www.gevonden.cc Open in urlscan Pro
2606:4700:3037::681c:958 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.gevonden.cc/
Submission: On February 14 via manual (February 14th 2020, 8:07:25 am UTC) from NL

Summary HTTP 62 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 7 countries across 14 domains to perform 62 HTTP transactions. The main IP is 2606:4700:3037::681c:958, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.gevonden.cc.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on December 31st 2019. Valid for: 9 months.

This is the only time www.gevonden.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 16	2606:4700:303... 2606:4700:3037::681c:958	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE)
2	3.122.22.27 3.122.22.27	16509 (AMAZON-02) (AMAZON-02)
1 3	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	13.225.78.59 13.225.78.59	16509 (AMAZON-02) (AMAZON-02)
3	52.17.234.156 52.17.234.156	16509 (AMAZON-02) (AMAZON-02)
7	172.217.22.2 172.217.22.2	15169 (GOOGLE) (GOOGLE)
1	23.210.249.83 23.210.249.83	16625 (AKAMAI-AS) (AKAMAI-AS)
5	23.210.249.164 23.210.249.164	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:81e::2001	15169 (GOOGLE) (GOOGLE)
1 5	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	52.29.136.183 52.29.136.183	16509 (AMAZON-02) (AMAZON-02)
2	185.94.180.123 185.94.180.123	35220 (SPOTX-AMS) (SPOTX-AMS)
62	18

16 2606:4700:3037::681c:958 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.gevonden.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.22.27 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-22-27.eu-central-1.compute.amazonaws.com

nl.ads.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.59 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-59.fra2.r.cloudfront.net

cdn.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.17.234.156 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-234-156.eu-west-1.compute.amazonaws.com

tracking.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.22.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.249.83 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-83.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.210.249.164 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.173.38 (Ascension Island) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.29.136.183 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-136-183.eu-central-1.compute.amazonaws.com

pre.ads.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.123 (Netherlands)

ASN35220 (SPOTX-AMS, NL)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	gevonden.cc 1 redirects www.gevonden.cc	408 KB
10	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net	92 KB
9	justpremium.com nl.ads.justpremium.com cdn.justpremium.com tracking.justpremium.com pre.ads.justpremium.com	74 KB
6	adnxs.com 1 redirects acdn.adnxs.com secure.adnxs.com	43 KB
5	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	121 KB
4	casalemedia.com as-sec.casalemedia.com	3 KB
4	googletagservices.com www.googletagservices.com	96 KB
3	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	spotxchange.com search.spotxchange.com	2 KB
2	googletagmanager.com www.googletagmanager.com	50 KB
1	criteo.com gum.criteo.com	333 B
1	indexww.com js-sec.indexww.com	28 KB
1	google.com adservice.google.com	778 B
1	google.de adservice.google.de	171 B
62	14

	Domain	Requested by
16	www.gevonden.cc	1 redirects www.gevonden.cc pagead2.googlesyndication.com
7	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.gevonden.cc
5	secure.adnxs.com	1 redirects www.gevonden.cc secure.adnxs.com securepubads.g.doubleclick.net
4	as-sec.casalemedia.com	js-sec.indexww.com
4	www.googletagservices.com	www.googletagmanager.com pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	pagead2.googlesyndication.com	www.gevonden.cc pagead2.googlesyndication.com
3	pre.ads.justpremium.com	nl.ads.justpremium.com cdn.justpremium.com
3	tracking.justpremium.com	www.gevonden.cc
3	www.google-analytics.com	1 redirects www.gevonden.cc
2	search.spotxchange.com	cdn.justpremium.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	nl.ads.justpremium.com	www.gevonden.cc nl.ads.justpremium.com
2	www.googletagmanager.com	www.gevonden.cc
1	gum.criteo.com	secure.adnxs.com
1	tpc.googlesyndication.com	securepubads.g.doubleclick.net
1	js-sec.indexww.com	www.googletagmanager.com
1	acdn.adnxs.com	nl.ads.justpremium.com
1	cdn.justpremium.com	nl.ads.justpremium.com
1	stats.g.doubleclick.net	www.gevonden.cc
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
62	21

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-12-31` - `2020-10-09`	9 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
tracking.justpremium.com Amazon	`2019-12-24` - `2021-01-24`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
cdn.justpremium.com Amazon	`2020-01-07` - `2021-02-07`	a year	crt.sh
ads.justpremium.com Amazon	`2019-03-22` - `2020-04-22`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-07-17` - `2020-03-09`	8 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2019-12-05` - `2021-04-08`	a year	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2019-03-18` - `2021-03-17`	2 years	crt.sh

This page contains 7 frames:

Primary Page: https://www.gevonden.cc/
Frame ID: EB42EDFCAD39884362C7199EE9DDBBD9
Requests: 46 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200212/r20190131/zrt_lookup.html
Frame ID: 3682797820B3F35A7B105DC4B3A4E136
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1132582634866831&output=html&adk=1812271804&adf=3025194257&lmt=1581667628&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.gevonden.cc%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1581667627938&bpp=125&bdt=46&fdt=158&idt=158&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=108846262419&frm=20&pv=2&ga_vid=1717232856.1581667628&ga_sid=1581667628&ga_hid=517322554&ga_fc=0&iag=0&icsg=8423998&dssz=18&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065304%2C44714169&oid=3&pvsid=1662073417444922&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=169
Frame ID: 6DA0D9451FC1467308FCC0AB14BB047B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvx1XNqXqIbobx1CrHQDNPfmPjUc2tLXS8HkkavZCoaVtm1B0Or2iRFcodntZXyR_HE5qYMfL9PJF4AZuzVZfYl2x8tq0_7yBjQFeHfuB1eUf0Bbeth9gkWi8OGs-_6h10jTgUbBxSgUF809dvd9P0ixwiWikmVNcGVIMmEo9-IYBik80e2lqDU_HqaeuFNxqrSBbelBVM_ZyFNZCtjFxLgSjDsSDWjd7jkjD43uP4PCaL22QvEDBuy2cgqw1g92NKMokBQtkFnyfXJe3WqtsSMLMRzs6JjcWbQqBZ2zZjcx6UH&sig=Cg0ArKJSzMh4C3L_9GTzEAE&urlfix=1&adurl=
Frame ID: 451E401DA550793B091C99A412EE6EF5
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstV6HYV5pSgKZh3A5fxB4xB4M_GgFg068chVmhu-HiS8VX3_VRl_SgjIAElLiDlwj0nsX3bxXJbg8Ub0joiUqE93aim_DNz-e9BVvMcNhCcTP998W35yO5ZXQcBJjEBnWkYuOynMzHvHaMDFc6k_RCWcGaZc3tk2ijvZqyM0bk7GVLq_FgMAVZ2LbDqhFjTS2Lv6_ZLHihCOHmXQplfaAe7Tcx4cZwgX4AltNhQCKYHPrWR1zA-t0QkOCMKvcMX53ZPmY7wsvHWSCrzYpzY4uIyfCatTYMicyMhRQWZY9R_WG-F&sig=Cg0ArKJSzEqkyqp_7InJEAE&urlfix=1&adurl=
Frame ID: E4961441F06D415850881F49382EE99E
Requests: 6 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync
Frame ID: F2178506C05B9EE8FA86BF752978E4B6
Requests: 1 HTTP requests in this frame

