urlscan.io logo urlscan.io
SecurityTrails logo

www.onlinemedium.nu Open in urlscan Pro
81.171.38.183  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://1d652a8a085.tcredir.com/
Effective URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Submission: On April 09 via manual from GR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 42 HTTP transactions. The main IP is 81.171.38.183, located in Netherlands and belongs to BIP-AS BIP Backbone ASN, NL. The main domain is www.onlinemedium.nu.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 1st 2020. Valid for: 3 months.
This is the only time www.onlinemedium.nu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    95.216.123.230 (Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.230.123.216.95.clients.your-server.de
1d652a8a085.tcredir.com
19    81.171.38.183 (Netherlands)

ASN34343 (BIP-AS BIP Backbone ASN, NL)
PTR: 183.xldomein.nl
onlinemedium.nu
www.onlinemedium.nu
7    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)
ajax.cloudflare.com
4    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    216.58.208.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f34.1e100.net
www.googleadservices.com
3    2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
18 www.onlinemedium.nu www.onlinemedium.nu
7 www.googletagmanager.com www.onlinemedium.nu
4 www.google-analytics.com www.googletagmanager.com
www.onlinemedium.nu
3 www.google.de www.onlinemedium.nu
3 www.google.com www.onlinemedium.nu
3 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 ajax.cloudflare.com www.onlinemedium.nu
1 ajax.googleapis.com www.onlinemedium.nu
1 onlinemedium.nu 1 redirects
1 1d652a8a085.tcredir.com
42 11

This site contains no links.

Subject Issuer Validity Valid
mail.onlinemedium.nu
Let's Encrypt Authority X3		 2020-03-01 -
2020-05-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Frame ID: D0669022E2955F737D24831C1CB963EB
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://1d652a8a085.tcredir.com/ Page URL
  2. https://onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5, HTTP 301
    https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5, Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

42
Requests

98 %
HTTPS

70 %
IPv6

10
Domains

11
Subdomains

11
IPs

4
Countries

3223 kB
Transfer

3926 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://1d652a8a085.tcredir.com/ Page URL
  2. https://onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5, HTTP 301
    https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5, Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
1d652a8a085.tcredir.com/ 		744 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://1d652a8a085.tcredir.com/
Protocol
HTTP/1.1
Server
95.216.123.230 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.230.123.216.95.clients.your-server.de
Software
/
Resource Hash
1e4f85639e7606e96e305f605bac5ee126327eac709242ab59f4e85a238d6e90

Request headers

Host
1d652a8a085.tcredir.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 09 Apr 2020 14:04:23 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Vary
Accept-Encoding
Set-Cookie
traffic-back=ok; expires=Thu, 09-Apr-2020 14:04:53 GMT; Max-Age=30; path=/; domain=.tcredir.com t-uuid=5mg0chdxvekj0ryz4714ckcw0; expires=Tue, 09-Apr-2030 14:04:23 GMT; Max-Age=315532800; path=/; domain=.tcredir.com traffic-visited-offers=%7C%7C147986%7Cunspecified; expires=Fri, 10-Apr-2020 14:04:23 GMT; Max-Age=86400; path=/; domain=.tcredir.com rts-trck=1; expires=Thu, 09-Apr-2020 14:14:23 GMT; Max-Age=600; path=/; domain=1d652a8a085.tcredir.com
Last-Modified
Thu, 9 Apr 2020 14:04:23 GMT
Expires
Thu, 9 Apr 2020 14:04:23 GMT
Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma
no-cache
X-Robots-Tag
noindex, nofollow
Content-Encoding
gzip
Primary Request Cookie set /
www.onlinemedium.nu/lp/4/
Redirect Chain
  • https://onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
  • https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
70 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx / PHP/7.3.15
Resource Hash
1c69b4871648b150b4313d852b8398982dca599c961b799ba8dba425203ebede

Request headers

Host
www.onlinemedium.nu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
http://1d652a8a085.tcredir.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
http://1d652a8a085.tcredir.com/

