urlscan.io logo urlscan.io
SecurityTrails logo

www.onlinemedium.nu Open in urlscan Pro
81.171.38.183  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://125f3a96262c.tcredir.com/
Effective URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Submission: On April 30 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 11 domains to perform 44 HTTP transactions. The main IP is 81.171.38.183, located in Netherlands and belongs to BIP-AS BIP Backbone ASN, NL. The main domain is www.onlinemedium.nu.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 1st 2020. Valid for: 3 months.
This is the only time www.onlinemedium.nu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    5.9.114.5 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.5.114.9.5.clients.your-server.de
125f3a96262c.tcredir.com
19    81.171.38.183 (Netherlands)

ASN34343 (BIP-AS BIP Backbone ASN, NL)
PTR: 183.xldomein.nl
onlinemedium.nu
www.onlinemedium.nu
10    2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)
ajax.cloudflare.com
1    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    216.58.205.226 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s24-in-f2.1e100.net
www.googleadservices.com
3    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:816::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
18 www.onlinemedium.nu www.onlinemedium.nu
10 www.googletagmanager.com www.onlinemedium.nu
4 www.google-analytics.com www.googletagmanager.com
www.onlinemedium.nu
3 www.google.de www.onlinemedium.nu
3 www.google.com 1 redirects www.onlinemedium.nu
3 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 connect.facebook.net www.onlinemedium.nu
1 ajax.cloudflare.com www.onlinemedium.nu
1 ajax.googleapis.com www.onlinemedium.nu
1 onlinemedium.nu 1 redirects
1 125f3a96262c.tcredir.com
44 12

This site contains no links.

Subject Issuer Validity Valid
mail.onlinemedium.nu
Let's Encrypt Authority X3		 2020-03-01 -
2020-05-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-04-15 -
2020-07-14		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Frame ID: 713892B48994708774812EAB740C892D
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://125f3a96262c.tcredir.com/ Page URL
  2. https://onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5, HTTP 301
    https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5, Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

44
Requests

98 %
HTTPS

73 %
IPv6

11
Domains

12
Subdomains

12
IPs

4
Countries

3252 kB
Transfer

4054 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://125f3a96262c.tcredir.com/ Page URL
  2. https://onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5, HTTP 301
    https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5, Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/739058969/?random=1588227504450&cv=9&fst=1588227504450&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.onlinemedium.nu%2Flp%2F4%2F%3Fref_id%3D8%26ref_pi%3D5mo7shcq7aevvg1a89lsgwscg%2C14545800%2C5%2C&ref=http%3A%2F%2F125f3a96262c.tcredir.com%2F&tiba=Onlinemedium.nu&hn=www.googleadservices.com&async=1 HTTP 302
  • https://www.google.com/pagead/1p-user-list/739058969/?random=1588227504450&cv=9&fst=1588226400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.onlinemedium.nu%2Flp%2F4%2F%3Fref_id%3D8%26ref_pi%3D5mo7shcq7aevvg1a89lsgwscg%2C14545800%2C5%2C&ref=http%3A%2F%2F125f3a96262c.tcredir.com%2F&tiba=Onlinemedium.nu&async=1&is_vtc=1&random=705791805&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-user-list/739058969/?random=1588227504450&cv=9&fst=1588226400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.onlinemedium.nu%2Flp%2F4%2F%3Fref_id%3D8%26ref_pi%3D5mo7shcq7aevvg1a89lsgwscg%2C14545800%2C5%2C&ref=http%3A%2F%2F125f3a96262c.tcredir.com%2F&tiba=Onlinemedium.nu&async=1&is_vtc=1&random=705791805&resp=GooglemKTybQhCsO&ipr=y

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
125f3a96262c.tcredir.com/ 		745 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://125f3a96262c.tcredir.com/
Protocol
HTTP/1.1
Server
5.9.114.5 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.5.114.9.5.clients.your-server.de
Software
/
Resource Hash
94b35364b603e2e3690ad4a683386e5da222fa89af3558202cca998248450d35

