.facebook.net	26 KB
1	redditstatic.com www.redditstatic.com	7 KB
1	google-analytics.com www.google-analytics.com	19 KB
1	gstatic.com fonts.gstatic.com	20 KB
1	googletagmanager.com www.googletagmanager.com	54 KB
1	googleapis.com fonts.googleapis.com	503 B
1	adexmedias.com 1 redirects www.adexmedias.com	437 B
1	rtb.trade rtb.trade	2 KB
1	flowwiththetide.xyz 1 redirects redir.flowwiththetide.xyz	196 B
1	eneverals.biz 1 redirects eneverals.biz	392 B
1	ahvclick.com tracking.ahvclick.com	597 B
57	26

	Domain	Requested by
14	www.connection-sggz.nl	holofiber.xyz www.connection-sggz.nl
4	use.fontawesome.com	www.connection-sggz.nl use.fontawesome.com
4	extreme.new-message.support	holofiber.xyz extreme.new-message.support
4	holofiber.xyz	1 redirects bestadmax.com holofiber.xyz
3	api.adcalls.nl	script.adcalls.nl
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.connection-sggz.nl
2	tr.outbrain.com	amplify.outbrain.com www.connection-sggz.nl
2	use.typekit.net	www.connection-sggz.nl
2	db1.connection-sggz.nl	www.connection-sggz.nl db1.connection-sggz.nl
2	i.wmgtr.com
2	ioheiy.com	2 redirects
2	images.adex.media	2 redirects
2	premixture.com	holofiber.xyz
2	bnmu.xyz	1 redirects holofiber.xyz
2	bestadmax.com	bestadmax.com
1	alb.reddit.com	www.connection-sggz.nl
1	serverside.connection-sggz.nl	www.connection-sggz.nl
1	amplify.outbrain.com	bestadmax.com
1	connect.facebook.net	bestadmax.com
1	www.redditstatic.com	www.googletagmanager.com
1	www.google-analytics.com	www.googletagmanager.com
1	script.adcalls.nl	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	www.connection-sggz.nl
1	p.typekit.net	www.connection-sggz.nl
1	fonts.googleapis.com	www.connection-sggz.nl
1	www.adexmedias.com	1 redirects
1	rtb.trade	holofiber.xyz
1	redir.flowwiththetide.xyz	1 redirects
1	eneverals.biz	1 redirects
1	tracking.ahvclick.com	bestadmax.com
57	31

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
www.youtube.com
www.facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-25` - `2022-07-24`	a year	crt.sh
new-message.support R3	`2021-07-07` - `2021-10-05`	3 months	crt.sh
i.wmgtr.com R3	`2021-08-31` - `2021-11-29`	3 months	crt.sh
connection-sggz.nl R3	`2021-08-05` - `2021-11-03`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-16` - `2022-07-21`	a year	crt.sh
db1.connection-sggz.nl R3	`2021-08-20` - `2021-11-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.script.adcalls.nl Sectigo RSA Domain Validation Secure Server CA	`2020-09-15` - `2021-09-16`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-07-06` - `2022-01-06`	6 months	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-23` - `2021-11-18`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
serverside.connection-sggz.nl GTS CA 1D4	`2021-08-10` - `2021-11-08`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-23` - `2021-11-18`	6 months	crt.sh
api.adcalls.nl Sectigo RSA Domain Validation Secure Server CA	`2020-10-12` - `2021-10-13`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Frame ID: E46FCE9445006A8AB2D9E5E44341D5FA
Requests: 52 HTTP requests in this frame

Frame: https://extreme.new-message.support/helper/index.html
Frame ID: 392B40197B3EB98B64E843646D87208D
Requests: 3 HTTP requests in this frame

Frame: https://extreme.new-message.support/helper/index.html
Frame ID: DAE5AFA7EC4D18B73B022390EB35C3F5
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Verslaving | Informatie over verslavingen & behandeling

Page URL History Show full URLs

https://bestadmax.com/display/?page=query/items/&aduid=13&pid=10&displaytype=9&direct=1 Page URL
https://bestadmax.com/display/index.php?page=query/load/aHR0cHM6Ly9lbmV2ZXJhbHMuYml6L3JlZGlyZWN0P3... Page URL
https://eneverals.biz/redirect?tid=934216 HTTP 302
http://redir.flowwiththetide.xyz/click?i=dFiawRja9Tg_0 HTTP 302
https://bnmu.xyz/click.php?key=ksc4dots5szrjhvu41tr&src=85543.934216 HTTP 302
https://holofiber.xyz/?s_id=9167&brs=rkz&p=90&bcid=033c7sy17zwa6vr4d9&tb=PUSHKATB Page URL
http://holofiber.xyz/r?t=http%3A%2F%2Fwww.adexmedias.com%2Ffeed%2Fclick%2F%3Ft1%3D128%26tid%3D256... HTTP 302
http://www.adexmedias.com/feed/click/?t1=128&tid=256&uid=152&subid=rphn12&id=20723cfbb2d0f3bb9c40eca5d... HTTP 302
https://ioheiy.com/dsp/ph/clcm?aid=11332508171912433410&mid=0&t=1630668127&s=690982&sid=1023 HTTP 302
https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Reco... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

57
Requests

100 %
HTTPS

53 %
IPv6

26
Domains

31
Subdomains

26
IPs

4
Countries

1099 kB
Transfer

1861 kB
Size

9
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/company/connection-sggz/
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCJS1NsTzRLqgpL7SKPUOpBw
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/connectionsggz/
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bestadmax.com/display/?page=query/items/&aduid=13&pid=10&displaytype=9&direct=1 Page URL
https://bestadmax.com/display/index.php?page=query/load/aHR0cHM6Ly9lbmV2ZXJhbHMuYml6L3JlZGlyZWN0P3RpZD05MzQyMTY=/Ly90cmFja2luZy5haHZjbGljay5jb20vdHJhY2svaW5kZXgucGhwP3BhZ2U9YWN0aW9uL2ltcHJlc3Npb24vM3wxNnwwfDEwfDEzfDF8MHw5fDB8MTZ8MC4wMDAzfDAuMDAxfDB8MC9mODgyNmMwNzZiZjM4Y2RjNmIwNjQzYTBhNjBmM2UxZS8xNjMwNjY4MTQ3L0RF//0 Page URL
https://eneverals.biz/redirect?tid=934216 HTTP 302
http://redir.flowwiththetide.xyz/click?i=dFiawRja9Tg_0 HTTP 302
https://bnmu.xyz/click.php?key=ksc4dots5szrjhvu41tr&src=85543.934216 HTTP 302
https://holofiber.xyz/?s_id=9167&brs=rkz&p=90&bcid=033c7sy17zwa6vr4d9&tb=PUSHKATB Page URL
http://holofiber.xyz/r?t=http%3A%2F%2Fwww.adexmedias.com%2Ffeed%2Fclick%2F%3Ft1%3D128%26tid%3D256%26uid%3D152%26subid%3Drphn12%26id%3D20723cfbb2d0f3bb9c40eca5dee29cdd%3Adbc5236957caa605900ff9eb5ef48c181467a13e9c890dfbfb4cb93e5ac84663640fdb40bfa057034b663161aa80fa38b5e2c3f8132c9a8d24c46b4fc5aa01ba2dfd4eb56ecba81b1a05f01dfc3a32540dedaf4132b14a381a64a3828b3cefbc89f61afe765329e1165d905f3bba111798bafcbf401884b24c082c72df12fd8dc6a8d6363f887c583247a1562bf1d5176a2d831ceb50af7f3f473afd6dfe7031d406dcdeac460a5d51223750aa8c92aad0700bdee985c8bf2e2375cf04e9d4aa81e925291a1e85546a5d70c435591e770c5fa565984771a858a53cd3b9edc7e724df5ea327569443aef9d046d01222847d84eff814dbd312678c940e7d6fbfcecd1106b09ba694dde6d021684e8d464546b16200617baef9553cff9eb9cebf1b4b52a0863bcd7693e6b0425f11e4c05361ce7097d7997215a9d901cfb7369784bf2272b96897bc4b65938da0602aae49440114cb8b9a1a40eb7518a923680ac232c04e8c02964c196f77c7ce557d5b81 HTTP 302
http://www.adexmedias.com/feed/click/?t1=128&tid=256&uid=152&subid=rphn12&id=20723cfbb2d0f3bb9c40eca5dee29cdd:dbc5236957caa605900ff9eb5ef48c181467a13e9c890dfbfb4cb93e5ac84663640fdb40bfa057034b663161aa80fa38b5e2c3f8132c9a8d24c46b4fc5aa01ba2dfd4eb56ecba81b1a05f01dfc3a32540dedaf4132b14a381a64a3828b3cefbc89f61afe765329e1165d905f3bba111798bafcbf401884b24c082c72df12fd8dc6a8d6363f887c583247a1562bf1d5176a2d831ceb50af7f3f473afd6dfe7031d406dcdeac460a5d51223750aa8c92aad0700bdee985c8bf2e2375cf04e9d4aa81e925291a1e85546a5d70c435591e770c5fa565984771a858a53cd3b9edc7e724df5ea327569443aef9d046d01222847d84eff814dbd312678c940e7d6fbfcecd1106b09ba694dde6d021684e8d464546b16200617baef9553cff9eb9cebf1b4b52a0863bcd7693e6b0425f11e4c05361ce7097d7997215a9d901cfb7369784bf2272b96897bc4b65938da0602aae49440114cb8b9a1a40eb7518a923680ac232c04e8c02964c196f77c7ce557d5b81 HTTP 302
https://ioheiy.com/dsp/ph/clcm?aid=11332508171912433410&mid=0&t=1630668127&s=690982&sid=1023 HTTP 302
https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://eneverals.biz/redirect?tid=934216 HTTP 302
http://redir.flowwiththetide.xyz/click?i=dFiawRja9Tg_0 HTTP 302
https://bnmu.xyz/click.php?key=ksc4dots5szrjhvu41tr&src=85543.934216 HTTP 302
https://holofiber.xyz/?s_id=9167&brs=rkz&p=90&bcid=033c7sy17zwa6vr4d9&tb=PUSHKATB