Response headers

Server
nginx
Date
Thu, 09 Apr 2020 14:04:23 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
10189
Connection
keep-alive
X-Powered-By
PHP/7.3.15
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Set-Cookie
sec_session_id=6ll7nigv0qndpnlglcf3n69qqd; path=/; domain=onlinemedium.nu; secure; HttpOnly; SameSite=None ref_id=8; expires=Sat, 09-May-2020 14:04:23 GMT; Max-Age=2592000; path=/; domain=onlinemedium.nu; secure; HttpOnly; SameSite=None ref_pi=k8su1qld64f0jho0hvcwkg4ko%2C14545800%2C5%2C; expires=Sat, 09-May-2020 14:04:23 GMT; Max-Age=2592000; path=/; domain=onlinemedium.nu; secure; HttpOnly; SameSite=None google_analytics=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=onlinemedium.nu; secure; HttpOnly; SameSite=None google_adwords=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=onlinemedium.nu; secure; HttpOnly; SameSite=None google_adwords_conversion=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=onlinemedium.nu; secure; HttpOnly; SameSite=None
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Thu, 09 Apr 2020 14:04:23 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
app.css
www.onlinemedium.nu/lp/4/css/ 		219 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.onlinemedium.nu/lp/4/css/app.css
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
4cca432bff9590a8dd118ade89fab6b8ba6447a600b9d5cfa8c72c4884862a05

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Thu, 09 Apr 2020 14:04:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Aug 2019 12:08:00 GMT
Server
nginx
ETag
W/"5d554b20-36c49"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
guest.css
www.onlinemedium.nu/lp/4/css/ 		25 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.onlinemedium.nu/lp/4/css/guest.css
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
a17f4a66e836e880dc7745380c6107ae8edf8b44a91082d0e25955286cb35f9f

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Thu, 09 Apr 2020 14:04:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Aug 2019 12:09:26 GMT
Server
nginx
ETag
W/"5d554b76-653b"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
lp-4.css
www.onlinemedium.nu/cache/whitelabels/onlinemedium.nu/css/ 		1 KB
756 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.onlinemedium.nu/cache/whitelabels/onlinemedium.nu/css/lp-4.css
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
de6905e73a225da46fbf5fec99003ce62e117be50ba53c141eb0facf2acc3688

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Thu, 09 Apr 2020 14:04:23 GMT
Content-Encoding
gzip
Last-Modified
Sun, 29 Mar 2020 17:42:04 GMT
Server
nginx
ETag
W/"5e80ddec-467"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
js
www.googletagmanager.com/gtag/ 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-67322249-2
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
21f5275ba79130f2729ed89b0198e6171f72f4c952671f0141c29bb4e1ac5959
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 09 Apr 2020 14:04:23 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
30187
x-xss-protection
0
last-modified
Thu, 09 Apr 2020 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Apr 2020 14:04:23 GMT
js
www.googletagmanager.com/gtag/ 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-786266999
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
80f2579dce89e09840e13071352e48a2663410266132106f683d1f23affcb3cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 09 Apr 2020 14:04:23 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
30191
x-xss-protection
0
last-modified
Thu, 09 Apr 2020 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Apr 2020 14:04:23 GMT
js
www.googletagmanager.com/gtag/ 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-104886971-6
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2265c0c538a02c682c5cc9f2054f6538c6ea15e7d6100f9f1259b583d4802cf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 09 Apr 2020 14:04:23 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
30188
x-xss-protection
0
last-modified
Thu, 09 Apr 2020 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Apr 2020 14:04:23 GMT
js
www.googletagmanager.com/gtag/ 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-157401228-1
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
447964de95594a3724492301a94d81e906e1977cf2a9d9441902fe433468281c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 09 Apr 2020 14:04:23 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
30187
x-xss-protection
0
last-modified
Thu, 09 Apr 2020 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Apr 2020 14:04:23 GMT
js
www.googletagmanager.com/gtag/ 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-722527491
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9e76ca805e09850e37e91b7fcdd1c9f29adbaa50ce916355726f796ac24241bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 09 Apr 2020 14:04:23 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
30190
x-xss-protection
0
last-modified
Thu, 09 Apr 2020 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Apr 2020 14:04:23 GMT
js
www.googletagmanager.com/gtag/ 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-739058969
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
92d0d640a72fe54147913c7dc82fefa513322ef39eee60496da91a03ffb9c78d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 09 Apr 2020 14:04:23 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
30191
x-xss-protection
0
last-modified
Thu, 09 Apr 2020 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Apr 2020 14:04:23 GMT
js
www.googletagmanager.com/gtag/ 		79 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2daf164e55316b3bbb730f18d67f332e083767eff037cb188eae5e8294df3687
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 09 Apr 2020 14:04:23 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
29955
x-xss-protection
0
last-modified
Thu, 09 Apr 2020 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Apr 2020 14:04:23 GMT
lp4-profile-1.jpg
www.onlinemedium.nu/cache/whitelabels/onlinemedium.nu/img/landers/ 		982 KB
982 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinemedium.nu/cache/whitelabels/onlinemedium.nu/img/landers/lp4-profile-1.jpg
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
dc62f3bf5147f4136d77b08ad325eb10af585e4e9fa25fd22fda1410cffb19b2