Request headers

Host
125f3a96262c.tcredir.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 30 Apr 2020 06:18:22 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Vary
Accept-Encoding
Set-Cookie
t-uuid=5mo7shcqg5bbtf3d14cw8g848; expires=Tue, 30-Apr-2030 06:18:22 GMT; Max-Age=315532800; path=/; domain=.tcredir.com traffic-visited-offers=147986%7C1588227502%7C147986%7Cunspecified; expires=Fri, 01-May-2020 06:18:22 GMT; Max-Age=86400; path=/; domain=.tcredir.com traffic-back=ok; expires=Thu, 30-Apr-2020 06:18:52 GMT; Max-Age=30; path=/; domain=.tcredir.com rts-trck=1; expires=Thu, 30-Apr-2020 06:28:22 GMT; Max-Age=600; path=/; domain=125f3a96262c.tcredir.com
Last-Modified
Thu, 30 Apr 2020 06:18:22 GMT
Expires
Thu, 30 Apr 2020 06:18:22 GMT
Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma
no-cache
X-Robots-Tag
noindex, nofollow
Content-Encoding
gzip
Primary Request Cookie set /
www.onlinemedium.nu/lp/4/
Redirect Chain
  • https://onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
  • https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
70 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx / PHP/7.3.15
Resource Hash
629266ca49cc80eea39e8961fcfdae2a28e14f31238d9ba86384931039525eee

Request headers

Host
www.onlinemedium.nu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://125f3a96262c.tcredir.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://125f3a96262c.tcredir.com/

Response headers

Server
nginx
Date
Thu, 30 Apr 2020 06:18:23 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
10525
Connection
keep-alive
X-Powered-By
PHP/7.3.15
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Set-Cookie
sec_session_id=d8jjro8jerf4iek63bskt5ftj7; path=/; domain=onlinemedium.nu; secure; HttpOnly; SameSite=None ref_id=8; expires=Sat, 30-May-2020 06:18:23 GMT; Max-Age=2592000; path=/; domain=onlinemedium.nu; secure; HttpOnly; SameSite=None ref_pi=5mo7shcq7aevvg1a89lsgwscg%2C14545800%2C5%2C; expires=Sat, 30-May-2020 06:18:23 GMT; Max-Age=2592000; path=/; domain=onlinemedium.nu; secure; HttpOnly; SameSite=None google_analytics=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=onlinemedium.nu; secure; HttpOnly; SameSite=None google_adwords=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=onlinemedium.nu; secure; HttpOnly; SameSite=None google_adwords_conversion=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=onlinemedium.nu; secure; HttpOnly; SameSite=None
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Thu, 30 Apr 2020 06:18:22 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
app.css
www.onlinemedium.nu/lp/4/css/ 		219 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.onlinemedium.nu/lp/4/css/app.css
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
4cca432bff9590a8dd118ade89fab6b8ba6447a600b9d5cfa8c72c4884862a05

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 30 Apr 2020 06:18:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Aug 2019 12:08:00 GMT
Server
nginx
ETag
W/"5d554b20-36c49"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
guest.css
www.onlinemedium.nu/lp/4/css/ 		25 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.onlinemedium.nu/lp/4/css/guest.css
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
a17f4a66e836e880dc7745380c6107ae8edf8b44a91082d0e25955286cb35f9f

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 30 Apr 2020 06:18:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Aug 2019 12:09:26 GMT
Server
nginx
ETag
W/"5d554b76-653b"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
lp-4.css
www.onlinemedium.nu/cache/whitelabels/onlinemedium.nu/css/ 		1 KB
756 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.onlinemedium.nu/cache/whitelabels/onlinemedium.nu/css/lp-4.css
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
de6905e73a225da46fbf5fec99003ce62e117be50ba53c141eb0facf2acc3688