Frame: https://tracking.justpremium.com/tracking.gif?rid=4a68e4e5-326d-2105-943e-af7a1ffc7bf3-1581667627959&sid=eb55c5af-3b0c-9cc4-2cb7-450a9c2b8d6c-1581667627959&uid=1349f851-924d-c6c8-28da-3287d04259d4-1581667627959&vr=v2.5.325&ru=https%3A%2F%2Fwww.gevonden.cc%2F&tt=1581667630705&siw=1100&sh=1200&sw=1600&wh=1200&ww=1600&an=3.0.0&vn=eu-central-1&sd=&_c=alljky21581667630705&et=&aid=203059,203059,213597,213597,202071,302667,302667&said=590065,347014,590064,367213,345160,615929,615930&ei=16651068%2C1092392%2C16651067%2C1123251%2C115840%2C16684586%2C22094275&fc=pu,pu,cf,cf,wv,wp,wp&sp=32,1,32,1,24,32,1&at=adserver&cid=&ist=0,0,0,0,0,0,0&mg=&dl=&dlt=&ev=&vt=&zid=39510&dr=548&di=&pr=&cw=&ch=&nt=&st=&jp=%7B%22ph%22%3A960%7D&ty=ex
Frame ID: 5D79CA33F536E407E46FFAA6C5E1DBC6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /adnxs\.(?:net|com)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

Page Statistics

62
Requests

100 %
HTTPS

47 %
IPv6

14
Domains

21
Subdomains

18
IPs

7
Countries

935 kB
Transfer

2205 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://www.gevonden.cc/css/flaticon.css HTTP 302
https://www.gevonden.cc/

Request Chain 18

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=517322554&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gevonden.cc%2F&ul=en-us&de=UTF-8&dt=Gevonden.cc%20Iedereen%20snel%20gevonden!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUAB~&jid=635678880&gjid=1059444735&cid=1717232856.1581667628&tid=UA-118647873-1&_gid=1704373617.1581667628&_r=1&gtm=2wg250N9LSPLS&z=1107672685 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-118647873-1&cid=1717232856.1581667628&jid=635678880&_gid=1704373617.1581667628&gjid=1059444735&_v=j81&z=1107672685

Request Chain 38

https://secure.adnxs.com/ttj?id=12215531&size=970x90&promo_sizes=728x90&promo_alignment=center&cb=1449820219&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstrIg_NUT9YcRJKttGUuJQJCBDbL-ZNvwMZyDWC3vdlFmV0jm6IZvqYEfihkrx91qtYn7Gb4-3zZUozkC68K1PgTJvyRYIh1YOBfORDSvj4GvnDbwUXSmPIOdRKrx4pwR4_ChBIaGSf5EpQ7Si-b1NYBJMha0kx8xwNME3DZfD-k5vYd4jV7OACe2hbRI80bdvhkaRNm7zk5j3XtnJB2TT8XW_g4kjWRTnfWVYL9tvDGfecqIg_6aAGWIfAssPdI0HJz4ikIuOhsYvUYbpTKc8NiSog-_Q2BbsilF7pa33_%2526sig%253DCg0ArKJSzEbc96GUxyUlEAE%2526urlfix%253D1%2526adurl%253D HTTP 302
https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D12215531%26size%3D970x90%26promo_sizes%3D728x90%26promo_alignment%3Dcenter%26cb%3D1449820219%26pubclick%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%25253Fxai%25253DAKAOjstrIg_NUT9YcRJKttGUuJQJCBDbL-ZNvwMZyDWC3vdlFmV0jm6IZvqYEfihkrx91qtYn7Gb4-3zZUozkC68K1PgTJvyRYIh1YOBfORDSvj4GvnDbwUXSmPIOdRKrx4pwR4_ChBIaGSf5EpQ7Si-b1NYBJMha0kx8xwNME3DZfD-k5vYd4jV7OACe2hbRI80bdvhkaRNm7zk5j3XtnJB2TT8XW_g4kjWRTnfWVYL9tvDGfecqIg_6aAGWIfAssPdI0HJz4ikIuOhsYvUYbpTKc8NiSog-_Q2BbsilF7pa33_%252526sig%25253DCg0ArKJSzEbc96GUxyUlEAE%252526urlfix%25253D1%252526adurl%25253D

62 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.gevonden.cc/ 7 KB
2 KB 110ms
70ms Document
text/html 2606:4700:3037::681c:958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gevonden.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681c:958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.0.27
Resource Hash: b9ac0a22925f718ab22622bf58ecd1995aef7fbe59f5f9811afaa835fbb450da

Request headers

:method: GET
:authority: www.gevonden.cc
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Fri, 14 Feb 2020 08:07:07 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d8488b563f1be65b15bb211c6563a61e31581667627; expires=Sun, 15-Mar-20 08:07:07 GMT; path=/; domain=.gevonden.cc; HttpOnly; SameSite=Lax; Secure
x-powered-by: PHP/7.0.27
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 564d8bf1ee6364eb-FRA
content-encoding: br

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
28 KB 29ms
16ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-115827224-1

Requested by

Host: www.gevonden.cc
URL: https://www.gevonden.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d23d32e6bdd43e3186a05296510a1eca1a6ab6c2cbac3066d4ab7c6f747ac37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 08:07:07 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28496
x-xss-protection: 0
last-modified: Fri, 14 Feb 2020 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Feb 2020 08:07:07 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 107 KB
38 KB 30ms
24ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.gevonden.cc
URL: https://www.gevonden.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cc33b0645193b03341bb802079e2cb8e29848f82f7440ed13984b01e1f2ef1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 08:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 38681
x-xss-protection: 0
server: cafe
etag: 14074291554081990423
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 Feb 2020 08:07:07 GMT