Request Chain 11

https://images.adex.media/image/feed/?id=eyJkYXRlIjoiMjAyMS0wOS0wM1QxMToyMjowNy44NjRaIiwidHlwZSI6Imljb24iLCJ1aWQiOjE1MiwidGlkIjoyNTYsInN1YmlkIjoicnBobjEyIiwic2lkIjoiNTczMzczNjg0NDEzNDY0NDI3MyIsInNlYXJjaF9pcCI6IjIxMy4yMzIuODcuMTc5Iiwic2VhcmNoX3VhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkyLjAuNDUxNS4xMzEgU2FmYXJpLzUzNy4zNiIsImZpZCI6OTcsInVybCI6Imh0dHBzOi8vaW9oZWl5LmNvbS9kc3AvcGgvaWNtP2FpZD0xMTMzMjUwODE3MTkxMjQzMzQxMCZtaWQ9MCZzaWQ9MTAyMyZ0PTE2MzA2NjgxMjcmc3ViaWQ9MjU2eHJwaG4xMiIsInBpeGVsIjoiIiwicDIiOiIiLCJyIjowLCJuYXRpdmUiOmZhbHNlfQ== HTTP 302
https://ioheiy.com/dsp/ph/icm?aid=11332508171912433410&mid=0&sid=1023&t=1630668127&subid=256xrphn12 HTTP 302
https://i.wmgtr.com/cim/CeZUY2jlxJxy0acfFzrcWnxnbZuWqS7h.png

Request Chain 12

https://images.adex.media/image/feed/?id=eyJkYXRlIjoiMjAyMS0wOS0wM1QxMToyMjowNy44NjRaIiwidHlwZSI6ImltYWdlIiwidWlkIjoxNTIsInRpZCI6MjU2LCJzdWJpZCI6InJwaG4xMiIsInNpZCI6IjU3MzM3MzY4NDQxMzQ2NDQyNzMiLCJzZWFyY2hfaXAiOiIyMTMuMjMyLjg3LjE3OSIsInNlYXJjaF91YSI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTMxIFNhZmFyaS81MzcuMzYiLCJmaWQiOjk3LCJ1cmwiOiJodHRwczovL2kud21ndHIuY29tL2NpbS9DZVpVWTJqbHhKeHkwYWNmRnpyY1dueG5iWnVXcVM3aC5wbmciLCJwaXhlbCI6IiIsInAyIjoiIiwiciI6MCwibmF0aXZlIjpmYWxzZX0= HTTP 302
https://i.wmgtr.com/cim/CeZUY2jlxJxy0acfFzrcWnxnbZuWqS7h.png

57 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
bestadmax.com/display/ 1 KB
1 KB 88ms
62ms Document
text/html 2606:4700:3031::ac43:869f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bestadmax.com/display/?page=query/items/&aduid=13&pid=10&displaytype=9&direct=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:869f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55eed39a3a6b352d9945061a1bd8989ea64fd194d206b776fd1534c2eee636d9

Request headers

:method: GET
:authority: bestadmax.com
:scheme: https
:path: /display/?page=query/items/&aduid=13&pid=10&displaytype=9&direct=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:22:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jieu0BHeKx1OZ%2Bc6N9oU%2FvY0puWe%2FvoXzQjB8oNW2FqGs9ZhKzP%2F3Qq255%2Fsubh54cymAFlq2MRMJHwODf3NUi2KIwGmP4dFh6b1L3k5w7V1k4QDlDPl5OLSi%2FsMhxZ1Z6Iopan1nSDKaa3a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 688e9928ab6d4401-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 index.php Show response
bestadmax.com/display/ 598 B
891 B 49ms
38ms Document
text/html 2606:4700:3031::ac43:869f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bestadmax.com/display/index.php?page=query/load/aHR0cHM6Ly9lbmV2ZXJhbHMuYml6L3JlZGlyZWN0P3RpZD05MzQyMTY=/Ly90cmFja2luZy5haHZjbGljay5jb20vdHJhY2svaW5kZXgucGhwP3BhZ2U9YWN0aW9uL2ltcHJlc3Npb24vM3wxNnwwfDEwfDEzfDF8MHw5fDB8MTZ8MC4wMDAzfDAuMDAxfDB8MC9mODgyNmMwNzZiZjM4Y2RjNmIwNjQzYTBhNjBmM2UxZS8xNjMwNjY4MTQ3L0RF//0
Requested by: Host: bestadmax.com
URL: https://bestadmax.com/display/?page=query/items/&aduid=13&pid=10&displaytype=9&direct=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:869f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b64e2724aff40d243d12877e9dcfb241a19e985b8ee114c8f7a989aa5d21551c

Request headers

:method: GET
:authority: bestadmax.com
:scheme: https
:path: /display/index.php?page=query/load/aHR0cHM6Ly9lbmV2ZXJhbHMuYml6L3JlZGlyZWN0P3RpZD05MzQyMTY=/Ly90cmFja2luZy5haHZjbGljay5jb20vdHJhY2svaW5kZXgucGhwP3BhZ2U9YWN0aW9uL2ltcHJlc3Npb24vM3wxNnwwfDEwfDEzfDF8MHw5fDB8MTZ8MC4wMDAzfDAuMDAxfDB8MC9mODgyNmMwNzZiZjM4Y2RjNmIwNjQzYTBhNjBmM2UxZS8xNjMwNjY4MTQ3L0RF//0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://bestadmax.com/display/?page=query/items/&aduid=13&pid=10&displaytype=9&direct=1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _data_pop=16-1-1630675325
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Referer: https://bestadmax.com/display/?page=query/items/&aduid=13&pid=10&displaytype=9&direct=1

Response headers

date: Fri, 03 Sep 2021 11:22:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJoyBkuiim641771pYuVl4L%2FB5YIsV0Da6q23JKrtFJDKcd192YZUJCt2jI3Tw%2FT8mx9jWkjoJ%2FXdzJeAwzhAr67%2B02YVsntFxPz%2BbzsojUAeyiSYvRRLZoEeNnReEHbVylj%2BlCkoGfSUaMa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 688e992928f6535d-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 index.php Show response
tracking.ahvclick.com/track/ 1 B
597 B 69ms
40ms Script
application/javascript 2606:4700:3037::6815:5de3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.ahvclick.com/track/index.php?page=action/impression/3|16|0|10|13|1|0|9|0|16|0.0003|0.001|0|0/f8826c076bf38cdc6b0643a0a60f3e1e/1630668147/DE
Requested by: Host: bestadmax.com
URL: https://bestadmax.com/display/index.php?page=query/load/aHR0cHM6Ly9lbmV2ZXJhbHMuYml6L3JlZGlyZWN0P3RpZD05MzQyMTY=/Ly90cmFja2luZy5haHZjbGljay5jb20vdHJhY2svaW5kZXgucGhwP3BhZ2U9YWN0aW9uL2ltcHJlc3Npb24vM3wxNnwwfDEwfDEzfDF8MHw5fDB8MTZ8MC4wMDAzfDAuMDAxfDB8MC9mODgyNmMwNzZiZjM4Y2RjNmIwNjQzYTBhNjBmM2UxZS8xNjMwNjY4MTQ3L0RF//0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5de3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer: https://bestadmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:22:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.2.34
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Grecn1NxkZhKXwJK%2Bj0JRltovKOqLj9bQOOp7zz7QQEY4hsCWjaz9jQfEO9WmbGh7hgmAmB%2BSqhWoTzjb5c1LgKq8Ew6AOXBq9Ea9h7Ytj8h%2B6WQ6SpZO3DhxR%2FwGt81jdVEuh0phMZoXxQNq3smHEI6hpA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 688e9929abf35b32-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1

GET
H2

200

/ Show response
holofiber.xyz/
Redirect Chain

https://eneverals.biz/redirect?tid=934216
http://redir.flowwiththetide.xyz/click?i=dFiawRja9Tg_0
https://bnmu.xyz/click.php?key=ksc4dots5szrjhvu41tr&src=85543.934216
https://holofiber.xyz/?s_id=9167&brs=rkz&p=90&bcid=033c7sy17zwa6vr4d9&tb=PUSHKATB

325 B
778 B

72ms
43ms

Document
text/html

2606:4700:3037::6815:483f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holofiber.xyz/?s_id=9167&brs=rkz&p=90&bcid=033c7sy17zwa6vr4d9&tb=PUSHKATB
Requested by: Host: bestadmax.com
URL: https://bestadmax.com/display/index.php?page=query/load/aHR0cHM6Ly9lbmV2ZXJhbHMuYml6L3JlZGlyZWN0P3RpZD05MzQyMTY=/Ly90cmFja2luZy5haHZjbGljay5jb20vdHJhY2svaW5kZXgucGhwP3BhZ2U9YWN0aW9uL2ltcHJlc3Npb24vM3wxNnwwfDEwfDEzfDF8MHw5fDB8MTZ8MC4wMDAzfDAuMDAxfDB8MC9mODgyNmMwNzZiZjM4Y2RjNmIwNjQzYTBhNjBmM2UxZS8xNjMwNjY4MTQ3L0RF//0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:483f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c752df31c76e258194e2b56133a82ba863642d490e9313992dae2bfab2dcf38