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 30 Apr 2020 06:18:24 GMT
Content-Encoding
gzip
Last-Modified
Sun, 29 Mar 2020 17:42:04 GMT
Server
nginx
ETag
W/"5e80ddec-467"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
js
www.googletagmanager.com/gtag/ 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-67322249-2
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
957183368aede057a5c67385889265cef6d87423fd974075e574574a374ab718
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 30 Apr 2020 06:18:24 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
30163
x-xss-protection
0
last-modified
Thu, 30 Apr 2020 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 30 Apr 2020 06:18:24 GMT
js
www.googletagmanager.com/gtag/ 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-786266999
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
da162e0cce0915b349ef248c5dc26f797e8c9aebb609d8bb1bd59f9f5647ea51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 30 Apr 2020 06:18:24 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
30163
x-xss-protection
0
last-modified
Thu, 30 Apr 2020 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 30 Apr 2020 06:18:24 GMT
js
www.googletagmanager.com/gtag/ 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-104886971-6
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
59af3e48ae842730be774418826fccf7230b028ec5711fcc6845ba6638fb96e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 30 Apr 2020 06:18:24 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
30164
x-xss-protection
0
last-modified
Thu, 30 Apr 2020 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 30 Apr 2020 06:18:24 GMT
js
www.googletagmanager.com/gtag/ 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-157401228-1
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
db5612df8ecf44a576442b32b1e595c8e422b9c976a390aee3bedb91c9ad8971
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 30 Apr 2020 06:18:24 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
30163
x-xss-protection
0
last-modified
Thu, 30 Apr 2020 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 30 Apr 2020 06:18:24 GMT
js
www.googletagmanager.com/gtag/ 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-722527491
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec8156047991c025bcd9a3f836cb48282533872034d5e26578518c69221579b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 30 Apr 2020 06:18:24 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
30162
x-xss-protection
0
last-modified
Thu, 30 Apr 2020 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 30 Apr 2020 06:18:24 GMT
js
www.googletagmanager.com/gtag/ 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-739058969
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
57c9bbf09185a4e447b387a60cc71b46c0834cecea4c5f6e04123168369620e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 30 Apr 2020 06:18:24 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
30162
x-xss-protection
0
last-modified
Thu, 30 Apr 2020 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 30 Apr 2020 06:18:24 GMT
js
www.googletagmanager.com/gtag/ 		79 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b2a7f545f5d3b0e28397b1bb4c49895b2772bb9192258c774e4ae7dfce968224
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 30 Apr 2020 06:18:24 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
29948
x-xss-protection
0
last-modified
Thu, 30 Apr 2020 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 30 Apr 2020 06:18:24 GMT
lp4-profile-1.jpg
www.onlinemedium.nu/cache/whitelabels/onlinemedium.nu/img/landers/ 		982 KB
982 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinemedium.nu/cache/whitelabels/onlinemedium.nu/img/landers/lp4-profile-1.jpg
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
dc62f3bf5147f4136d77b08ad325eb10af585e4e9fa25fd22fda1410cffb19b2

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 30 Apr 2020 06:18:24 GMT
Last-Modified
Mon, 08 Jul 2019 14:55:48 GMT
Server
nginx
ETag
"5d235974-f57c4"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1005508
lp4-profile-2.jpg
www.onlinemedium.nu/cache/whitelabels/onlinemedium.nu/img/landers/ 		149 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinemedium.nu/cache/whitelabels/onlinemedium.nu/img/landers/lp4-profile-2.jpg
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
0c3ef500150ec0c017e48cde75bb7d9c3772091cd900955f794cba91f5631ca2

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 30 Apr 2020 06:18:24 GMT
Last-Modified
Mon, 08 Jul 2019 15:53:21 GMT
Server
nginx
ETag
"5d2366f1-25302"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
152322
lp4-profile-3.jpg
www.onlinemedium.nu/cache/whitelabels/onlinemedium.nu/img/landers/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinemedium.nu/cache/whitelabels/onlinemedium.nu/img/landers/lp4-profile-3.jpg
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
f9ac72d70584366a4482acb19860ca39def099d91b276f880a277665a481fcbc