GET
H2 200 bootstrap.min.css
www.gevonden.cc/css/ 111 KB
17 KB 66ms
65ms Stylesheet
text/css 2606:4700:3037::681c:958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gevonden.cc/css/bootstrap.min.css
Requested by: Host: www.gevonden.cc
URL: https://www.gevonden.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681c:958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d699f303990ce9bd7d7c97e9bd3cad6a46ecf2532f475cf22ae58213237821b9

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 08:07:07 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2018 11:48:11 GMT
server: cloudflare
etag: W/"1bb5a-565cb9e3e2270-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 564d8bf25eb664eb-FRA

GET
H2 200 style.css
www.gevonden.cc/ 8 KB
2 KB 55ms
54ms Stylesheet
text/css 2606:4700:3037::681c:958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gevonden.cc/style.css
Requested by: Host: www.gevonden.cc
URL: https://www.gevonden.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681c:958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee948c85e0825b84d3052e087accfc7c2a38260b4d1fc5b6233d59378434a4d9

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 08:07:07 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 24 Feb 2018 16:49:31 GMT
server: cloudflare
etag: W/"2173-565f80f915e90-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 564d8bf25eb764eb-FRA

GET
H2 200 responsive.css
www.gevonden.cc/css/ 12 KB
2 KB 51ms
50ms Stylesheet
text/css 2606:4700:3037::681c:958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gevonden.cc/css/responsive.css
Requested by: Host: www.gevonden.cc
URL: https://www.gevonden.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681c:958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b8bd48fdcc4a1aba295611eb00f6cb9476bd32908a6da45f3102f700bcb7040

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 08:07:07 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2018 11:48:11 GMT
server: cloudflare
etag: W/"2fcb-565cb9e3f6a8e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 564d8bf25eb964eb-FRA

GET
H2 200 js.php Show response
nl.ads.justpremium.com/adserve/ 8 KB
4 KB 81ms
29ms Script
text/javascript 3.122.22.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nl.ads.justpremium.com/adserve/js.php?zone=39510
Requested by: Host: www.gevonden.cc
URL: https://www.gevonden.cc/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.22.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-22-27.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ea4be333cae007cd9cef001830f2652fbdd426f17ee11babe5e3d3609e362c18

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 08:07:07 GMT
content-encoding: gzip
server: nginx
vary: *
content-type: text/javascript; charset=utf-8
status: 200
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache, no-store

GET
H2 200 logo.png
www.gevonden.cc/images/ 30 KB
31 KB 59ms
58ms Image
image/png 2606:4700:3037::681c:958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gevonden.cc/images/logo.png
Requested by: Host: www.gevonden.cc
URL: https://www.gevonden.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681c:958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f04fd5209a9c5c3cfb005e2d3d425bd9f43591497fbebd461cfbe5143e952980

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 08:07:08 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2018 11:48:13 GMT
server: cloudflare
etag: "79a5-565cb9e5fc3a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 564d8bf2ff2c64eb-FRA
content-length: 31141

GET
H2 200 jquery.js Show response
www.gevonden.cc/js/ 94 KB
32 KB 68ms
68ms Script
application/javascript 2606:4700:3037::681c:958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gevonden.cc/js/jquery.js
Requested by: Host: www.gevonden.cc
URL: https://www.gevonden.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681c:958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 08:07:07 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2018 11:48:13 GMT
server: cloudflare
etag: W/"176d5-565cb9e648663-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 564d8bf29ee364eb-FRA

GET
H2 200 bootstrap.min.js Show response
www.gevonden.cc/js/ 35 KB
9 KB 57ms
56ms Script
application/javascript 2606:4700:3037::681c:958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gevonden.cc/js/bootstrap.min.js
Requested by: Host: www.gevonden.cc
URL: https://www.gevonden.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681c:958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 460c16e3336e92c24e18f94c1a8380d9d9d4ba1f744547e3d214305027f76c4a

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 08:07:07 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2018 11:48:13 GMT
server: cloudflare
etag: W/"8b07-565cb9e645784-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 564d8bf29ee864eb-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 60 KB
22 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N9LSPLS

Requested by

Host: www.gevonden.cc
URL: https://www.gevonden.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b6e788b9f19b4e172b423477ac957bcacd2eaec47bd48ed7a336007b797bbed2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 08:07:08 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 22071
x-xss-protection: 0
last-modified: Fri, 14 Feb 2020 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Feb 2020 08:07:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gevonden.cc
URL: https://www.gevonden.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5616
date: Fri, 14 Feb 2020 06:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Fri, 14 Feb 2020 08:33:32 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 43ms
18ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.gevonden.cc

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 08:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
778 B 30ms
18ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gevonden.cc

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 08:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/ 221 KB
83 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51306b94354b978995db93f41f35703be797c4ae698013ffac3a20810d1947ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 08:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84518
x-xss-protection: 0
server: cafe
etag: 17204687633813293547
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Feb 2020 08:07:08 GMT

GET
H2 200 font-awesome.min.css
www.gevonden.cc/css/ 23 KB
5 KB 55ms
55ms Stylesheet
text/css 2606:4700:3037::681c:958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gevonden.cc/css/font-awesome.min.css
Requested by: Host: www.gevonden.cc
URL: https://www.gevonden.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681c:958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4714d5afbd206aa6e5862b917a3dd866d71f043e37cb2e1889f3a4e896291de

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 08:07:07 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2018 11:48:11 GMT
server: cloudflare
etag: W/"5cbc-565cb9e3f4b4e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 564d8bf2bef964eb-FRA

GET
H2

200

/
www.gevonden.cc/
Redirect Chain

https://www.gevonden.cc/css/flaticon.css
https://www.gevonden.cc/

7 KB
2 KB

48ms
48ms

Stylesheet
text/html

2606:4700:3037::681c:958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gevonden.cc/
Requested by: Host: www.gevonden.cc
URL: https://www.gevonden.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681c:958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.0.27
Resource Hash: b9ac0a22925f718ab22622bf58ecd1995aef7fbe59f5f9811afaa835fbb450da

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 08:07:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.0.27
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
status: 200
cf-ray: 564d8bf30f3c64eb-FRA