Request headers

:method: GET
:authority: holofiber.xyz
:scheme: https
:path: /?s_id=9167&brs=rkz&p=90&bcid=033c7sy17zwa6vr4d9&tb=PUSHKATB
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Referer: https://bestadmax.com/display/index.php?page=query/load/aHR0cHM6Ly9lbmV2ZXJhbHMuYml6L3JlZGlyZWN0P3RpZD05MzQyMTY=/Ly90cmFja2luZy5haHZjbGljay5jb20vdHJhY2svaW5kZXgucGhwP3BhZ2U9YWN0aW9uL2ltcHJlc3Npb24vM3wxNnwwfDEwfDEzfDF8MHw5fDB8MTZ8MC4wMDAzfDAuMDAxfDB8MC9mODgyNmMwNzZiZjM4Y2RjNmIwNjQzYTBhNjBmM2UxZS8xNjMwNjY4MTQ3L0RF//0

Response headers

date: Fri, 03 Sep 2021 11:22:07 GMT
content-type: text/html
last-modified: Tue, 24 Aug 2021 18:48:45 GMT
referrer-policy: no-referrer
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WwAx%2BWxzpEmzB%2F344whi1MMYdOYIo3w%2B7G5xwS7t3W75PeC%2FP%2Fyph%2BPAfGfJg%2FShkLcOr85vAmcPwlhciHEaUdXo8%2Frs5I6mxXjXYWq2s77waG7CahM090TJmSsQcGhAedLNeMf2THTcoBIH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 688e993568004e19-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date: Fri, 03 Sep 2021 11:22:07 GMT
content-type: text/html; charset=UTF-8
set-cookie: uclick=sy17zwa6vr; expires=Sat, 04-Sep-2021 11:22:07 GMT; Max-Age=86400; path=/; secure; SameSite=none uclickhash=sy17zwa6vr-sy17zwa6vr-9r0-0-ik3y-qe37-qetl-1d4a89; expires=Sat, 04-Sep-2021 11:22:07 GMT; Max-Age=86400; path=/; secure; SameSite=none
location: https://holofiber.xyz/?s_id=9167&brs=rkz&p=90&bcid=033c7sy17zwa6vr4d9&tb=PUSHKATB
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDXjHV0clKbsWZz8s6wDHSQXWnwARpb2MFbb99ik7s7LmDV7UmwdzBTtsMep5tBuYthL739Uy5VIORw4QC%2FMF5BiG74FT7jgiX%2FKNjwAsKogJRPG93MtClZdt%2BzgSqhJ3Tv%2BRH9A4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 688e9934cfb75363-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 index.5f8aa019fdfa4134b375.js Show response
holofiber.xyz/ 48 KB
19 KB 31ms
21ms Script
application/javascript 2606:4700:3037::6815:483f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holofiber.xyz/index.5f8aa019fdfa4134b375.js
Requested by: Host: holofiber.xyz
URL: https://holofiber.xyz/?s_id=9167&brs=rkz&p=90&bcid=033c7sy17zwa6vr4d9&tb=PUSHKATB
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:483f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d17be3fb542ceb7fbfeaa22513cc8b45ecda0836610f5e3ade94b81b9f1ac8ee

Request headers

:path: /index.5f8aa019fdfa4134b375.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holofiber.xyz
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:22:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59592
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: no-referrer
last-modified: Tue, 24 Aug 2021 18:48:45 GMT
server: cloudflare
etag: W/"61253f0d-c0b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bLewSILJ2ZDRyIA%2FRQY0UePSaDQD%2BH3UqG0gITWzgXwCzQT7Fo%2FAeLeHNtTshy0vOBSsd%2FIZGKLic%2FB%2BIYzAZSmYG63kVR3Pvw2c6U3dasp0BKYSgS7zMz46Zt9XHAiWKdNWanuX2pS7lVXw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 688e9935cd804dd6-FRA

GET
H2 200 data.json Show response
rtb.trade/api/v1/ 3 KB
2 KB 620ms
577ms Fetch
application/json 104.21.11.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.trade/api/v1/data.json?dist_id=6400&encode=true&limit=1&s_id=9167
Requested by: Host: holofiber.xyz
URL: https://holofiber.xyz/index.5f8aa019fdfa4134b375.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.11.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e2ff2b5215a97b3b367f831b1e6d6959803a43591293b90eb081e976f9ef6cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:22:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwidUc%2BjtKZJour5mY8hyKKs7%2FIADR7ee%2F2HI9PAl7umNtAuKjX9oD6ZlEUx9sHe93S0m4ohbgmFfBhCPROwvIr3%2B%2B2f%2BKVywPVfJ8WSf1PHSdv2YLvF3owVMmQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 688e9936588d00bf-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-robots-tag: noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex

GET
H2 200 index.html Show response
extreme.new-message.support/helper/ Frame 392B 190 B
353 B 124ms
22ms Document
text/html 138.68.113.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://extreme.new-message.support/helper/index.html
Requested by: Host: holofiber.xyz
URL: https://holofiber.xyz/index.5f8aa019fdfa4134b375.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.68.113.179 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.1 /
Resource Hash: 3285ba58912913b731158224e6daa5401f66d6b3ce13266e4b51e8ba15910a36

Request headers

:method: GET
:authority: extreme.new-message.support
:scheme: https
:path: /helper/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

server: nginx/1.17.1
date: Fri, 03 Sep 2021 11:22:08 GMT
content-type: text/html
last-modified: Thu, 14 May 2020 11:45:14 GMT
vary: Accept-Encoding
etag: W/"5ebd2f4a-be"
x-robots-tag: noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex
content-encoding: gzip

GET
H2 200 index.html Show response
extreme.new-message.support/helper/ Frame DAE5 190 B
352 B 123ms
22ms Document
text/html 138.68.113.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://extreme.new-message.support/helper/index.html
Requested by: Host: holofiber.xyz
URL: https://holofiber.xyz/index.5f8aa019fdfa4134b375.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.68.113.179 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.1 /
Resource Hash: 3285ba58912913b731158224e6daa5401f66d6b3ce13266e4b51e8ba15910a36

Request headers

:method: GET
:authority: extreme.new-message.support
:scheme: https
:path: /helper/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

server: nginx/1.17.1
date: Fri, 03 Sep 2021 11:22:08 GMT
content-type: text/html
last-modified: Thu, 14 May 2020 11:45:14 GMT
vary: Accept-Encoding
etag: W/"5ebd2f4a-be"
x-robots-tag: noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex
content-encoding: gzip

GET
H2 204 icon
premixture.com/api/tracker/ 0
0 45ms
27ms Fetch 2606:4700:3030::ac43:b384
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://premixture.com/api/tracker/icon?d=6400&f=663&s=9167&src=rphn12
Requested by: Host: holofiber.xyz
URL: https://holofiber.xyz/index.5f8aa019fdfa4134b375.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b384 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:22:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET, POST, HEAD, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6wBgZ2rglXMycLdILXDktIZVrFEQabE6xKeFVTPCn8aoNalfWNb%2FAvLBp5x%2FUqwD%2BcgcsTN92jLOjvKZ0S7skUKLlRUHHK1rvbIunyz0jT%2FVdrB9B%2FoBzNFKULdVK2ip7D2bm6fyckbNymASew%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 688e993a18135b62-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-robots-tag: noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex

GET
H2 200 index.js Show response
extreme.new-message.support/helper/ Frame 392B 6 KB
3 KB 22ms
22ms Script
application/javascript 138.68.113.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://extreme.new-message.support/helper/index.js
Requested by: Host: extreme.new-message.support
URL: https://extreme.new-message.support/helper/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.68.113.179 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.1 /
Resource Hash: 56e6520f7e789fe812595c43503c5560a21945e7343b24ff22a624162aa44b40

Request headers

Referer: https://extreme.new-message.support/helper/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:22:08 GMT
content-encoding: gzip
last-modified: Thu, 14 May 2020 11:45:14 GMT
server: nginx/1.17.1
etag: W/"5ebd2f4a-1865"
vary: Accept-Encoding
content-type: application/javascript
x-robots-tag: noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex

GET
H2 200 index.js Show response
extreme.new-message.support/helper/ Frame DAE5 6 KB
3 KB 22ms
22ms Script
application/javascript 138.68.113.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://extreme.new-message.support/helper/index.js
Requested by: Host: extreme.new-message.support
URL: https://extreme.new-message.support/helper/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.68.113.179 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.1 /
Resource Hash: 56e6520f7e789fe812595c43503c5560a21945e7343b24ff22a624162aa44b40

Request headers

Referer: https://extreme.new-message.support/helper/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:22:08 GMT
content-encoding: gzip
last-modified: Thu, 14 May 2020 11:45:14 GMT
server: nginx/1.17.1
etag: W/"5ebd2f4a-1865"
vary: Accept-Encoding
content-type: application/javascript
x-robots-tag: noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex

GET
H2

200

CeZUY2jlxJxy0acfFzrcWnxnbZuWqS7h.png Show response
i.wmgtr.com/cim/ Frame 392B
Redirect Chain

https://images.adex.media/image/feed/?id=eyJkYXRlIjoiMjAyMS0wOS0wM1QxMToyMjowNy44NjRaIiwidHlwZSI6Imljb24iLCJ1aWQiOjE1MiwidGlkIjoyNTYsInN1YmlkIjoicnBobjEyIiwic2lkIjoiNTczMzczNjg0NDEzNDY0NDI3MyIsInNl...
https://ioheiy.com/dsp/ph/icm?aid=11332508171912433410&mid=0&sid=1023&t=1630668127&subid=256xrphn12
https://i.wmgtr.com/cim/CeZUY2jlxJxy0acfFzrcWnxnbZuWqS7h.png