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 09 Apr 2020 14:04:23 GMT
Last-Modified
Mon, 08 Jul 2019 14:55:48 GMT
Server
nginx
ETag
"5d235974-f57c4"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1005508
lp4-profile-2.jpg
www.onlinemedium.nu/cache/whitelabels/onlinemedium.nu/img/landers/ 		149 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinemedium.nu/cache/whitelabels/onlinemedium.nu/img/landers/lp4-profile-2.jpg
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
0c3ef500150ec0c017e48cde75bb7d9c3772091cd900955f794cba91f5631ca2

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 09 Apr 2020 14:04:23 GMT
Last-Modified
Mon, 08 Jul 2019 15:53:21 GMT
Server
nginx
ETag
"5d2366f1-25302"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
152322
lp4-profile-3.jpg
www.onlinemedium.nu/cache/whitelabels/onlinemedium.nu/img/landers/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinemedium.nu/cache/whitelabels/onlinemedium.nu/img/landers/lp4-profile-3.jpg
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
f9ac72d70584366a4482acb19860ca39def099d91b276f880a277665a481fcbc

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 09 Apr 2020 14:04:23 GMT
Last-Modified
Sun, 28 Jul 2019 21:44:43 GMT
Server
nginx
ETag
"5d3e174b-10ffa6"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1114022
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 01 Apr 2020 13:51:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
691948
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
29725
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Apr 2021 13:51:55 GMT
ui-toggle.js
www.onlinemedium.nu/lp/4/js/ 		503 B
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onlinemedium.nu/lp/4/js/ui-toggle.js
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
2c2238a426578506fb4e9d8a777e94cc93fade47520ce2106ab11ca66cc83717

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 09 Apr 2020 14:04:23 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Aug 2019 21:20:24 GMT
Server
nginx
ETag
"1f7-58f6546b09600-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
274
ui-load.js
www.onlinemedium.nu/lp/4/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onlinemedium.nu/lp/4/js/ui-load.js
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
3878daab0d95f1dc0539eb0ee764c75c13b20d304997525622d30dc58aeef1ed

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 09 Apr 2020 14:04:23 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Aug 2019 21:21:46 GMT
Server
nginx
ETag
W/"5d489dea-8d9"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
ui-jp.config.js
www.onlinemedium.nu/lp/4/js/ 		2 KB
940 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onlinemedium.nu/lp/4/js/ui-jp.config.js
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
e19725cf4b6e7e530dc43ccd69b8d7cc264d2894c75988434e7383a8635a41b9

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 09 Apr 2020 14:04:23 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Aug 2019 21:20:48 GMT
Server
nginx
ETag
W/"5d489db0-9fb"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
ui-jp.js
www.onlinemedium.nu/lp/4/js/ 		460 B
581 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onlinemedium.nu/lp/4/js/ui-jp.js
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
f0afde7f124b6203f948cc6e3361b2147ac9ddf82ecce9b90f218c63dad20727

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 09 Apr 2020 14:04:23 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Aug 2019 21:22:16 GMT
Server
nginx
ETag
"1cc-58f654d5d9200-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
246
ui-client.js
www.onlinemedium.nu/lp/4/js/ 		511 B
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onlinemedium.nu/lp/4/js/ui-client.js
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
e54093e97afb98dfb06665e6ca68cac2bff843080f3b70466b6f432ee0767274