Redirect headers

date: Fri, 14 Feb 2020 08:07:07 GMT
cf-cache-status: BYPASS
server: cloudflare
status: 302
x-powered-by: PHP/7.0.27
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
location: /
cf-ray: 564d8bf2befb64eb-FRA

GET
H2 200 animate.css
www.gevonden.cc/css/ 74 KB
4 KB 61ms
60ms Stylesheet
text/css 2606:4700:3037::681c:958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gevonden.cc/css/animate.css
Requested by: Host: www.gevonden.cc
URL: https://www.gevonden.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681c:958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c61d53c6505e7604efa05c6ccef932f18d110d33cc7970696533e72ebdf732d3

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 08:07:08 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 22 Feb 2018 11:48:11 GMT
server: cloudflare
etag: W/"127aa-565cb9e3e12d0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 564d8bf2befd64eb-FRA

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 13ms
13ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=517322554&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gevonden.cc%2F&ul=en-us&de=UTF-8&dt=Gevonden.cc%20Iedereen%20snel%20gevonden!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAUAB~&jid=258781173&gjid=1702365161&cid=1717232856.1581667628&tid=UA-115827224-1&_gid=1704373617.1581667628&_r=1&gtm=2ou250&z=131312554

Requested by

Host: www.gevonden.cc
URL: https://www.gevonden.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 08:07:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=517322554&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gevonden.cc%2F&ul=en-us&de=UTF-8&dt=Gevonden.cc%20Iedereen%20snel%20gevonden!&sd=24-bit&sr=160...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-118647873-1&cid=1717232856.1581667628&jid=635678880&_gid=1704373617.1581667628&gjid=1059444735&_v=j81&z=1107672685

35 B
407 B

43ms
15ms

Image
image/gif

2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-118647873-1&cid=1717232856.1581667628&jid=635678880&_gid=1704373617.1581667628&gjid=1059444735&_v=j81&z=1107672685

Requested by

Host: www.gevonden.cc
URL: https://www.gevonden.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Fri, 14 Feb 2020 08:07:08 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Feb 2020 08:07:08 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-118647873-1&cid=1717232856.1581667628&jid=635678880&_gid=1704373617.1581667628&gjid=1059444735&_v=j81&z=1107672685
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 420
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jpx.js Show response
cdn.justpremium.com/js/v2.5.325/ 272 KB
63 KB 100ms
37ms Script
text/javascript 13.225.78.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.justpremium.com/js/v2.5.325/jpx.js
Requested by: Host: nl.ads.justpremium.com
URL: https://nl.ads.justpremium.com/adserve/js.php?zone=39510
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-59.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7489ac302947c2b69b5ef7fc5c418fc5f03c342f77e4076b0f57e4d4712285a2

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 11 Feb 2020 10:29:39 GMT
content-encoding: gzip
last-modified: Mon, 03 Feb 2020 14:12:14 GMT
server: AmazonS3
age: 250650
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: public, max-age=2592000, s-maxage=2592000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 8E_kf2m00brCQsfhhKeDzzBzs44SHNztlVTOeHXtb9xyr6L29cqOJQ==
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)

GET
H/1.1 200
OK tracking.gif
tracking.justpremium.com/ 43 B
332 B 131ms
30ms Image
image/gif 52.17.234.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.justpremium.com/tracking.gif?rid=4a68e4e5-326d-2105-943e-af7a1ffc7bf3-1581667627959&sid=eb55c5af-3b0c-9cc4-2cb7-450a9c2b8d6c-1581667627959&uid=1349f851-924d-c6c8-28da-3287d04259d4-1581667627959&vr=2.5.325&ru=https%3A%2F%2Fwww.gevonden.cc%2F&tt=1581667628055&siw=0&sh=1200&sw=1600&wh=1200&ww=1600&an=i-0733b18a26906828d&vn=eu-central-1&sd=&_c=2173353321&et=&aid=&said=&ei=&fc=&sp=&at=adserver&cid=0&ist=&mg=&dl=&dlt=&ev=&vt=&zid=39510&dr=0&di=&pr=&cw=&ch=&nt=&st=&jp=&ty=ta
Requested by: Host: www.gevonden.cc
URL: https://www.gevonden.cc/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.234.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-234-156.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 14 Feb 2020 08:07:08 GMT
Last-Modified: Tue, 29 Oct 2019 11:59:16 GMT
Server: nginx
ETag: "5db82994-2b"
Content-Type: image/gif
Cache-Control: public, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43

GET
H2 200 bg.jpg
www.gevonden.cc/images/ 241 KB
241 KB 58ms
58ms Image
image/jpeg 2606:4700:3037::681c:958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gevonden.cc/images/bg.jpg
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681c:958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbc8bf9d7f5524b49d5ca9f5a27abd21cff789baf1508f778fab156c7b4947e7

Request headers

Referer: https://www.gevonden.cc/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 08:07:08 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 22 Feb 2018 11:48:13 GMT
server: cloudflare
etag: "3c383-565cb9e59c870"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 564d8bf35f7464eb-FRA
content-length: 246659

GET
H2 200 search-icon.png
www.gevonden.cc/images/ 6 KB
6 KB 65ms
64ms Image
image/png 2606:4700:3037::681c:958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gevonden.cc/images/search-icon.png
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681c:958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1da9eaa652bb6c842ba736c24c00c173e84dc01025aedd3e049c34e1762e74d

Request headers

Referer: https://www.gevonden.cc/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 08:07:08 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 22 Feb 2018 11:48:13 GMT
server: cloudflare
etag: "18c6-565cb9e5fd349"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 564d8bf35f7864eb-FRA
content-length: 6342

GET
H2 200 footer-img.png
www.gevonden.cc/images/ 5 KB
5 KB 56ms
56ms Image
image/png 2606:4700:3037::681c:958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gevonden.cc/images/footer-img.png
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681c:958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8cd17deba82c54b30d94146adf0a80135b2c4bf9e5467007b0f0d4f30004661

Request headers

Referer: https://www.gevonden.cc/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 08:07:08 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2018 11:48:13 GMT
server: cloudflare
etag: "14c6-565cb9e5a35cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 564d8bf35f7b64eb-FRA
content-length: 5318