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 30 Apr 2020 06:18:24 GMT
Last-Modified
Sun, 28 Jul 2019 21:44:43 GMT
Server
nginx
ETag
"5d3e174b-10ffa6"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1114022
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 14 Apr 2020 23:55:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1318985
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29725
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Apr 2021 23:55:19 GMT
ui-toggle.js
www.onlinemedium.nu/lp/4/js/ 		503 B
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onlinemedium.nu/lp/4/js/ui-toggle.js
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
2c2238a426578506fb4e9d8a777e94cc93fade47520ce2106ab11ca66cc83717

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 30 Apr 2020 06:18:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Aug 2019 21:20:24 GMT
Server
nginx
ETag
"1f7-58f6546b09600-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
274
ui-load.js
www.onlinemedium.nu/lp/4/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onlinemedium.nu/lp/4/js/ui-load.js
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
3878daab0d95f1dc0539eb0ee764c75c13b20d304997525622d30dc58aeef1ed

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 30 Apr 2020 06:18:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Aug 2019 21:21:46 GMT
Server
nginx
ETag
W/"5d489dea-8d9"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
ui-jp.config.js
www.onlinemedium.nu/lp/4/js/ 		2 KB
940 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onlinemedium.nu/lp/4/js/ui-jp.config.js
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
e19725cf4b6e7e530dc43ccd69b8d7cc264d2894c75988434e7383a8635a41b9

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 30 Apr 2020 06:18:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Aug 2019 21:20:48 GMT
Server
nginx
ETag
W/"5d489db0-9fb"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
ui-jp.js
www.onlinemedium.nu/lp/4/js/ 		460 B
581 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onlinemedium.nu/lp/4/js/ui-jp.js
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
f0afde7f124b6203f948cc6e3361b2147ac9ddf82ecce9b90f218c63dad20727

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 30 Apr 2020 06:18:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Aug 2019 21:22:16 GMT
Server
nginx
ETag
"1cc-58f654d5d9200-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
246
ui-client.js
www.onlinemedium.nu/lp/4/js/ 		511 B
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onlinemedium.nu/lp/4/js/ui-client.js
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
e54093e97afb98dfb06665e6ca68cac2bff843080f3b70466b6f432ee0767274

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 30 Apr 2020 06:18:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Aug 2019 21:21:14 GMT
Server
nginx
ETag
"1ff-58f6549ab8680-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
319
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 30 Apr 2020 06:18:24 GMT
content-encoding
gzip
last-modified
Tue, 21 Apr 2020 17:12:03 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5e9f2963-3016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
58bf252e2f4ac26d-FRA
cf-request-id
026b5590d40000c26d5c972200000001
expires
Sat, 02 May 2020 06:18:24 GMT
fbevents.js
connect.facebook.net/en_US/ 		131 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
31766
x-xss-protection
0
pragma
public
x-fb-debug
+uwrVSEAkoHFKCkoBMQlopmlHpfJiYeLtz/0YYKGenOL7lXpCS1IAlczM1OI3cjYfcRVdJxa7/++gWqcbPJy3Q==
x-fb-trip-id
2000377899
x-frame-options
DENY
date
Thu, 30 Apr 2020 06:18:24 GMT, Thu, 30 Apr 2020 06:18:24 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
bg-lp4.jpg
www.onlinemedium.nu/cache/whitelabels/onlinemedium.nu/img/landers/ 		382 KB
383 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinemedium.nu/cache/whitelabels/onlinemedium.nu/img/landers/bg-lp4.jpg
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
f247c11eda3228fe5309a427ff62646fdcccb80a5340cb5f84c2ff280f3aaf82

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 30 Apr 2020 06:18:24 GMT
Last-Modified
Sat, 10 Aug 2019 05:26:40 GMT
Server
nginx
ETag
"5d4e5590-5f989"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
391561
red-arrow.png
www.onlinemedium.nu/lp/4/img/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinemedium.nu/lp/4/img/red-arrow.png
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
4847121a3d64d8af16936be7e8e22b9da09e85dd3aef127acf931a5ac9deb49b