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 09 Apr 2020 14:04:23 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Aug 2019 21:21:14 GMT
Server
nginx
ETag
"1ff-58f6549ab8680-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
319
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 09 Apr 2020 14:04:23 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 06 Apr 2020 16:30:08 GMT
server
cloudflare
etag
W/"5e8b5910-3016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
5814c6e82fe1d6d1-FRA
expires
Sat, 11 Apr 2020 14:04:23 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-67322249-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
5453
date
Thu, 09 Apr 2020 12:33:30 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Thu, 09 Apr 2020 14:33:30 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-67322249-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f34.1e100.net
Software
cafe /
Resource Hash
8af164f3ea30e1ae61711c1c8026b94207e4e2576b5d9c1f6b3b08d85eb2fe38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 09 Apr 2020 14:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
10600
x-xss-protection
0
server
cafe
etag
3240726995048946946
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 09 Apr 2020 14:04:23 GMT
bg-lp4.jpg
www.onlinemedium.nu/cache/whitelabels/onlinemedium.nu/img/landers/ 		382 KB
383 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinemedium.nu/cache/whitelabels/onlinemedium.nu/img/landers/bg-lp4.jpg
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
f247c11eda3228fe5309a427ff62646fdcccb80a5340cb5f84c2ff280f3aaf82

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 09 Apr 2020 14:04:23 GMT
Last-Modified
Sat, 10 Aug 2019 05:26:40 GMT
Server
nginx
ETag
"5d4e5590-5f989"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
391561
red-arrow.png
www.onlinemedium.nu/lp/4/img/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinemedium.nu/lp/4/img/red-arrow.png
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
4847121a3d64d8af16936be7e8e22b9da09e85dd3aef127acf931a5ac9deb49b

Request headers

Referer
https://www.onlinemedium.nu/lp/4/css/guest.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 09 Apr 2020 14:04:23 GMT
Last-Modified
Sat, 10 Aug 2019 06:14:42 GMT
Server
nginx
ETag
"5d4e60d2-4ead"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20141
truncated
/ 		233 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9dc6e40a8ab39f533e0288c324145ca7375dd18e26483cf81749643c2b7bf48a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
BwModelica-ExtraBold.otf
www.onlinemedium.nu/lp/4/css/fonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.onlinemedium.nu/lp/4/css/fonts/BwModelica-ExtraBold.otf
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
cffc6cec39777c02a4727b314361f3b253f10b7eff197bcfd65da96d54fc3e07

Request headers

Referer
https://www.onlinemedium.nu/lp/4/css/app.css
Origin
https://www.onlinemedium.nu
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 09 Apr 2020 14:04:23 GMT
Last-Modified
Mon, 05 Aug 2019 21:48:42 GMT
Server
nginx
ETag
"5d48a43a-12b38"
Content-Type
application/x-font-otf
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
76600
BwModelica-Medium.otf
www.onlinemedium.nu/lp/4/css/fonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.onlinemedium.nu/lp/4/css/fonts/BwModelica-Medium.otf
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
988e231dbe7ae986b3b04f20875150fd8a2d8b20204c838c599ad1d51eb62196

Request headers

Referer
https://www.onlinemedium.nu/lp/4/css/app.css
Origin
https://www.onlinemedium.nu
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 09 Apr 2020 14:04:23 GMT
Last-Modified
Mon, 05 Aug 2019 21:45:30 GMT
Server
nginx
ETag
"5d48a37a-123b0"
Content-Type
application/x-font-otf
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
74672
Simple-Line-Icons.woff2
www.onlinemedium.nu/lp/4/css/fonts/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.onlinemedium.nu/lp/4/css/fonts/Simple-Line-Icons.woff2?v=2.3.1
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
b6fa36d77b282d9bae9511367882ad77da7f1a7216d7e4d2f025d180477feec8

Request headers

Referer
https://www.onlinemedium.nu/lp/4/css/app.css
Origin
https://www.onlinemedium.nu
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 09 Apr 2020 14:04:23 GMT
Last-Modified
Mon, 05 Aug 2019 21:54:46 GMT
Server
nginx
ETag
"5d48a5a6-72ec"
Content-Type
font/woff2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29420
BwModelica-Bold.otf
www.onlinemedium.nu/lp/4/css/fonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.onlinemedium.nu/lp/4/css/fonts/BwModelica-Bold.otf
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
bc069d91f20e122b09f51a2f4a0660282119ccfbc6434976bb92e988638d9c15