GET
H2 200 GothamRoundedBold_21016.woff
www.gevonden.cc/fonts/ 25 KB
25 KB 64ms
63ms Font
application/x-font-woff 2606:4700:3037::681c:958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gevonden.cc/fonts/GothamRoundedBold_21016.woff
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681c:958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3037bfe3d2fab9e227ba1cd50b58046e30e9528cb4ee9d82d8a4427aa0bd4253

Request headers

Referer: https://www.gevonden.cc/style.css
Origin: https://www.gevonden.cc
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 08:07:08 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2018 11:48:12 GMT
server: cloudflare
etag: W/"6408-565cb9e4bfd40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/x-font-woff
status: 200
cache-control: max-age=14400
cf-ray: 564d8bf36f7d64eb-FRA

GET
H2 200 GothamRoundedLight_21020.woff
www.gevonden.cc/fonts/ 24 KB
24 KB 63ms
63ms Font
application/x-font-woff 2606:4700:3037::681c:958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gevonden.cc/fonts/GothamRoundedLight_21020.woff
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681c:958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 763274fc2b16998d4b389ec81da5119f6e73a76822fef45af8bdf41d3d5cc33d

Request headers

Referer: https://www.gevonden.cc/style.css
Origin: https://www.gevonden.cc
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 08:07:08 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2018 11:48:12 GMT
server: cloudflare
etag: W/"5f58-565cb9e5042fb-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/x-font-woff
status: 200
cache-control: max-age=14400
cf-ray: 564d8bf36f8064eb-FRA

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200212/r20190131/ Frame 3682 0
0 6ms
5ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200212/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200212/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.gevonden.cc/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.gevonden.cc/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 13 Feb 2020 01:43:32 GMT
expires: Thu, 27 Feb 2020 01:43:32 GMT
content-type: text/html; charset=UTF-8
etag: 17772678075199185246
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4496
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 109416
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 43 KB
15 KB 30ms
17ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9LSPLS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b580508e58fda6eb50037d39e200e18dcf8d17e1f740b537c13fc5faed52f1f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 08:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "427 / 196 of 1000 / last-modified: 1581613949"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14504
x-xss-protection: 0
expires: Fri, 14 Feb 2020 08:07:08 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 6DA0 0
0 42ms
42ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1132582634866831&output=html&adk=1812271804&adf=3025194257&lmt=1581667628&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.gevonden.cc%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1581667627938&bpp=125&bdt=46&fdt=158&idt=158&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=108846262419&frm=20&pv=2&ga_vid=1717232856.1581667628&ga_sid=1581667628&ga_hid=517322554&ga_fc=0&iag=0&icsg=8423998&dssz=18&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065304%2C44714169&oid=3&pvsid=1662073417444922&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=169

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1132582634866831&output=html&adk=1812271804&adf=3025194257&lmt=1581667628&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.gevonden.cc%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1581667627938&bpp=125&bdt=46&fdt=158&idt=158&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=108846262419&frm=20&pv=2&ga_vid=1717232856.1581667628&ga_sid=1581667628&ga_hid=517322554&ga_fc=0&iag=0&icsg=8423998&dssz=18&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065304%2C44714169&oid=3&pvsid=1662073417444922&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=169
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.gevonden.cc/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.gevonden.cc/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 14 Feb 2020 08:07:08 GMT
server: cafe
content-length: 439
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 14-Feb-2020 08:22:08 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Fri, 14 Feb 2020 08:07:08 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
27 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 08:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27884
x-xss-protection: 0
expires: Fri, 14 Feb 2020 08:07:08 GMT

GET
H2 200 pubads_impl_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ 167 KB
61 KB 73ms
31ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js?21065540

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

06349254c3a3832ea81973863ce5873ab441c1b8006ee1cb553425d152fabf88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 08:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62230
x-xss-protection: 0
expires: Fri, 14 Feb 2020 08:07:08 GMT

GET
H/1.1 200
OK ast.js Show response
acdn.adnxs.com/ast/ 94 KB
32 KB 70ms
24ms Script
application/javascript 23.210.249.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ast/ast.js
Requested by: Host: nl.ads.justpremium.com
URL: https://nl.ads.justpremium.com/adserve/js.php?zone=39510
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.83 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-83.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 86a02f75821a5b737c3ab14867ae8f0c72574fec81bedeb0b7b19d01dcc39216

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 14 Feb 2020 08:07:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jan 2020 15:02:27 GMT
Server: nginx/1.13.10
ETag: "5e319e83-178ea"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 32537
Expires: Sat, 15 Feb 2020 08:07:10 GMT

GET
H/1.1 200
OK 187594-87313090025858.js Show response
js-sec.indexww.com/ht/p/ 91 KB
28 KB 683ms
630ms Script
text/javascript 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/187594-87313090025858.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9LSPLS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1100a1086bf7d5abe14651aeb51d67612386ab12e4909dd72c38964e64e14298

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 14 Feb 2020 08:07:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Feb 2020 08:05:58 GMT
Server: Apache
ETag: "760d07-16bd4-59e84acf73727"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 27851
Expires: Fri, 14 Feb 2020 09:07:08 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
3 KB 330ms
330ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1662073417444922&correlator=4395562292696057&output=ldjh&impl=fif&adsid=NT&eid=21065540%2C21062453%2C21063635%2C21065304&vrg=2020013001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200214&iu=%2F3740014%2FGevonden.cc%2Fgevonden.cc_0152_201_DFP_sizeless&sz=970x90%7C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1581667628&dt=1581667628256&dlt=1581667627891&idt=354&frm=20&biw=1600&bih=1200&oid=3&adx=540&ady=222&adk=1231878969&uci=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gevonden.cc%2F&dssz=25&icsg=139595491298&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=611x90&msz=611x90&ga_vid=1717232856.1581667628&ga_sid=1581667628&ga_hid=517322554&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js?21065540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

6fe5c3364516b1b4c96ca410a45b518f730e71a946c501803039197e047d957a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gevonden.cc/
Origin: https://www.gevonden.cc
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 08:07:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2535
x-xss-protection: 0
google-lineitem-id: 4455922557
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138243332912
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gevonden.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ 66 KB
24 KB 32ms
32ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js?21065540