5 KB
5 KB

18ms
17ms

Fetch
image/png

213.174.135.32
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.wmgtr.com/cim/CeZUY2jlxJxy0acfFzrcWnxnbZuWqS7h.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.174.135.32 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

e4f129a3a86aa689b22a70cc3940132a4262924b95dee87f07d580b5e8065cca

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://extreme.new-message.support/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:22:09 GMT
content-encoding: gzip
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
expires: Fri, 03 Sep 2021 23:22:09 GMT
cache-control: max-age=43200
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

Redirect headers

location: https://i.wmgtr.com/cim/CeZUY2jlxJxy0acfFzrcWnxnbZuWqS7h.png
date: Fri, 03 Sep 2021 11:22:09 GMT
server: nginx/1.18.0
content-length: 0

GET
H2

200

CeZUY2jlxJxy0acfFzrcWnxnbZuWqS7h.png Show response
i.wmgtr.com/cim/ Frame DAE5
Redirect Chain

https://images.adex.media/image/feed/?id=eyJkYXRlIjoiMjAyMS0wOS0wM1QxMToyMjowNy44NjRaIiwidHlwZSI6ImltYWdlIiwidWlkIjoxNTIsInRpZCI6MjU2LCJzdWJpZCI6InJwaG4xMiIsInNpZCI6IjU3MzM3MzY4NDQxMzQ2NDQyNzMiLCJz...
https://i.wmgtr.com/cim/CeZUY2jlxJxy0acfFzrcWnxnbZuWqS7h.png

5 KB
5 KB

52ms
17ms

Fetch
image/png

213.174.135.32
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.wmgtr.com/cim/CeZUY2jlxJxy0acfFzrcWnxnbZuWqS7h.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.174.135.32 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

e4f129a3a86aa689b22a70cc3940132a4262924b95dee87f07d580b5e8065cca

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://extreme.new-message.support/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:22:09 GMT
content-encoding: gzip
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
expires: Fri, 03 Sep 2021 23:22:09 GMT
cache-control: max-age=43200
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 11:22:08 GMT
X-Powered-By: Express
Surrogate-Control: no-store
Vary: Accept
Content-Type: text/plain; charset=utf-8
Location: https://i.wmgtr.com/cim/CeZUY2jlxJxy0acfFzrcWnxnbZuWqS7h.png
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 82
Expires: 0

GET
H2 200 4f6245dff73b67132169097bc86c245a.png
holofiber.xyz/ 12 KB
13 KB 14ms
14ms Image
image/png 2606:4700:3037::6815:483f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://holofiber.xyz/4f6245dff73b67132169097bc86c245a.png
Requested by: Host: holofiber.xyz
URL: https://holofiber.xyz/?s_id=9167&brs=rkz&p=90&bcid=033c7sy17zwa6vr4d9&tb=PUSHKATB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:483f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecc94b5efd3860236f91255c87dbe9f3db4d83db39ab6ac68b28f08ba26fc1dc

Request headers

:path: /4f6245dff73b67132169097bc86c245a.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: holofiber.xyz
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:22:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59595
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12675
referrer-policy: no-referrer
last-modified: Tue, 24 Aug 2021 18:48:45 GMT
server: cloudflare
etag: "61253f0d-3183"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqV%2FG99oT6B7ObRXHUSAuH%2B8xQpCspyHTMdjm2l9Sr%2FZ6%2FxuRjrF210hGhXa4BalmFFQ90TmsL5HdA5GAtqbhEkC4u%2BEuiZH7KV2Kia00vyiQQbi%2F2EeXDy8Kz78CZ8YPYsMOyfaNmi9v0GL"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 688e994cba7c4e19-FRA

GET
H2 200 click.php
bnmu.xyz/ 0
0 73ms
57ms Fetch
text/html 2606:4700:3034::6815:1914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bnmu.xyz/click.php?cnv_id=033c7sy17zwa6vr4d9&payout=0.00039847499999999997

Requested by

Host: holofiber.xyz
URL: https://holofiber.xyz/index.5f8aa019fdfa4134b375.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:22:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kHiZYWSr3uv%2FX7BbzejhesdRQgTxpliTStN7A6pZbTOMfBr4mWHK5uub22WNZh1m3E37LCkvnx2qNmC87oq0HyYgyPk5YbfC7Mz82PxmfY7hpBfFqenAd9y43LzjvBl9QO6i3ubYpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 688e994eca804ec1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 204 url
premixture.com/api/tracker/ 0
0 29ms
28ms Fetch 2606:4700:3030::ac43:b384
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://premixture.com/api/tracker/url?c=MC4wMDE5OTIzNzU%3D&d=6400&f=663&s=9167&src=rphn12
Requested by: Host: holofiber.xyz
URL: https://holofiber.xyz/index.5f8aa019fdfa4134b375.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b384 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:22:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET, POST, HEAD, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFdCXEBC80UwUxxmnIcZCSZbbQvFVbxYbaDtPRpFl7s5fJ0ckjhhlM9bVaS%2FC%2FJ%2FCpsIYCGaojkjl9TyUtCgPsgwvL5Hr38AYHh6PPnrOLgEq%2FpNNRWQXMzqvdxvRbjxUKIds55YvCahrANRyw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 688e994ebcd85b62-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-robots-tag: noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex

GET
H/1.1

200
OK

Primary Request verslaving Show response
www.connection-sggz.nl/
Redirect Chain

http://holofiber.xyz/r?t=http%3A%2F%2Fwww.adexmedias.com%2Ffeed%2Fclick%2F%3Ft1%3D128%26tid%3D256%26uid%3D152%26subid%3Drphn12%26id%3D20723cfbb2d0f3bb9c40eca5dee29cdd%3Adbc5236957caa605900ff9eb5ef4...
http://www.adexmedias.com/feed/click/?t1=128&tid=256&uid=152&subid=rphn12&id=20723cfbb2d0f3bb9c40eca5dee29cdd:dbc5236957caa605900ff9eb5ef48c181467a13e9c890dfbfb4cb93e5ac84663640fdb40bfa057034b66316...
https://ioheiy.com/dsp/ph/clcm?aid=11332508171912433410&mid=0&t=1630668127&s=690982&sid=1023
https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery

120 KB
26 KB

122ms
33ms

Document
text/html

89.41.170.227
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL

https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery

Requested by

Host: holofiber.xyz
URL: https://holofiber.xyz/index.5f8aa019fdfa4134b375.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

89.41.170.227 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

ha-ip.cache.back-site.nl

Software

nginx/1.16.1 /

Resource Hash

5dc41257232700bc61c3f5e8f3eba3399121e198b5ffbb42a32dcc1ada5e1002

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Host: www.connection-sggz.nl
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Referer: https://holofiber.xyz/?s_id=9167&brs=rkz&p=90&bcid=033c7sy17zwa6vr4d9&tb=PUSHKATB

Response headers

Server: nginx/1.16.1
Date: Fri, 03 Sep 2021 11:22:12 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 25689
Connection: keep-alive
Feature-Policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; camera 'self'; display-capture 'self'; document-domain *; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; payment 'self'; picture-in-picture *; speaker 'self'; sync-xhr *; usb 'self'; vr 'self'
Strict-Transport-Security: max-age=15552000; preload
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: sameorigin
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
X-DirectEffect-RemoveCacheControl: 1
Content-Encoding: gzip
X-DirectEffect-Cache: HIT
Accept-Ranges: bytes

Redirect headers

server: nginx/1.18.0
date: Fri, 03 Sep 2021 11:22:12 GMT
content-type: text/html; charset=utf-8
content-length: 233
location: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery

GET
H/1.1 200
OK app.css
www.connection-sggz.nl/css/ 216 KB
31 KB 26ms
25ms Stylesheet
text/css 89.41.170.227
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://www.connection-sggz.nl/css/app.css?id=8b9077a6ee62c49bfe3a
Requested by: Host: www.connection-sggz.nl
URL: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 89.41.170.227 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: ha-ip.cache.back-site.nl
Software: nginx/1.16.1 /
Resource Hash: fe2530239de8ae4d405fcfd001b32f4e09f8b580383a4437baadd057542c2ba3

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.connection-sggz.nl
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Connection: keep-alive
Referer: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 11:22:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Feb 2021 15:46:30 GMT
Server: nginx/1.16.1
ETag: "360cc-5ba5c5fc42180-gzip"
Content-Type: text/css
Cache-Control: max-age=31557600, public
Connection: keep-alive
Accept-Ranges: bytes
X-DirectEffect-Cache: HIT
Content-Length: 31585

GET
H3-29 200 all.css
use.fontawesome.com/releases/v5.14.0/css/ 58 KB
13 KB 41ms
28ms Stylesheet
text/css 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.14.0/css/all.css
Requested by: Host: www.connection-sggz.nl
URL: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

Referer: https://www.connection-sggz.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:22:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5066088
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: H4FDH4DX5K3DT7H9
x-amz-id-2: frQdVaRd+QgG4M9jHRn5rOsPN4FHzHlZ0Z2SIvjbppVLGQyQIpj1wIuw/Ykpo90LooK7J3O9X7w=
last-modified: Wed, 30 Jun 2021 15:39:23 GMT
server: cloudflare
etag: W/"84d8ad2b4fcdc0f0c58247e778133b3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7erpSXXkvTi99pInKSS%2B8mEcMLdeKR%2B1bNQE2I8YJkAX56JggJfRX8nET0%2FQrNLZDFUvoPAlFftqNCGgaWfu2geK5dbHtXl5DMg5DJsDeXMm4XXMP0L%2BJIUnDMRfcbtU%2B7epEtGILlhsjXAsRhWPwvaj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 688e99540cf60631-FRA