Request headers

Referer
https://www.onlinemedium.nu/lp/4/css/guest.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 30 Apr 2020 06:18:24 GMT
Last-Modified
Sat, 10 Aug 2019 06:14:42 GMT
Server
nginx
ETag
"5d4e60d2-4ead"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20141
truncated
/ 		233 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9dc6e40a8ab39f533e0288c324145ca7375dd18e26483cf81749643c2b7bf48a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
BwModelica-ExtraBold.otf
www.onlinemedium.nu/lp/4/css/fonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.onlinemedium.nu/lp/4/css/fonts/BwModelica-ExtraBold.otf
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
cffc6cec39777c02a4727b314361f3b253f10b7eff197bcfd65da96d54fc3e07

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.onlinemedium.nu/lp/4/css/app.css
Origin
https://www.onlinemedium.nu

Response headers

Date
Thu, 30 Apr 2020 06:18:24 GMT
Last-Modified
Mon, 05 Aug 2019 21:48:42 GMT
Server
nginx
ETag
"5d48a43a-12b38"
Content-Type
application/x-font-otf
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
76600
BwModelica-Medium.otf
www.onlinemedium.nu/lp/4/css/fonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.onlinemedium.nu/lp/4/css/fonts/BwModelica-Medium.otf
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
988e231dbe7ae986b3b04f20875150fd8a2d8b20204c838c599ad1d51eb62196

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.onlinemedium.nu/lp/4/css/app.css
Origin
https://www.onlinemedium.nu

Response headers

Date
Thu, 30 Apr 2020 06:18:24 GMT
Last-Modified
Mon, 05 Aug 2019 21:45:30 GMT
Server
nginx
ETag
"5d48a37a-123b0"
Content-Type
application/x-font-otf
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
74672
Simple-Line-Icons.woff2
www.onlinemedium.nu/lp/4/css/fonts/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.onlinemedium.nu/lp/4/css/fonts/Simple-Line-Icons.woff2?v=2.3.1
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
b6fa36d77b282d9bae9511367882ad77da7f1a7216d7e4d2f025d180477feec8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.onlinemedium.nu/lp/4/css/app.css
Origin
https://www.onlinemedium.nu

Response headers

Date
Thu, 30 Apr 2020 06:18:24 GMT
Last-Modified
Mon, 05 Aug 2019 21:54:46 GMT
Server
nginx
ETag
"5d48a5a6-72ec"
Content-Type
font/woff2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29420
BwModelica-Bold.otf
www.onlinemedium.nu/lp/4/css/fonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.onlinemedium.nu/lp/4/css/fonts/BwModelica-Bold.otf
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.38.183 , Netherlands, ASN34343 (BIP-AS BIP Backbone ASN, NL),
Reverse DNS
183.xldomein.nl
Software
nginx /
Resource Hash
bc069d91f20e122b09f51a2f4a0660282119ccfbc6434976bb92e988638d9c15

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.onlinemedium.nu/lp/4/css/app.css
Origin
https://www.onlinemedium.nu