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js?21065540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

ebe54c2b4cdb3fc0bd7bd45b2ce574428f0e970bdd1e9395f50916bce1628cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 08:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24903
x-xss-protection: 0
expires: Fri, 14 Feb 2020 08:07:08 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 19ms
7ms Other
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js?21065540
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
3 KB 653ms
653ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1662073417444922&correlator=4395562292696057&output=ldjh&impl=fif&adsid=NT&eid=21065540%2C21062453%2C21063635%2C21065304&vrg=2020013001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200214&iu=%2F3740014%2FGevonden.cc%2Fgevonden.cc_0152_202_DFP_sizeless&sz=970x90%7C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1581667628&dt=1581667628264&dlt=1581667627891&idt=354&frm=20&biw=1600&bih=1200&oid=3&adx=540&ady=659&adk=1444887441&uci=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gevonden.cc%2F&dssz=26&icsg=689351305186&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=611x90&msz=611x90&ga_vid=1717232856.1581667628&ga_sid=1581667628&ga_hid=517322554&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js?21065540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

753a9a1fa3d73f841436cf70edff129314c3eb1aa3c2f2409c02eb1ccd205419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gevonden.cc/
Origin: https://www.gevonden.cc
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 08:07:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2532
x-xss-protection: 0
google-lineitem-id: 4788987070
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138243484225
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gevonden.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 451E 0
0 34ms
33ms Fetch
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvx1XNqXqIbobx1CrHQDNPfmPjUc2tLXS8HkkavZCoaVtm1B0Or2iRFcodntZXyR_HE5qYMfL9PJF4AZuzVZfYl2x8tq0_7yBjQFeHfuB1eUf0Bbeth9gkWi8OGs-_6h10jTgUbBxSgUF809dvd9P0ixwiWikmVNcGVIMmEo9-IYBik80e2lqDU_HqaeuFNxqrSBbelBVM_ZyFNZCtjFxLgSjDsSDWjd7jkjD43uP4PCaL22QvEDBuy2cgqw1g92NKMokBQtkFnyfXJe3WqtsSMLMRzs6JjcWbQqBZ2zZjcx6UH&sig=Cg0ArKJSzMh4C3L_9GTzEAE&urlfix=1&adurl=

Requested by

Host: www.gevonden.cc
URL: https://www.gevonden.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Fri, 14 Feb 2020 08:07:08 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/ Frame 451E
Redirect Chain

https://secure.adnxs.com/ttj?id=12215531&size=970x90&promo_sizes=728x90&promo_alignment=center&cb=1449820219&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstrIg_NUT9YcRJKttG...
https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D12215531%26size%3D970x90%26promo_sizes%3D728x90%26promo_alignment%3Dcenter%26cb%3D1449820219%26pubclick%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs...

8 KB
4 KB

23ms
22ms

Script
application/javascript

37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D12215531%26size%3D970x90%26promo_sizes%3D728x90%26promo_alignment%3Dcenter%26cb%3D1449820219%26pubclick%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%25253Fxai%25253DAKAOjstrIg_NUT9YcRJKttGUuJQJCBDbL-ZNvwMZyDWC3vdlFmV0jm6IZvqYEfihkrx91qtYn7Gb4-3zZUozkC68K1PgTJvyRYIh1YOBfORDSvj4GvnDbwUXSmPIOdRKrx4pwR4_ChBIaGSf5EpQ7Si-b1NYBJMha0kx8xwNME3DZfD-k5vYd4jV7OACe2hbRI80bdvhkaRNm7zk5j3XtnJB2TT8XW_g4kjWRTnfWVYL9tvDGfecqIg_6aAGWIfAssPdI0HJz4ikIuOhsYvUYbpTKc8NiSog-_Q2BbsilF7pa33_%252526sig%25253DCg0ArKJSzEbc96GUxyUlEAE%252526urlfix%25253D1%252526adurl%25253D

Requested by

Host: www.gevonden.cc
URL: https://www.gevonden.cc/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

2a2364a3b22db53b1b7fb014c5b13d658806951bc0a6fd894013a180aec6f944

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 14 Feb 2020 08:07:10 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 85.159.237.66; 85.159.237.66; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.25:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 1b1eeda4-abe3-4f34-a1ed-06fc5eee245c
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 14 Feb 2020 08:07:10 GMT
AN-X-Request-Uuid: 900ade8c-1688-4455-80c3-8dea4c2aece8
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D12215531%26size%3D970x90%26promo_sizes%3D728x90%26promo_alignment%3Dcenter%26cb%3D1449820219%26pubclick%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%25253Fxai%25253DAKAOjstrIg_NUT9YcRJKttGUuJQJCBDbL-ZNvwMZyDWC3vdlFmV0jm6IZvqYEfihkrx91qtYn7Gb4-3zZUozkC68K1PgTJvyRYIh1YOBfORDSvj4GvnDbwUXSmPIOdRKrx4pwR4_ChBIaGSf5EpQ7Si-b1NYBJMha0kx8xwNME3DZfD-k5vYd4jV7OACe2hbRI80bdvhkaRNm7zk5j3XtnJB2TT8XW_g4kjWRTnfWVYL9tvDGfecqIg_6aAGWIfAssPdI0HJz4ikIuOhsYvUYbpTKc8NiSog-_Q2BbsilF7pa33_%252526sig%25253DCg0ArKJSzEbc96GUxyUlEAE%252526urlfix%25253D1%252526adurl%25253D
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 85.159.237.66; 85.159.237.66; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.37:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 451E 72 KB
27 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js?21065540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bbe4d4e1a168926c878be73ce8e09b71e70f3823575de43e0623a4e2dfb609d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 08:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27600
x-xss-protection: 0
expires: Fri, 14 Feb 2020 08:07:08 GMT

GET
H2 200 sync Show response
gum.criteo.com/ Frame 451E 51 B
333 B 53ms
15ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a

Requested by

Host: secure.adnxs.com
URL: https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D12215531%26size%3D970x90%26promo_sizes%3D728x90%26promo_alignment%3Dcenter%26cb%3D1449820219%26pubclick%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%25253Fxai%25253DAKAOjstrIg_NUT9YcRJKttGUuJQJCBDbL-ZNvwMZyDWC3vdlFmV0jm6IZvqYEfihkrx91qtYn7Gb4-3zZUozkC68K1PgTJvyRYIh1YOBfORDSvj4GvnDbwUXSmPIOdRKrx4pwR4_ChBIaGSf5EpQ7Si-b1NYBJMha0kx8xwNME3DZfD-k5vYd4jV7OACe2hbRI80bdvhkaRNm7zk5j3XtnJB2TT8XW_g4kjWRTnfWVYL9tvDGfecqIg_6aAGWIfAssPdI0HJz4ikIuOhsYvUYbpTKc8NiSog-_Q2BbsilF7pa33_%252526sig%25253DCg0ArKJSzEbc96GUxyUlEAE%252526urlfix%25253D1%252526adurl%25253D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 08:07:08 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000
content-length: 169
expires: 60