Request headers

Referer
https://www.onlinemedium.nu/lp/4/css/app.css
Origin
https://www.onlinemedium.nu
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 09 Apr 2020 14:04:23 GMT
Last-Modified
Mon, 05 Aug 2019 21:46:56 GMT
Server
nginx
ETag
"5d48a3d0-12898"
Content-Type
application/x-font-otf
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
75928
collect
www.google-analytics.com/r/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=348927317&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onlinemedium.nu%2Flp%2F4%2F%3Fref_id%3D8%26ref_pi%3Dk8su1qld64f0jho0hvcwkg4ko%2C14545800%2C5%2C&dr=http%3A%2F%2F1d652a8a085.tcredir.com%2F&ul=en-us&de=UTF-8&dt=Onlinemedium.nu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1106178609&gjid=505284758&cid=2076546739.1586441064&tid=UA-67322249-2&_gid=1166904451.1586441064&_r=1&gtm=2ou432&z=302666926
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 09 Apr 2020 14:04:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=348927317&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onlinemedium.nu%2Flp%2F4%2F%3Fref_id%3D8%26ref_pi%3Dk8su1qld64f0jho0hvcwkg4ko%2C14545800%2C5%2C&dr=http%3A%2F%2F1d652a8a085.tcredir.com%2F&ul=en-us&de=UTF-8&dt=Onlinemedium.nu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAUAB~&jid=2101523780&gjid=1882957606&cid=2076546739.1586441064&tid=UA-104886971-6&_gid=1166904451.1586441064&_r=1&gtm=2ou432&z=623078428
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 09 Apr 2020 14:04:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=348927317&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onlinemedium.nu%2Flp%2F4%2F%3Fref_id%3D8%26ref_pi%3Dk8su1qld64f0jho0hvcwkg4ko%2C14545800%2C5%2C&dr=http%3A%2F%2F1d652a8a085.tcredir.com%2F&ul=en-us&de=UTF-8&dt=Onlinemedium.nu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAUAB~&jid=1473772469&gjid=905685028&cid=2076546739.1586441064&tid=UA-157401228-1&_gid=1166904451.1586441064&_r=1&gtm=2ou432&z=975130273
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 09 Apr 2020 14:04:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/786266999/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/786266999/?random=1586441063810&cv=9&fst=1586441063810&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2ou432&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.onlinemedium.nu%2Flp%2F4%2F%3Fref_id%3D8%26ref_pi%3Dk8su1qld64f0jho0hvcwkg4ko%2C14545800%2C5%2C&ref=http%3A%2F%2F1d652a8a085.tcredir.com%2F&tiba=Onlinemedium.nu&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d175a48c1f7b6a1511ac2fd93eca548c19356e1842e9467167d1f365757ac649
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Thu, 09 Apr 2020 14:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
1090
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/722527491/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/722527491/?random=1586441063812&cv=9&fst=1586441063812&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2ou432&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.onlinemedium.nu%2Flp%2F4%2F%3Fref_id%3D8%26ref_pi%3Dk8su1qld64f0jho0hvcwkg4ko%2C14545800%2C5%2C&ref=http%3A%2F%2F1d652a8a085.tcredir.com%2F&tiba=Onlinemedium.nu&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33581296c1e45c2fd8550384ccc7c27852d5a066e767399ef08d730000979aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Thu, 09 Apr 2020 14:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
1090
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/739058969/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/739058969/?random=1586441063813&cv=9&fst=1586441063813&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2ou432&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.onlinemedium.nu%2Flp%2F4%2F%3Fref_id%3D8%26ref_pi%3Dk8su1qld64f0jho0hvcwkg4ko%2C14545800%2C5%2C&ref=http%3A%2F%2F1d652a8a085.tcredir.com%2F&tiba=Onlinemedium.nu&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05a08fd8f7934282653da9cabc6c2ceb1df249eab1e0bced99eda49998d3eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Thu, 09 Apr 2020 14:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