GET
H3-29 200 css
fonts.googleapis.com/ 6 KB
503 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Assistant:200,300,400,600,700,800&display=swap

Requested by

Host: www.connection-sggz.nl
URL: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

032dc98357b1636527b18e7f34ba4fe313f55edbe512bbb93059ec10afa4f2dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.connection-sggz.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 03 Sep 2021 11:22:12 GMT
server: ESF
date: Fri, 03 Sep 2021 11:22:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Sep 2021 11:22:12 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
162 B 24ms
9ms Stylesheet
text/css 2a02:26f0:6c00:28d::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=rzz8meb&ht=tk&f=9795.9797&a=8501775&app=typekit&e=css
Requested by: Host: www.connection-sggz.nl
URL: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28d::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://www.connection-sggz.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:22:12 GMT
last-modified: Thu, 05 Nov 2020 13:49:42 GMT
server: nginx
etag: "5fa402f6-5"
content-type: text/css
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H/1.1 200
OK logo.png
www.connection-sggz.nl/images/ 6 KB
7 KB 53ms
18ms Image
image/webp 89.41.170.227
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.connection-sggz.nl/images/logo.png
Requested by: Host: www.connection-sggz.nl
URL: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 89.41.170.227 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: ha-ip.cache.back-site.nl
Software: nginx/1.16.1 /
Resource Hash: 4fec89e5ef4f94aae9ea7ca8fe2fc1ca4bbbe96fe2e68d2557118cc6c83cd37d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.connection-sggz.nl
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Connection: keep-alive
Referer: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 11:22:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Feb 2021 10:07:50 GMT
Server: nginx/1.16.1
ETag: "1992-5ba6bc270e980-gzip"
Content-Type: image/webp
Cache-Control: max-age=31557600, public
Connection: keep-alive
Accept-Ranges: bytes
X-DirectEffect-Cache: HIT
Content-Length: 6569
Expires: Sat, 11 Sep 2021 11:22:12 GMT

GET
H/1.1 200
OK logo-wit.png
www.connection-sggz.nl/images/ 3 KB
4 KB 54ms
19ms Image
image/webp 89.41.170.227
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.connection-sggz.nl/images/logo-wit.png
Requested by: Host: www.connection-sggz.nl
URL: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 89.41.170.227 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: ha-ip.cache.back-site.nl
Software: nginx/1.16.1 /
Resource Hash: 7aa16bfbf8bd041f1c859f96b9f89a7f645acf08ac05ce48f5eeffd5b4f6b2bf

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.connection-sggz.nl
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Connection: keep-alive
Referer: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 11:22:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Feb 2021 10:06:18 GMT
Server: nginx/1.16.1
ETag: "ca2-5ba6bbcf51a80-gzip"
Content-Type: image/webp
Cache-Control: max-age=31557600, public
Connection: keep-alive
Accept-Ranges: bytes
X-DirectEffect-Cache: HIT
Content-Length: 3257
Expires: Sat, 11 Sep 2021 11:22:12 GMT

GET
H/1.1 200
OK nl.png
www.connection-sggz.nl/images/languages/ 122 B
472 B 53ms
19ms Image
image/png 89.41.170.227
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.connection-sggz.nl/images/languages/nl.png
Requested by: Host: www.connection-sggz.nl
URL: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 89.41.170.227 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: ha-ip.cache.back-site.nl
Software: nginx/1.16.1 /
Resource Hash: 54be18f3af7f0a203474f65840c8e7a2ebdae9bdb3c98e638bbd95506d586834

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.connection-sggz.nl
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Connection: keep-alive
Referer: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 11:22:12 GMT
Last-Modified: Mon, 21 Jun 2021 09:23:08 GMT
Server: nginx/1.16.1
ETag: "7a-5c54338af96e2"
Content-Type: image/png
Cache-Control: max-age=31557600, public
Connection: keep-alive
Accept-Ranges: bytes
X-DirectEffect-Cache: HIT
Content-Length: 122
Expires: Sat, 11 Sep 2021 11:22:12 GMT

GET
H/1.1 200
OK check.png
www.connection-sggz.nl/storage/content/ 1 KB
2 KB 31ms
18ms Image
image/webp 89.41.170.227
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.connection-sggz.nl/storage/content/check.png
Requested by: Host: www.connection-sggz.nl
URL: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 89.41.170.227 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: ha-ip.cache.back-site.nl
Software: nginx/1.16.1 /
Resource Hash: f57282d5dc2933b1db4bf369e7ccfa6e96dbea88f0d98fa7dc46721764a894d6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.connection-sggz.nl
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Connection: keep-alive
Referer: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 11:22:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Feb 2021 09:57:42 GMT
Server: nginx/1.16.1
ETag: "484-5ba6b9e339180-gzip"
Content-Type: image/webp
Cache-Control: max-age=31557600, public
Connection: keep-alive
Accept-Ranges: bytes
X-DirectEffect-Cache: HIT
Content-Length: 1179
Expires: Sat, 11 Sep 2021 11:22:12 GMT

GET
H/1.1 200
OK manifest.js Show response
www.connection-sggz.nl/js/ 1 KB
1 KB 22ms
20ms Script
application/javascript 89.41.170.227
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://www.connection-sggz.nl/js/manifest.js?id=3c768977c2574a34506e
Requested by: Host: www.connection-sggz.nl
URL: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 89.41.170.227 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: ha-ip.cache.back-site.nl
Software: nginx/1.16.1 /
Resource Hash: 0938d5503cf14d3f9a5e612a52ebcda33e889f4e166a58eb2e59a445b8189bfc

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.connection-sggz.nl
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Connection: keep-alive
Referer: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 11:22:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Feb 2021 15:46:30 GMT
Server: nginx/1.16.1
ETag: "5d5-5ba5c5fc42180-gzip"
Content-Type: application/javascript
Cache-Control: max-age=31557600, public
Connection: keep-alive
Accept-Ranges: bytes
X-DirectEffect-Cache: HIT
Content-Length: 724

GET
H/1.1 200
OK vendor.js Show response
www.connection-sggz.nl/js/ 170 KB
51 KB 40ms
17ms Script
application/javascript 89.41.170.227
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://www.connection-sggz.nl/js/vendor.js?id=a1d7b8f1fe7973287e84
Requested by: Host: www.connection-sggz.nl
URL: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 89.41.170.227 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: ha-ip.cache.back-site.nl
Software: nginx/1.16.1 /
Resource Hash: 59455caf2e331d6daeb12852886b019135684f5bb177c6f8eeae311012f57e7c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.connection-sggz.nl
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Connection: keep-alive
Referer: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 11:22:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Feb 2021 15:46:30 GMT
Server: nginx/1.16.1
ETag: "2a663-5ba5c5fc42180-gzip"
Content-Type: application/javascript
Cache-Control: max-age=31557600, public
Connection: keep-alive
Accept-Ranges: bytes
X-DirectEffect-Cache: HIT
Content-Length: 52204

GET
H/1.1 200
OK app.js Show response
www.connection-sggz.nl/js/ 9 KB
4 KB 53ms
19ms Script
application/javascript 89.41.170.227
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://www.connection-sggz.nl/js/app.js?id=6dca472e3988895fa3aa
Requested by: Host: www.connection-sggz.nl
URL: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 89.41.170.227 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: ha-ip.cache.back-site.nl
Software: nginx/1.16.1 /
Resource Hash: 0f37b19a96d4af28be70e71a41f2808463fbb0f98ad677d3bec002af4bac7dd3

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.connection-sggz.nl
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Connection: keep-alive
Referer: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 11:22:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Feb 2021 15:46:30 GMT
Server: nginx/1.16.1
ETag: "22f0-5ba5c5fc42180-gzip"
Content-Type: application/javascript
Cache-Control: max-age=31557600, public
Connection: keep-alive
Accept-Ranges: bytes
X-DirectEffect-Cache: HIT
Content-Length: 3999

GET
H/1.1 200
OK nec.js Show response
db1.connection-sggz.nl/ 37 KB
12 KB 117ms
47ms Script
application/javascript 3.120.95.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://db1.connection-sggz.nl/nec.js

Requested by

Host: www.connection-sggz.nl
URL: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.120.95.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-120-95-238.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

102d39d344af7de76d4fdf7750554cf4de9a950e5c5b7c31e27a851ac0ca1286

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.connection-sggz.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 11:22:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Connection: keep-alive
Referrer-Policy: no-referrer
Last-Modified: Fri, 03 Sep 2021 09:34:10 GMT
Server: nginx
X-Frame-Options: DENY
ETag: W/"6131ec12-9441"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src 'self';

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 149 KB
54 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M5GC8BF

Requested by

Host: www.connection-sggz.nl
URL: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c1d32ffb0b4eac973dab1ba5a316a6cafb3d310841ef29d245a51681092c415b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.connection-sggz.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:22:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55110
x-xss-protection: 0
last-modified: Fri, 03 Sep 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Sep 2021 11:22:12 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b922eda523d97c1921b0f16578d3258580511b50f346c8cd9ea23446fc7acd0b

Request headers

Referer: https://www.connection-sggz.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK sfeerbeeld-overlay.png
www.connection-sggz.nl/images/ 7 KB
8 KB 19ms
17ms Image
image/webp 89.41.170.227
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.connection-sggz.nl/images/sfeerbeeld-overlay.png
Requested by: Host: www.connection-sggz.nl
URL: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 89.41.170.227 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: ha-ip.cache.back-site.nl
Software: nginx/1.16.1 /
Resource Hash: abd1929543f1e07232cfa2c6fbd30f4501b7b240ee09ed4b4ae154488859ea91