GET
H/1.1 200
OK ttj Show response
secure.adnxs.com/ Frame 451E 0
816 B 28ms
27ms Script
text/html 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ttj?ttjb=1&bdc=1581667630&bdh=Lyu7wTyNFKWPeaLnGGUVlUZpfE8.&&bdref=https%3A%2F%2Fwww.gevonden.cc%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.gevonden.cc%2F,https%3A%2F%2Fwww.gevonden.cc%2F&&id=12215531&size=970x90&promo_sizes=728x90&promo_alignment=center&cb=1449820219&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstrIg_NUT9YcRJKttGUuJQJCBDbL-ZNvwMZyDWC3vdlFmV0jm6IZvqYEfihkrx91qtYn7Gb4-3zZUozkC68K1PgTJvyRYIh1YOBfORDSvj4GvnDbwUXSmPIOdRKrx4pwR4_ChBIaGSf5EpQ7Si-b1NYBJMha0kx8xwNME3DZfD-k5vYd4jV7OACe2hbRI80bdvhkaRNm7zk5j3XtnJB2TT8XW_g4kjWRTnfWVYL9tvDGfecqIg_6aAGWIfAssPdI0HJz4ikIuOhsYvUYbpTKc8NiSog-_Q2BbsilF7pa33_%2526sig%253DCg0ArKJSzEbc96GUxyUlEAE%2526urlfix%253D1%2526adurl%253D

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Fri, 14 Feb 2020 08:07:10 GMT
AN-X-Request-Uuid: ca1e5535-3c50-42ad-876a-764a6d4324d9
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 85.159.237.66; 85.159.237.66; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.55:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 451E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67c34438a0e8ab3423cddecdc5487835d742613d29d33dfa74010235643be1f2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame E496 0
0 35ms
33ms Fetch
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstV6HYV5pSgKZh3A5fxB4xB4M_GgFg068chVmhu-HiS8VX3_VRl_SgjIAElLiDlwj0nsX3bxXJbg8Ub0joiUqE93aim_DNz-e9BVvMcNhCcTP998W35yO5ZXQcBJjEBnWkYuOynMzHvHaMDFc6k_RCWcGaZc3tk2ijvZqyM0bk7GVLq_FgMAVZ2LbDqhFjTS2Lv6_ZLHihCOHmXQplfaAe7Tcx4cZwgX4AltNhQCKYHPrWR1zA-t0QkOCMKvcMX53ZPmY7wsvHWSCrzYpzY4uIyfCatTYMicyMhRQWZY9R_WG-F&sig=Cg0ArKJSzEqkyqp_7InJEAE&urlfix=1&adurl=

Requested by

Host: www.gevonden.cc
URL: https://www.gevonden.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Fri, 14 Feb 2020 08:07:08 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK ttj Show response
secure.adnxs.com/ Frame E496 8 KB
4 KB 24ms
22ms Script
application/javascript 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ttj?id=13925367&size=970x90&promo_sizes=728x90&promo_alignment=center&cb=1757242267&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstVAzj4UZn4TQ6J6N3KCAzXviyQbGLiVtA_xpPiekTXdjOL1tY1EolGQNiwNfys_s4CwPC3YySZesO5rkP1S9hDo6ajHPFzBY2z3h8fqql87nWKbHm0ZvgyWFK9eelSUiwJ77zBWcOZ6p3cndz_4qDrfxBNvP0nNWvjplg9TafGmPwu-vCk6Pi8-C3opyKcG1RohWWSzndxytJC2wlja38LQZLwkgRVNXS7c5YS-uUIj6llKBKOWkFPTsBoAAfOUTIaW_KfC6SYMCXofyMHAAc9G1qdvLNc5AF6hWPPt8aD%2526sig%253DCg0ArKJSzEGFl9dWfmc-EAE%2526urlfix%253D1%2526adurl%253D

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js?21065540

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4c116971435f5105187b69d9c11e8c421978aa79fbde8c44ca51ac3b5ee4b400

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 14 Feb 2020 08:07:10 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 85.159.237.66; 85.159.237.66; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.238:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5a60d779-6b78-4cf2-a666-e65696dc8930
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame E496 72 KB
27 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js?21065540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bbe4d4e1a168926c878be73ce8e09b71e70f3823575de43e0623a4e2dfb609d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 08:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27600
x-xss-protection: 0
expires: Fri, 14 Feb 2020 08:07:08 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 66 B
1 KB 133ms
89ms XHR
text/javascript 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?v=7.2&s=343680&fn=headertag.IndexExchangeHtb.adResponseCallback&r=%7B%22id%22%3A98771789%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gevonden.cc%2F%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%222%22%2C%22siteID%22%3A%22351713%22%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%223%22%2C%22siteID%22%3A%22351711%22%7D%2C%22id%22%3A%222%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187594-87313090025858.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 25577f833d4e24bb6a11a23c4b12a16d872813004a5f171a5e1e2035e6fe2f5e

Request headers

Referer: https://www.gevonden.cc/
Origin: https://www.gevonden.cc
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 14 Feb 2020 08:07:09 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.gevonden.cc
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 86
Expires: Fri, 14 Feb 2020 08:07:09 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 66 B
1 KB 115ms
71ms XHR
text/javascript 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?v=7.2&s=343680&fn=headertag.IndexExchangeHtb.adResponseCallback&r=%7B%22id%22%3A34611876%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gevonden.cc%2F%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%225%22%2C%22siteID%22%3A%22351710%22%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%226%22%2C%22siteID%22%3A%22351708%22%7D%2C%22id%22%3A%222%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187594-87313090025858.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d8433d8f365d339d0bbffa14580e324fcbd8a963679ab21a1cddd450e7e4021c