1090
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/722527491/ 		42 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/722527491/?random=1586441063812&cv=9&fst=1586440800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2ou432&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.onlinemedium.nu%2Flp%2F4%2F%3Fref_id%3D8%26ref_pi%3Dk8su1qld64f0jho0hvcwkg4ko%2C14545800%2C5%2C&ref=http%3A%2F%2F1d652a8a085.tcredir.com%2F&tiba=Onlinemedium.nu&async=1&fmt=3&is_vtc=1&random=2262560442&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 09 Apr 2020 14:04:23 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/722527491/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/722527491/?random=1586441063812&cv=9&fst=1586440800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2ou432&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.onlinemedium.nu%2Flp%2F4%2F%3Fref_id%3D8%26ref_pi%3Dk8su1qld64f0jho0hvcwkg4ko%2C14545800%2C5%2C&ref=http%3A%2F%2F1d652a8a085.tcredir.com%2F&tiba=Onlinemedium.nu&async=1&fmt=3&is_vtc=1&random=2262560442&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 09 Apr 2020 14:04:23 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/739058969/ 		42 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/739058969/?random=1586441063813&cv=9&fst=1586440800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2ou432&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.onlinemedium.nu%2Flp%2F4%2F%3Fref_id%3D8%26ref_pi%3Dk8su1qld64f0jho0hvcwkg4ko%2C14545800%2C5%2C&ref=http%3A%2F%2F1d652a8a085.tcredir.com%2F&tiba=Onlinemedium.nu&async=1&fmt=3&is_vtc=1&random=2426171445&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 09 Apr 2020 14:04:23 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/739058969/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/739058969/?random=1586441063813&cv=9&fst=1586440800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2ou432&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.onlinemedium.nu%2Flp%2F4%2F%3Fref_id%3D8%26ref_pi%3Dk8su1qld64f0jho0hvcwkg4ko%2C14545800%2C5%2C&ref=http%3A%2F%2F1d652a8a085.tcredir.com%2F&tiba=Onlinemedium.nu&async=1&fmt=3&is_vtc=1&random=2426171445&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 09 Apr 2020 14:04:23 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/786266999/ 		42 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/786266999/?random=1586441063810&cv=9&fst=1586440800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2ou432&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.onlinemedium.nu%2Flp%2F4%2F%3Fref_id%3D8%26ref_pi%3Dk8su1qld64f0jho0hvcwkg4ko%2C14545800%2C5%2C&ref=http%3A%2F%2F1d652a8a085.tcredir.com%2F&tiba=Onlinemedium.nu&async=1&fmt=3&is_vtc=1&random=1261484658&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 09 Apr 2020 14:04:23 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/786266999/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/786266999/?random=1586441063810&cv=9&fst=1586440800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2ou432&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.onlinemedium.nu%2Flp%2F4%2F%3Fref_id%3D8%26ref_pi%3Dk8su1qld64f0jho0hvcwkg4ko%2C14545800%2C5%2C&ref=http%3A%2F%2F1d652a8a085.tcredir.com%2F&tiba=Onlinemedium.nu&async=1&fmt=3&is_vtc=1&random=1261484658&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=k8su1qld64f0jho0hvcwkg4ko,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 09 Apr 2020 14:04:23 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| google_tag_manager object| dataLayer function| gtag string| GoogleAnalyticsObject function| ga string| aw_account function| gtag_report_conversion function| setCookie function| getCookie function| cookieMessage object| acceptcookies function| $ function| jQuery object| uiLoad object| jp_config function| sendVerifyEmail function| changeEmailAddress function| nextstep function| post function| eAlert function| eFixedEmail object| __cfQR object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO boolean| __cfRLUnblockHandlers