Response headers

Date
Thu, 30 Apr 2020 06:18:24 GMT
Last-Modified
Mon, 05 Aug 2019 21:46:56 GMT
Server
nginx
ETag
"5d48a3d0-12898"
Content-Type
application/x-font-otf
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
75928
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-786266999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
4924
date
Thu, 30 Apr 2020 04:56:20 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18174
expires
Thu, 30 Apr 2020 06:56:20 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-786266999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s24-in-f2.1e100.net
Software
cafe /
Resource Hash
28f07389552cf9e3557433f06cf63d9cf59e406f6aace98f63ba8220bb6095a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 30 Apr 2020 06:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
10743
x-xss-protection
0
server
cafe
etag
10886962978695911934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 30 Apr 2020 06:18:24 GMT
a
www.googletagmanager.com/ 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-157401228-1&cv=1&v=3&t=t&pid=660378688&rv=4f0&es=1&e=gtm.js&eid=34&tc=1&tr=1rep&ti=1rep&z=0
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Apr 2020 06:18:24 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
status
204
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-157401228-1&cv=1&v=3&t=t&pid=660378688&rv=4f0&es=1&e=*&eid=35&tc=1&z=0
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Apr 2020 06:18:24 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
status
204
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1016148229&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onlinemedium.nu%2Flp%2F4%2F%3Fref_id%3D8%26ref_pi%3D5mo7shcq7aevvg1a89lsgwscg%2C14545800%2C5%2C&dr=http%3A%2F%2F125f3a96262c.tcredir.com%2F&ul=en-us&de=UTF-8&dt=Onlinemedium.nu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1373342490&gjid=740928130&cid=1351687954.1588227504&tid=UA-67322249-2&_gid=1856018318.1588227504&_r=1&gtm=2oa4f0&z=1720467306
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Apr 2020 06:18:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1016148229&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onlinemedium.nu%2Flp%2F4%2F%3Fref_id%3D8%26ref_pi%3D5mo7shcq7aevvg1a89lsgwscg%2C14545800%2C5%2C&dr=http%3A%2F%2F125f3a96262c.tcredir.com%2F&ul=en-us&de=UTF-8&dt=Onlinemedium.nu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAUAB~&jid=193432813&gjid=453943161&cid=1351687954.1588227504&tid=UA-104886971-6&_gid=1856018318.1588227504&_r=1&gtm=2oa4f0&z=1309202350
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Apr 2020 06:18:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1016148229&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onlinemedium.nu%2Flp%2F4%2F%3Fref_id%3D8%26ref_pi%3D5mo7shcq7aevvg1a89lsgwscg%2C14545800%2C5%2C&dr=http%3A%2F%2F125f3a96262c.tcredir.com%2F&ul=en-us&de=UTF-8&dt=Onlinemedium.nu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAUAB~&jid=1381074053&gjid=367905721&cid=1351687954.1588227504&tid=UA-157401228-1&_gid=1856018318.1588227504&_r=1&gtm=2oa4f0&z=454987660
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Apr 2020 06:18:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/786266999/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/786266999/?random=1588227504448&cv=9&fst=1588227504448&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.onlinemedium.nu%2Flp%2F4%2F%3Fref_id%3D8%26ref_pi%3D5mo7shcq7aevvg1a89lsgwscg%2C14545800%2C5%2C&ref=http%3A%2F%2F125f3a96262c.tcredir.com%2F&tiba=Onlinemedium.nu&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5179edab6047cbaccf5e2a9b8c72f3fc92ee3c891ad89c87a9548f03894bb6c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Apr 2020 06:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1089
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/722527491/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/722527491/?random=1588227504450&cv=9&fst=1588227504450&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.onlinemedium.nu%2Flp%2F4%2F%3Fref_id%3D8%26ref_pi%3D5mo7shcq7aevvg1a89lsgwscg%2C14545800%2C5%2C&ref=http%3A%2F%2F125f3a96262c.tcredir.com%2F&tiba=Onlinemedium.nu&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14571675a5b4081e53eafd072fe8e1f081222f34ed429dcabe02f66c27ed3d1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Apr 2020 06:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1087