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.connection-sggz.nl
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Connection: keep-alive
Referer: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 11:22:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Feb 2021 10:06:00 GMT
Server: nginx/1.16.1
ETag: "1d88-5ba6bbbe27200-gzip"
Content-Type: image/webp
Cache-Control: max-age=31557600, public
Connection: keep-alive
Accept-Ranges: bytes
X-DirectEffect-Cache: HIT
Content-Length: 7533
Expires: Sat, 11 Sep 2021 11:22:12 GMT

GET
H2 200 l
use.typekit.net/af/09a46f/00000000000000003b9b033d/27/ 24 KB
24 KB 23ms
10ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/09a46f/00000000000000003b9b033d/27/l?fvd=n7&primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&v=3
Requested by: Host: www.connection-sggz.nl
URL: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2c26da2167bf41f21397e7cde712d9e42bb9e918d16881b0935b98ada9ace83d

Request headers

Origin: https://www.connection-sggz.nl
Referer: https://www.connection-sggz.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:22:12 GMT
server: nginx
etag: "b0eaa0881a0b90bee7bfd5bc5d2cc1a341721563"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24804

GET
H3-29 200 2sDcZGJYnIjSi6H75xkzaGW5.woff2
fonts.gstatic.com/s/assistant/v8/ 20 KB
20 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/assistant/v8/2sDcZGJYnIjSi6H75xkzaGW5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Assistant:200,300,400,600,700,800&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fdce601969d5ddcaf6a997e6843d92e5096e83b165ece04d907655b74945b21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.connection-sggz.nl
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:46:49 GMT
x-content-type-options: nosniff
age: 23723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20620
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 17:35:08 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 04:46:49 GMT

GET
DATA 200
OK truncated
/ 254 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9c8f1bacc45818f6a756b59dc45788daf0e55c65efd0250a5a9f3f6e44f23a5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK opsomming.svg
www.connection-sggz.nl/images/ 710 B
831 B 17ms
17ms Image
image/svg+xml 89.41.170.227
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.connection-sggz.nl/images/opsomming.svg
Requested by: Host: www.connection-sggz.nl
URL: https://www.connection-sggz.nl/css/app.css?id=8b9077a6ee62c49bfe3a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 89.41.170.227 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: ha-ip.cache.back-site.nl
Software: nginx/1.16.1 /
Resource Hash: 68af82ea1a6da931f98b2f914af76ca45fb37a9828508697a849418f060965ea

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.connection-sggz.nl
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.connection-sggz.nl/css/app.css?id=8b9077a6ee62c49bfe3a
Connection: keep-alive
Referer: https://www.connection-sggz.nl/css/app.css?id=8b9077a6ee62c49bfe3a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 11:22:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Oct 2018 08:04:58 GMT
Server: nginx/1.16.1
ETag: "2c6-579090f111e80-gzip"
Content-Type: image/svg+xml
Cache-Control: max-age=31557600, public
Connection: keep-alive
Accept-Ranges: bytes
X-DirectEffect-Cache: HIT
Content-Length: 487

GET
H/1.1 200
OK arrow.svg
www.connection-sggz.nl/images/ 760 B
767 B 18ms
18ms Image
image/svg+xml 89.41.170.227
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.connection-sggz.nl/images/arrow.svg
Requested by: Host: www.connection-sggz.nl
URL: https://www.connection-sggz.nl/css/app.css?id=8b9077a6ee62c49bfe3a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 89.41.170.227 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: ha-ip.cache.back-site.nl
Software: nginx/1.16.1 /
Resource Hash: d13e42bd4ab29396f3e24ffbcfaeb78c588b665935d12d04548b2b5e1b5664b5

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.connection-sggz.nl
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.connection-sggz.nl/css/app.css?id=8b9077a6ee62c49bfe3a
Connection: keep-alive
Referer: https://www.connection-sggz.nl/css/app.css?id=8b9077a6ee62c49bfe3a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 11:22:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Oct 2018 13:24:30 GMT
Server: nginx/1.16.1
ETag: "2f8-5790d85ce9f80-gzip"
Content-Type: image/svg+xml
Cache-Control: max-age=31557600, public
Connection: keep-alive
Accept-Ranges: bytes
X-DirectEffect-Cache: HIT
Content-Length: 423

GET
H/1.1 200
OK footer.png
www.connection-sggz.nl/images/ 5 KB
6 KB 18ms
18ms Image
image/webp 89.41.170.227
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.connection-sggz.nl/images/footer.png
Requested by: Host: www.connection-sggz.nl
URL: https://www.connection-sggz.nl/css/app.css?id=8b9077a6ee62c49bfe3a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 89.41.170.227 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: ha-ip.cache.back-site.nl
Software: nginx/1.16.1 /
Resource Hash: 3555d5982beccbbf5a26fd82857dc23687d088432c5684fd2069cd83467b6e74

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.connection-sggz.nl
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.connection-sggz.nl/css/app.css?id=8b9077a6ee62c49bfe3a
Connection: keep-alive
Referer: https://www.connection-sggz.nl/css/app.css?id=8b9077a6ee62c49bfe3a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 11:22:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Feb 2021 10:07:39 GMT
Server: nginx/1.16.1
ETag: "15e4-5ba6bc1c910c0-gzip"
Content-Type: image/webp
Cache-Control: max-age=31557600, public
Connection: keep-alive
Accept-Ranges: bytes
X-DirectEffect-Cache: HIT
Content-Length: 5594
Expires: Sat, 11 Sep 2021 11:22:12 GMT

GET
H3-29 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.14.0/webfonts/ 76 KB
76 KB 43ms
29ms Font
font/woff2 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.14.0/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.14.0/css/all.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d

Request headers

Origin: https://www.connection-sggz.nl
Referer: https://use.fontawesome.com/releases/v5.14.0/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:22:12 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 897693
cf-ray: 688e9955395e4414-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 77400
x-amz-id-2: 3UZC6E5PYZCHRPwZZ4GSgomjm9MRzeVRa6egK31BQv8dRWyWVTpF48zH7Imn/xzZ4bDhApVGIY0=
last-modified: Wed, 30 Jun 2021 15:39:44 GMT
server: cloudflare
etag: "cac68c831145804808381a7032fdc7c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4BffQySJjn1JMspTFVCVTh9W3RDPXORkoBVewozzuOqwsFdqGO1AlTwq95ksAm%2BWZOrpd86ax%2Bgw%2F8m8Vf%2F7kxhdPqaGvMI1vxM2LMgW5b4hF3AtXkfII2HpqKGp9N%2F60o3BQdjxAgIh5Qd2RtDIVqsu"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: J0ZJ3FP5RR7G7X1J
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H3-29 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.14.0/webfonts/ 13 KB
14 KB 76ms
63ms Font
font/woff2 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.14.0/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.14.0/css/all.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 245818b22d1ec4892fcb722437e32888e97f63a0316bd22aaf9f44cde01f4c91

Request headers

Origin: https://www.connection-sggz.nl
Referer: https://use.fontawesome.com/releases/v5.14.0/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:22:12 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5065925
cf-ray: 688e995539624414-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13600
x-amz-id-2: 4/hEdk+LodU/xi2wSbK+5BqkXeMRunzvmQ0L8oYv0fd+XF/T3aWXz6sugLkqm7Ntch+x5+EzDj4=
last-modified: Wed, 30 Jun 2021 15:39:45 GMT
server: cloudflare
etag: "3a3398a6ef60fc64eacf45665958342e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sOHnPVoPr4quZ5cemHZb3DfHSZDXjOfQvYmeyRQdohYOBq1nPCfQ6DdGFB6eGAL0Eocrm%2FmVqhDezavKP8q0ETyFBlT57%2FxXMaoFc5eV2p%2Bqs%2FlUdLnGpDqLLSnU%2B9ugIEDZ2pyJOZHSLCTZwOu8x8yJ"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: BYEJJ8YRF92BBM65
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 l
use.typekit.net/af/6106bc/00000000000000003b9b033a/27/ 25 KB
25 KB 11ms
11ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6106bc/00000000000000003b9b033a/27/l?fvd=n4&primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&v=3
Requested by: Host: www.connection-sggz.nl
URL: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: fb5ce6a3234536f9d29224e32bf429eee3884f306b20f544afee8e825388eb5c

Request headers

Origin: https://www.connection-sggz.nl
Referer: https://www.connection-sggz.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:22:12 GMT
server: nginx
etag: "1ad5c3ec36c7b2d9a83a9c5e6ccba4df7cf796b5"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25660

GET
H3-29 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.14.0/webfonts/ 78 KB
79 KB 60ms
47ms Font
font/woff2 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.14.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.14.0/css/all.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