8 Cookies

Domain/Path Name / Value
.onlinemedium.nu/ Name: _gat_gtag_UA_157401228_1
Value: 1
.onlinemedium.nu/ Name: ref_pi
Value: k8su1qld64f0jho0hvcwkg4ko%2C14545800%2C5%2C
.onlinemedium.nu/ Name: _gat_gtag_UA_104886971_6
Value: 1
.onlinemedium.nu/ Name: _gid
Value: GA1.2.1166904451.1586441064
.onlinemedium.nu/ Name: _gat_gtag_UA_67322249_2
Value: 1
.onlinemedium.nu/ Name: _ga
Value: GA1.2.2076546739.1586441064
.onlinemedium.nu/ Name: ref_id
Value: 8
.onlinemedium.nu/ Name: sec_session_id
Value: 6ll7nigv0qndpnlglcf3n69qqd

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1d652a8a085.tcredir.com
ajax.cloudflare.com
ajax.googleapis.com
googleads.g.doubleclick.net
onlinemedium.nu
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.onlinemedium.nu
216.58.208.34
2606:4700::6810:85e5
2a00:1450:4001:800::2003
2a00:1450:4001:800::2008
2a00:1450:4001:808::2004
2a00:1450:4001:814::2002
2a00:1450:4001:81c::200e
2a00:1450:4001:820::200a
81.171.38.183
95.216.123.230
05a08fd8f7934282653da9cabc6c2ceb1df249eab1e0bced99eda49998d3eb1b
0c3ef500150ec0c017e48cde75bb7d9c3772091cd900955f794cba91f5631ca2
1c69b4871648b150b4313d852b8398982dca599c961b799ba8dba425203ebede
1e4f85639e7606e96e305f605bac5ee126327eac709242ab59f4e85a238d6e90
21f5275ba79130f2729ed89b0198e6171f72f4c952671f0141c29bb4e1ac5959
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
2265c0c538a02c682c5cc9f2054f6538c6ea15e7d6100f9f1259b583d4802cf8
2c2238a426578506fb4e9d8a777e94cc93fade47520ce2106ab11ca66cc83717
2daf164e55316b3bbb730f18d67f332e083767eff037cb188eae5e8294df3687
33581296c1e45c2fd8550384ccc7c27852d5a066e767399ef08d730000979aa7
3878daab0d95f1dc0539eb0ee764c75c13b20d304997525622d30dc58aeef1ed
447964de95594a3724492301a94d81e906e1977cf2a9d9441902fe433468281c
4847121a3d64d8af16936be7e8e22b9da09e85dd3aef127acf931a5ac9deb49b
4cca432bff9590a8dd118ade89fab6b8ba6447a600b9d5cfa8c72c4884862a05
80f2579dce89e09840e13071352e48a2663410266132106f683d1f23affcb3cb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8af164f3ea30e1ae61711c1c8026b94207e4e2576b5d9c1f6b3b08d85eb2fe38
92d0d640a72fe54147913c7dc82fefa513322ef39eee60496da91a03ffb9c78d
988e231dbe7ae986b3b04f20875150fd8a2d8b20204c838c599ad1d51eb62196
9dc6e40a8ab39f533e0288c324145ca7375dd18e26483cf81749643c2b7bf48a
9e76ca805e09850e37e91b7fcdd1c9f29adbaa50ce916355726f796ac24241bd
a17f4a66e836e880dc7745380c6107ae8edf8b44a91082d0e25955286cb35f9f
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b6fa36d77b282d9bae9511367882ad77da7f1a7216d7e4d2f025d180477feec8
bc069d91f20e122b09f51a2f4a0660282119ccfbc6434976bb92e988638d9c15
cffc6cec39777c02a4727b314361f3b253f10b7eff197bcfd65da96d54fc3e07
d175a48c1f7b6a1511ac2fd93eca548c19356e1842e9467167d1f365757ac649
dc62f3bf5147f4136d77b08ad325eb10af585e4e9fa25fd22fda1410cffb19b2
de6905e73a225da46fbf5fec99003ce62e117be50ba53c141eb0facf2acc3688
e19725cf4b6e7e530dc43ccd69b8d7cc264d2894c75988434e7383a8635a41b9
e54093e97afb98dfb06665e6ca68cac2bff843080f3b70466b6f432ee0767274
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0afde7f124b6203f948cc6e3361b2147ac9ddf82ecce9b90f218c63dad20727
f247c11eda3228fe5309a427ff62646fdcccb80a5340cb5f84c2ff280f3aaf82
f9ac72d70584366a4482acb19860ca39def099d91b276f880a277665a481fcbc