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/739058969/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/739058969/?random=1588227504450&cv=9&fst=1588227504450&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
  • https://www.google.com/pagead/1p-user-list/739058969/?random=1588227504450&cv=9&fst=1588226400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java...
  • https://www.google.de/pagead/1p-user-list/739058969/?random=1588227504450&cv=9&fst=1588226400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=...
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/739058969/?random=1588227504450&cv=9&fst=1588226400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.onlinemedium.nu%2Flp%2F4%2F%3Fref_id%3D8%26ref_pi%3D5mo7shcq7aevvg1a89lsgwscg%2C14545800%2C5%2C&ref=http%3A%2F%2F125f3a96262c.tcredir.com%2F&tiba=Onlinemedium.nu&async=1&is_vtc=1&random=705791805&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Apr 2020 06:18:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 30 Apr 2020 06:18:24 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/739058969/?random=1588227504450&cv=9&fst=1588226400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.onlinemedium.nu%2Flp%2F4%2F%3Fref_id%3D8%26ref_pi%3D5mo7shcq7aevvg1a89lsgwscg%2C14545800%2C5%2C&ref=http%3A%2F%2F125f3a96262c.tcredir.com%2F&tiba=Onlinemedium.nu&async=1&is_vtc=1&random=705791805&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/786266999/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/786266999/?random=1588227504448&cv=9&fst=1588226400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.onlinemedium.nu%2Flp%2F4%2F%3Fref_id%3D8%26ref_pi%3D5mo7shcq7aevvg1a89lsgwscg%2C14545800%2C5%2C&ref=http%3A%2F%2F125f3a96262c.tcredir.com%2F&tiba=Onlinemedium.nu&async=1&fmt=3&is_vtc=1&random=794916668&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Apr 2020 06:18:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/786266999/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/786266999/?random=1588227504448&cv=9&fst=1588226400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.onlinemedium.nu%2Flp%2F4%2F%3Fref_id%3D8%26ref_pi%3D5mo7shcq7aevvg1a89lsgwscg%2C14545800%2C5%2C&ref=http%3A%2F%2F125f3a96262c.tcredir.com%2F&tiba=Onlinemedium.nu&async=1&fmt=3&is_vtc=1&random=794916668&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Apr 2020 06:18:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/722527491/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/722527491/?random=1588227504450&cv=9&fst=1588226400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.onlinemedium.nu%2Flp%2F4%2F%3Fref_id%3D8%26ref_pi%3D5mo7shcq7aevvg1a89lsgwscg%2C14545800%2C5%2C&ref=http%3A%2F%2F125f3a96262c.tcredir.com%2F&tiba=Onlinemedium.nu&async=1&fmt=3&is_vtc=1&random=1827749355&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Apr 2020 06:18:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/722527491/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/722527491/?random=1588227504450&cv=9&fst=1588226400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.onlinemedium.nu%2Flp%2F4%2F%3Fref_id%3D8%26ref_pi%3D5mo7shcq7aevvg1a89lsgwscg%2C14545800%2C5%2C&ref=http%3A%2F%2F125f3a96262c.tcredir.com%2F&tiba=Onlinemedium.nu&async=1&fmt=3&is_vtc=1&random=1827749355&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.onlinemedium.nu
URL: https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Apr 2020 06:18:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-157401228-1&cv=1&v=3&t=t&pid=660378688&rv=4f0&es=1&e=gtm.load&eid=105&u=C&tc=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.onlinemedium.nu/lp/4/?ref_id=8&ref_pi=5mo7shcq7aevvg1a89lsgwscg,14545800,5,
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Apr 2020 06:18:25 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
status
204
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| gtag object| dataLayer string| aw_account function| gtag_report_conversion string| facebook_init_code function| fbq function| _fbq function| setCookie function| getCookie function| cookieMessage object| acceptcookies function| $ function| jQuery object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| uiLoad object| jp_config function| sendVerifyEmail function| changeEmailAddress function| nextstep function| post function| eAlert function| eFixedEmail object| __cfQR boolean| __cfRLUnblockHandlers