Request headers

Origin: https://www.connection-sggz.nl
Referer: https://use.fontawesome.com/releases/v5.14.0/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:22:12 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 897693
cf-ray: 688e9955395c4414-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 80148
x-amz-id-2: QKogJF2d04wVAIIFaWqLRnhD+ypRPsdN7tkCotaP8OX5T4a2aynyjAHBToVhfv75/dn7J3spx4c=
last-modified: Wed, 30 Jun 2021 15:39:45 GMT
server: cloudflare
etag: "c500da19d776384ba69573ae6fe274e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FCt6e1%2B2PG63Az%2FHx4O2pi4J3uIrQAtovVox6q2eNwWokCJPELiW%2BFw05rkDA3gD2EXBDxAjipkfLU57MBJJuokGuSTFBc4FtMDef6a9KxxiqaP5arGG8D1H3lJCIAOOkTgNMUfytlvxDAK24u5i78O"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: J0ZSQBQT4DKW7A1F
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H/1.1 200
OK rawpixel-792222-unsplash_20181117174032993_1__20200304113040911___media_library_original_1618_1080.jpg
www.connection-sggz.nl/storage/media/24001623-43c5-4166-82a3-58522b90564e/responsive-images/ 507 KB
507 KB 37ms
37ms Image
image/webp 89.41.170.227
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.connection-sggz.nl/storage/media/24001623-43c5-4166-82a3-58522b90564e/responsive-images/rawpixel-792222-unsplash_20181117174032993_1__20200304113040911___media_library_original_1618_1080.jpg
Requested by: Host: www.connection-sggz.nl
URL: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 89.41.170.227 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: ha-ip.cache.back-site.nl
Software: nginx/1.16.1 /
Resource Hash: 4f3f6f83d1095cf3412286d20ccde18a41c5d6a2f3d24ae4322a1d3ef1c51e8f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.connection-sggz.nl
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Connection: keep-alive
Referer: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 11:22:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Jan 2021 09:15:03 GMT
Server: nginx/1.16.1
ETag: "7ebe0-5b9de34d2d795-gzip"
Content-Type: image/webp
Cache-Control: max-age=31557600, public
Connection: keep-alive
Accept-Ranges: bytes
X-DirectEffect-Cache: HIT
Content-Length: 519234
Expires: Sat, 11 Sep 2021 11:22:12 GMT

GET
H2 200 0ed5769f-b4bf-4f34-9b9a-0c1d8af439c3.js Show response
script.adcalls.nl/ 32 KB
9 KB 114ms
31ms Script
application/javascript 185.138.80.178
ASBIZWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://script.adcalls.nl/0ed5769f-b4bf-4f34-9b9a-0c1d8af439c3.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5GC8BF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.138.80.178 Breda, Netherlands, ASN203318 (ASBIZWAY, NL),
Reverse DNS: script01.da.adcalls.nl
Software: nginx /
Resource Hash: 2855f34c15cb488de3e8ebedb20bf1ad5d59c94470c0f76b8774b0f18a295ac0

Request headers

Referer: https://www.connection-sggz.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:22:12 GMT
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 14:16:09 GMT
server: nginx
etag: W/"60b8e429-7f4a"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5GC8BF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.connection-sggz.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 6593
date: Fri, 03 Sep 2021 09:32:19 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 03 Sep 2021 11:32:19 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 30ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5GC8BF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257

Request headers

Referer: https://www.connection-sggz.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:22:12 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 18:27:37 GMT
x-msedge-ref: Ref A: BE9AB950B5E14FE9B541A49F31A55599 Ref B: FRAEDGE1320 Ref C: 2021-09-03T11:22:12Z
etag: "80f2963dde83d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9024

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 22 KB
7 KB 71ms
23ms Script
application/javascript 151.101.13.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5GC8BF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 7125a66456daa35dd3e3e8cca4b9523e05caf0b4fa5bd5874676e7c6db40f3aa

Request headers

Referer: https://www.connection-sggz.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:22:12 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Wed, 14 Jul 2021 17:50:00 GMT
server: snooserv
etag: "912f60c72fda50b2f21068c65115175d"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-encoding: gzip
content-length: 7018

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: bestadmax.com
URL: https://bestadmax.com/display/?page=query/items/&aduid=13&pid=10&displaytype=9&direct=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.connection-sggz.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: O/DoiCUa++0GiRuOu9O3ocldaql3xKR8dlABJomPJJFkVCc7AmN+RnankeLigWu3chj5TfUH6aRpAgmDt3vHsw==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 03 Sep 2021 11:22:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 7 KB
3 KB 99ms
31ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: bestadmax.com
URL: https://bestadmax.com/display/?page=query/items/&aduid=13&pid=10&displaytype=9&direct=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad

Request headers

Referer: https://www.connection-sggz.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 11:22:12 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Jun 2021 09:47:31 GMT
Server: AkamaiNetStorage
ETag: "fdbbe544cf69190da6e6a5b05f6879cb:1624873651.390898"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3100
Expires: Fri, 03 Sep 2021 11:42:12 GMT

GET
H2 200 collect
serverside.connection-sggz.nl/ 26 B
217 B 282ms
196ms Image
image/gif 2a00:1450:4001:828::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serverside.connection-sggz.nl/collect?v=1&_v=j93&aip=1&a=274448945&t=pageview&_s=1&dl=https%3A%2F%2Fwww.connection-sggz.nl%2Fverslaving%3Futm_source%3Devadav%26utm_medium%3Dnative_advertising%26utm_campaign%3DRecovery&ul=en-us&de=UTF-8&dt=Verslaving%20%7C%20Informatie%20over%20verslavingen%20%26%20behandeling&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAAB~&cid=63203484.1630668133&tid=UA-130038378-1&_gid=190560657.1630668133&_fplc=0&gtm=2wg910M5GC8BF&npa=1&z=1992040133
Requested by: Host: www.connection-sggz.nl
URL: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.connection-sggz.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 11:22:13 GMT
server: Google Frontend
content-type: image/gif
x-cloud-trace-context: bac79a24983137bc52726119095f5656;o=1
cache-control: no-cache, no-store, must-revalidate
content-length: 26
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 26030026.js Show response
bat.bing.com/p/action/ 0
92 B 195ms
192ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/26030026.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.connection-sggz.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Sep 2021 11:22:12 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: F0FBCB88954D4E599DA6A4CE578697A3 Ref B: FRAEDGE1320 Ref C: 2021-09-03T11:22:12Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
92 B 52ms
52ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=26030026&tm=gtm002&Ver=2&mid=943637ff-aae1-4b6d-82d8-d34735d8022a&sid=2f95f2800ca911ecba6b4379d80318d8&vid=2f9618800ca911ec9de20dd01dca970a&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Verslaving%20%7C%20Informatie%20over%20verslavingen%20%26%20behandeling&p=https%3A%2F%2Fwww.connection-sggz.nl%2Fverslaving%3Futm_source%3Devadav%26utm_medium%3Dnative_advertising%26utm_campaign%3DRecovery&r=&lt=920&evt=pageLoad&msclkid=N&sv=1&rn=408637
Requested by: Host: www.connection-sggz.nl
URL: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.connection-sggz.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 03 Sep 2021 11:22:12 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 2A383624C8144A15953B36C252919851 Ref B: FRAEDGE1320 Ref C: 2021-09-03T11:22:12Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
125 B 196ms
124ms Image
image/gif 151.101.13.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1630668132907&id=t2_ayoow9v9&event=PageVisit&m.itemCount=&m.value=&m.currency=&m.transactionId=&m.customEventName=&uuid=e9f68df8-3a0d-4f49-90a5-f9a720ca9911&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_a797b96e
Requested by: Host: www.connection-sggz.nl
URL: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.connection-sggz.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:22:13 GMT
via: 1.1 varnish
server: Varnish
accept-ranges: bytes
content-length: 42
retry-after: 0
content-type: image/gif

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 383ms
96ms Script
application/javascript 64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00976e435fac15f29f84e0e47733fe3034
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Referer: https://www.connection-sggz.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 11:22:13 GMT
content-encoding: gzip
X-TraceId: dba51269f69557e3666b872be11c4603
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 384ms
96ms Image
image/gif 64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00976e435fac15f29f84e0e47733fe3034&obApiVersion=1.1&obtpVersion=1.5.1&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.connection-sggz.nl%2Fverslaving%3Futm_source%3Devadav%26utm_medium%3Dnative_advertising%26utm_campaign%3DRecovery&optOut=false&bust=009071065123254596
Requested by: Host: www.connection-sggz.nl
URL: https://www.connection-sggz.nl/verslaving?utm_source=evadav&utm_medium=native_advertising&utm_campaign=Recovery
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://www.connection-sggz.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 11:22:13 GMT
Cache-Control: no-cache
X-TraceId: 966514c41a95182bb7ad0ddce2507d8c
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK createCookie.json Show response
api.adcalls.nl/API/v3/ 147 B
682 B 290ms
187ms XHR
application/json 185.138.80.180
ASBIZWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adcalls.nl/API/v3/createCookie.json?url=https%3A%2F%2Fwww.connection-sggz.nl%2Fverslaving%3Futm_source%3Devadav%26utm_medium%3Dnative_advertising%26utm_campaign%3DRecovery&domain=3438&region=0&referrer=&3=63203484.1630668133&4=&5=
Requested by: Host: script.adcalls.nl
URL: https://script.adcalls.nl/0ed5769f-b4bf-4f34-9b9a-0c1d8af439c3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.138.80.180 Breda, Netherlands, ASN203318 (ASBIZWAY, NL),
Reverse DNS: api05.da.adcalls.nl
Software: Apache/2 / PHP/7.3.16
Resource Hash: 20c6d32016af5d5c1bb023779df3da7d3a46f52be3c827df1f8facf377b386ed

Request headers

Referer: https://www.connection-sggz.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

X-Version: 3.9.21
Date: Fri, 03 Sep 2021 11:22:13 GMT
Content-Encoding: gzip
Allow: *
Server: Apache/2
X-Powered-By: PHP/7.3.16
Vary: Accept,Accept-Encoding,User-Agent
Access-Control-Allow-Methods: OPTIONS,POST,GET,UPDATE,DELETE
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: close
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

POST
H/1.1 200
OK getNumbers.json Show response
api.adcalls.nl/API/v3/ 122 B
659 B 379ms
378ms XHR
application/json 185.138.80.180
ASBIZWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adcalls.nl/API/v3/getNumbers.json?cookie=a0767adb-83ee-4284-ac57-489588624453&cid=63203484.1630668133
Requested by: Host: script.adcalls.nl
URL: https://script.adcalls.nl/0ed5769f-b4bf-4f34-9b9a-0c1d8af439c3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.138.80.180 Breda, Netherlands, ASN203318 (ASBIZWAY, NL),
Reverse DNS: api05.da.adcalls.nl
Software: Apache/2 / PHP/7.3.16
Resource Hash: 0e843650d9432a10aed82dc09785fd0796d2da58bd1048de0c1fdcee5e213344

Request headers

Referer: https://www.connection-sggz.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Content-Type: application/json

Response headers

X-Version: 3.9.21
Date: Fri, 03 Sep 2021 11:22:13 GMT
Content-Encoding: gzip
Allow: *
Server: Apache/2
X-Powered-By: PHP/7.3.16
Vary: Accept,Accept-Encoding,User-Agent
Access-Control-Allow-Methods: OPTIONS,POST,GET,UPDATE,DELETE
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: close
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

OPTIONS
H/1.1 200
OK getNumbers.json
api.adcalls.nl/API/v3/ Frame 0
0 116ms
83ms Preflight
application/json 185.138.80.180
ASBIZWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adcalls.nl/API/v3/getNumbers.json?cookie=a0767adb-83ee-4284-ac57-489588624453&cid=63203484.1630668133
Protocol: HTTP/1.1
Server: 185.138.80.180 Breda, Netherlands, ASN203318 (ASBIZWAY, NL),
Reverse DNS: api05.da.adcalls.nl
Software: Apache/2 / PHP/7.3.16
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.connection-sggz.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Fri, 03 Sep 2021 11:22:13 GMT
Server: Apache/2
X-Powered-By: PHP/7.3.16
Vary: Accept,User-Agent
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
Access-Control-Allow-Methods: OPTIONS,POST,GET,UPDATE,DELETE
X-Version: 3.9.21
Content-Length: 4
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: application/json; charset=UTF-8

POST
H/1.1 200
OK uz
db1.connection-sggz.nl/ 0
1 KB 23ms
23ms Ping
text/plain 3.120.95.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://db1.connection-sggz.nl/uz

Requested by

Host: db1.connection-sggz.nl
URL: https://db1.connection-sggz.nl/nec.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.120.95.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-120-95-238.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.connection-sggz.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 03 Sep 2021 11:22:14 GMT
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src 'self';
Connection: keep-alive
Content-Length: 0
X-Content-Type-Options: nosniff

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.connection-sggz.nl/	1970-01-19 20:57:48	Name: outbrain_cid_fetch Value: true
.connection-sggz.nl/	1970-01-19 23:07:24	Name: _rdt_uuid Value: 1630668132906.e9f68df8-3a0d-4f49-90a5-f9a720ca9911
.connection-sggz.nl/	1970-01-19 20:59:14	Name: _gid Value: GA1.2.190560657.1630668133
.connection-sggz.nl/	1970-01-20 06:19:24	Name: _uetvid Value: 2f9618800ca911ec9de20dd01dca970a
.connection-sggz.nl/	1970-01-19 23:07:24	Name: _gcl_au Value: 1.1.1071336771.1630668133
.connection-sggz.nl/	1970-01-20 14:29:00	Name: _ga Value: GA1.2.63203484.1630668133
.connection-sggz.nl/	1970-01-19 21:41:00	Name: acalltracker Value: eyJpZCI6ImEwNzY3YWRiLTgzZWUtNDI4NC1hYzU3LTQ4OTU4ODYyNDQ1MyIsIk51bWJlcnMiOnt9fQ==
.connection-sggz.nl/	1970-01-19 21:07:52	Name: _tdid Value: 63203484.1630668133_1_1
.connection-sggz.nl/	1970-01-19 20:59:14	Name: _uetsid Value: 2f95f2800ca911ecba6b4379d80318d8

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
amplify.outbrain.com
api.adcalls.nl
bat.bing.com
bestadmax.com
bnmu.xyz
connect.facebook.net
db1.connection-sggz.nl
eneverals.biz
extreme.new-message.support
fonts.googleapis.com
fonts.gstatic.com
holofiber.xyz
i.wmgtr.com
images.adex.media
ioheiy.com
p.typekit.net
premixture.com
redir.flowwiththetide.xyz
rtb.trade
script.adcalls.nl
serverside.connection-sggz.nl
tr.outbrain.com
tracking.ahvclick.com
use.fontawesome.com
use.typekit.net
www.adexmedias.com
www.connection-sggz.nl
www.google-analytics.com
www.googletagmanager.com
www.redditstatic.com
104.21.11.236
13.224.193.120
131.153.70.114
138.68.113.179
151.101.13.140
159.89.225.89
185.138.80.178
185.138.80.180
198.134.116.30
2.18.234.190
213.174.135.32
2606:4700:3030::ac43:b384
2606:4700:3031::ac43:869f
2606:4700:3034::6815:1914
2606:4700:3037::6815:483f
2606:4700:3037::6815:4e07
2606:4700:3037::6815:5de3
2620:1ec:c11::200
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2008
2a00:1450:4001:828::2013
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a02:26f0:6c00:28d::19fd
2a02:26f0:6c00::210:ba0a
2a02:b48:207:1::7
2a03:2880:f02d:100:face:b00c:0:3
3.120.95.238
64.202.112.95
89.41.170.227
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
032dc98357b1636527b18e7f34ba4fe313f55edbe512bbb93059ec10afa4f2dd
0938d5503cf14d3f9a5e612a52ebcda33e889f4e166a58eb2e59a445b8189bfc
0e843650d9432a10aed82dc09785fd0796d2da58bd1048de0c1fdcee5e213344
0f37b19a96d4af28be70e71a41f2808463fbb0f98ad677d3bec002af4bac7dd3
102d39d344af7de76d4fdf7750554cf4de9a950e5c5b7c31e27a851ac0ca1286
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
20c6d32016af5d5c1bb023779df3da7d3a46f52be3c827df1f8facf377b386ed
245818b22d1ec4892fcb722437e32888e97f63a0316bd22aaf9f44cde01f4c91
2855f34c15cb488de3e8ebedb20bf1ad5d59c94470c0f76b8774b0f18a295ac0
2c26da2167bf41f21397e7cde712d9e42bb9e918d16881b0935b98ada9ace83d
2c752df31c76e258194e2b56133a82ba863642d490e9313992dae2bfab2dcf38
3285ba58912913b731158224e6daa5401f66d6b3ce13266e4b51e8ba15910a36
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
3555d5982beccbbf5a26fd82857dc23687d088432c5684fd2069cd83467b6e74
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
4f3f6f83d1095cf3412286d20ccde18a41c5d6a2f3d24ae4322a1d3ef1c51e8f
4fec89e5ef4f94aae9ea7ca8fe2fc1ca4bbbe96fe2e68d2557118cc6c83cd37d
54be18f3af7f0a203474f65840c8e7a2ebdae9bdb3c98e638bbd95506d586834
55eed39a3a6b352d9945061a1bd8989ea64fd194d206b776fd1534c2eee636d9
56e6520f7e789fe812595c43503c5560a21945e7343b24ff22a624162aa44b40
59455caf2e331d6daeb12852886b019135684f5bb177c6f8eeae311012f57e7c
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257
5dc41257232700bc61c3f5e8f3eba3399121e198b5ffbb42a32dcc1ada5e1002
68af82ea1a6da931f98b2f914af76ca45fb37a9828508697a849418f060965ea
7125a66456daa35dd3e3e8cca4b9523e05caf0b4fa5bd5874676e7c6db40f3aa
7aa16bfbf8bd041f1c859f96b9f89a7f645acf08ac05ce48f5eeffd5b4f6b2bf
9e2ff2b5215a97b3b367f831b1e6d6959803a43591293b90eb081e976f9ef6cc
9fdce601969d5ddcaf6a997e6843d92e5096e83b165ece04d907655b74945b21
abd1929543f1e07232cfa2c6fbd30f4501b7b240ee09ed4b4ae154488859ea91
b64e2724aff40d243d12877e9dcfb241a19e985b8ee114c8f7a989aa5d21551c
b922eda523d97c1921b0f16578d3258580511b50f346c8cd9ea23446fc7acd0b
b9c8f1bacc45818f6a756b59dc45788daf0e55c65efd0250a5a9f3f6e44f23a5
c1d32ffb0b4eac973dab1ba5a316a6cafb3d310841ef29d245a51681092c415b
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
d13e42bd4ab29396f3e24ffbcfaeb78c588b665935d12d04548b2b5e1b5664b5
d17be3fb542ceb7fbfeaa22513cc8b45ecda0836610f5e3ade94b81b9f1ac8ee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f129a3a86aa689b22a70cc3940132a4262924b95dee87f07d580b5e8065cca
ecc94b5efd3860236f91255c87dbe9f3db4d83db39ab6ac68b28f08ba26fc1dc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f57282d5dc2933b1db4bf369e7ccfa6e96dbea88f0d98fa7dc46721764a894d6
fb5ce6a3234536f9d29224e32bf429eee3884f306b20f544afee8e825388eb5c
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe2530239de8ae4d405fcfd001b32f4e09f8b580383a4437baadd057542c2ba3
fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad

www.connection-sggz.nl Open in urlscan Pro 89.41.170.227 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

100 %HTTPS

53 %IPv6

26 Domains

31 Subdomains

26 IPs

4 Countries

1099 kBTransfer

1861 kBSize

9 Cookies

3 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.connection-sggz.nl Open in urlscan Pro
89.41.170.227 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

100 %
HTTPS

53 %
IPv6

26
Domains

31
Subdomains

26
IPs

4
Countries

1099 kB
Transfer

1861 kB
Size

9
Cookies

57 HTTP transactions
2 data transactions