8 Cookies

Domain/Path Name / Value
.onlinemedium.nu/ Name: _gat_gtag_UA_157401228_1
Value: 1
.onlinemedium.nu/ Name: ref_pi
Value: 5mo7shcq7aevvg1a89lsgwscg%2C14545800%2C5%2C
.onlinemedium.nu/ Name: _gat_gtag_UA_104886971_6
Value: 1
.onlinemedium.nu/ Name: _gid
Value: GA1.2.1856018318.1588227504
.onlinemedium.nu/ Name: _gat_gtag_UA_67322249_2
Value: 1
.onlinemedium.nu/ Name: _ga
Value: GA1.2.1351687954.1588227504
.onlinemedium.nu/ Name: ref_id
Value: 8
.onlinemedium.nu/ Name: sec_session_id
Value: d8jjro8jerf4iek63bskt5ftj7

1 Console Messages

Source Level URL
Text
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[Facebook Pixel] - Invalid PixelID: null.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

125f3a96262c.tcredir.com
ajax.cloudflare.com
ajax.googleapis.com
connect.facebook.net
googleads.g.doubleclick.net
onlinemedium.nu
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.onlinemedium.nu
216.58.205.226
2606:4700::6810:85e5
2a00:1450:4001:801::2002
2a00:1450:4001:816::2004
2a00:1450:4001:818::200a
2a00:1450:4001:81b::200e
2a00:1450:4001:824::2003
2a00:1450:4001:825::2008
2a03:2880:f02d:12:face:b00c:0:3
5.9.114.5
81.171.38.183
0c3ef500150ec0c017e48cde75bb7d9c3772091cd900955f794cba91f5631ca2
14571675a5b4081e53eafd072fe8e1f081222f34ed429dcabe02f66c27ed3d1d
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
28f07389552cf9e3557433f06cf63d9cf59e406f6aace98f63ba8220bb6095a5
2c2238a426578506fb4e9d8a777e94cc93fade47520ce2106ab11ca66cc83717
3878daab0d95f1dc0539eb0ee764c75c13b20d304997525622d30dc58aeef1ed
4847121a3d64d8af16936be7e8e22b9da09e85dd3aef127acf931a5ac9deb49b
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
4cca432bff9590a8dd118ade89fab6b8ba6447a600b9d5cfa8c72c4884862a05
5179edab6047cbaccf5e2a9b8c72f3fc92ee3c891ad89c87a9548f03894bb6c1
57c9bbf09185a4e447b387a60cc71b46c0834cecea4c5f6e04123168369620e4
59af3e48ae842730be774418826fccf7230b028ec5711fcc6845ba6638fb96e6
629266ca49cc80eea39e8961fcfdae2a28e14f31238d9ba86384931039525eee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
94b35364b603e2e3690ad4a683386e5da222fa89af3558202cca998248450d35
957183368aede057a5c67385889265cef6d87423fd974075e574574a374ab718
988e231dbe7ae986b3b04f20875150fd8a2d8b20204c838c599ad1d51eb62196
9dc6e40a8ab39f533e0288c324145ca7375dd18e26483cf81749643c2b7bf48a
a17f4a66e836e880dc7745380c6107ae8edf8b44a91082d0e25955286cb35f9f
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b2a7f545f5d3b0e28397b1bb4c49895b2772bb9192258c774e4ae7dfce968224
b6fa36d77b282d9bae9511367882ad77da7f1a7216d7e4d2f025d180477feec8
bc069d91f20e122b09f51a2f4a0660282119ccfbc6434976bb92e988638d9c15
cffc6cec39777c02a4727b314361f3b253f10b7eff197bcfd65da96d54fc3e07
da162e0cce0915b349ef248c5dc26f797e8c9aebb609d8bb1bd59f9f5647ea51
db5612df8ecf44a576442b32b1e595c8e422b9c976a390aee3bedb91c9ad8971
dc62f3bf5147f4136d77b08ad325eb10af585e4e9fa25fd22fda1410cffb19b2
de6905e73a225da46fbf5fec99003ce62e117be50ba53c141eb0facf2acc3688
e19725cf4b6e7e530dc43ccd69b8d7cc264d2894c75988434e7383a8635a41b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54093e97afb98dfb06665e6ca68cac2bff843080f3b70466b6f432ee0767274
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ec8156047991c025bcd9a3f836cb48282533872034d5e26578518c69221579b5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0afde7f124b6203f948cc6e3361b2147ac9ddf82ecce9b90f218c63dad20727
f247c11eda3228fe5309a427ff62646fdcccb80a5340cb5f84c2ff280f3aaf82
f9ac72d70584366a4482acb19860ca39def099d91b276f880a277665a481fcbc