Request headers

Referer: https://www.gevonden.cc/
Origin: https://www.gevonden.cc
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 14 Feb 2020 08:07:09 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.gevonden.cc
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 86
Expires: Fri, 14 Feb 2020 08:07:09 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 329 B
225 B 72ms
72ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1662073417444922&correlator=4395562292696057&output=ldjh&impl=fif&adsid=NT&eid=21065540%2C21062453%2C21063635%2C21065304&vrg=2020013001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200214&iu=%2F3740014%2FGevonden.cc%2Fgevonden.cc_0152_401_DFP_1x1&sz=1x1&ists=1&cookie=ID%3D85fbe278bfc56c24%3AT%3D1581667628%3AS%3DALNI_Mb1jggBvqGaj5ZM188LSyedZ1JZeA&cookie_enabled=1&bc=31&abxe=1&lmt=1581667628&dt=1581667628968&dlt=1581667627891&idt=354&frm=20&biw=1600&bih=1200&oid=3&adx=0&ady=960&adk=946313782&uci=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gevonden.cc%2F&dssz=29&icsg=689351305186&mso=32&std=0&csl=74&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x961&msz=1600x1&psts=AA2WTGOFvlsc8D2wW8iFB1sZJZ5dYbnF_Ls_ZEilbnVepn_zVveMCQQLpmMR-RAn_BAugzT1-k15TR6jYSjwlREhig0%2CAA2WTGNL_1PR6OZNkckrzxpOd5gbNOpaBky1lYbxV5s6d4w15nT6Ti73AMV0OqXU1IxhbX5eYWmkxOsnftOnN-ZceWA&ga_vid=1717232856.1581667628&ga_sid=1581667628&ga_hid=517322554&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js?21065540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

8e81fe23ad8a0ee46817de0141bc11ad880e8a4745d0d8bd76d1040321dbf26c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gevonden.cc/
Origin: https://www.gevonden.cc
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 08:07:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 140
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gevonden.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ttj Show response
secure.adnxs.com/ Frame E496 0
817 B 29ms
28ms Script
text/html 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ttj?ttjb=1&bdc=1581667630&bdh=Lyu7wTyNFKWPeaLnGGUVlUZpfE8.&&bdref=https%3A%2F%2Fwww.gevonden.cc%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.gevonden.cc%2F,https%3A%2F%2Fwww.gevonden.cc%2F&&id=13925367&size=970x90&promo_sizes=728x90&promo_alignment=center&cb=1757242267&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstVAzj4UZn4TQ6J6N3KCAzXviyQbGLiVtA_xpPiekTXdjOL1tY1EolGQNiwNfys_s4CwPC3YySZesO5rkP1S9hDo6ajHPFzBY2z3h8fqql87nWKbHm0ZvgyWFK9eelSUiwJ77zBWcOZ6p3cndz_4qDrfxBNvP0nNWvjplg9TafGmPwu-vCk6Pi8-C3opyKcG1RohWWSzndxytJC2wlja38LQZLwkgRVNXS7c5YS-uUIj6llKBKOWkFPTsBoAAfOUTIaW_KfC6SYMCXofyMHAAc9G1qdvLNc5AF6hWPPt8aD%2526sig%253DCg0ArKJSzEGFl9dWfmc-EAE%2526urlfix%253D1%2526adurl%253D

Requested by

Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?id=13925367&size=970x90&promo_sizes=728x90&promo_alignment=center&cb=1757242267&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstVAzj4UZn4TQ6J6N3KCAzXviyQbGLiVtA_xpPiekTXdjOL1tY1EolGQNiwNfys_s4CwPC3YySZesO5rkP1S9hDo6ajHPFzBY2z3h8fqql87nWKbHm0ZvgyWFK9eelSUiwJ77zBWcOZ6p3cndz_4qDrfxBNvP0nNWvjplg9TafGmPwu-vCk6Pi8-C3opyKcG1RohWWSzndxytJC2wlja38LQZLwkgRVNXS7c5YS-uUIj6llKBKOWkFPTsBoAAfOUTIaW_KfC6SYMCXofyMHAAc9G1qdvLNc5AF6hWPPt8aD%2526sig%253DCg0ArKJSzEGFl9dWfmc-EAE%2526urlfix%253D1%2526adurl%253D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Fri, 14 Feb 2020 08:07:10 GMT
AN-X-Request-Uuid: 7f421f22-4d65-47d4-bd88-0f3022049b3a
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 85.159.237.66; 85.159.237.66; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.110:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E496 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2222b7911b03c9f557f2e70ccf37bd758595c330c7bdf5a49ec45130c9628d1b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
339 B 73ms
30ms XHR
text/plain 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=343680&u=https%3A%2F%2Fwww.gevonden.cc%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187594-87313090025858.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gevonden.cc/
Origin: https://www.gevonden.cc
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 14 Feb 2020 08:07:09 GMT
Server: Apache
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.gevonden.cc
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Fri, 14 Feb 2020 08:07:09 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
339 B 65ms
25ms XHR
text/plain 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=343680&u=https%3A%2F%2Fwww.gevonden.cc%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187594-87313090025858.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gevonden.cc/
Origin: https://www.gevonden.cc
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 14 Feb 2020 08:07:09 GMT
Server: Apache
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.gevonden.cc
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Fri, 14 Feb 2020 08:07:09 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 451E 42 B
142 B 17ms
17ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNT1SWGTGX_Ti9IHxlPBPSV48n7FgGUSkLdb4FZIPmmkDq-vuOhpHNid3Itny94dd5GQFvQ1Vv9DKMcXqjjHdsE3z1LLtf0Rr7c7pn1kE&sig=Cg0ArKJSzBeNqRhNug2uEAE&adk=1231878969&tt=-1&bs=1600%2C1200&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&p=222,540,312,1510&mcvt=1021&rs=0&ht=0&tfs=113&tls=1134&mc=1&lte=0&bas=0&bac=0&met=ce&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1581667628631&dlt&rpt=159&isd=0&msd=0&ext&xdi=0&ps=1600%2C960&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-7-11-11-0-0-0&tvt=1129&is=970%2C90&iframe_loc=https%3A%2F%2Fwww.gevonden.cc%2F&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 08:07:09 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E496 42 B
110 B 17ms
17ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMQ_WquUdGnWgfiS7mArUhShBDQDGyzaNoDBL5OV8mC0PvwmLwoBLcQLPJ6WG8sfweaC0CiQ50k4gTciOhkTQLmUC0JPUzjmXogVudltg&sig=Cg0ArKJSzJyBPtQwpzjKEAE&adk=1444887441&tt=-1&bs=1600%2C1200&mtos=1027,1027,1027,1027,1027&tos=1027,0,0,0,0&p=659,540,749,1510&mcvt=1027&rs=0&ht=0&tfs=103&tls=1130&mc=1&lte=0&bas=0&bac=0&met=ce&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1581667628932&dlt&rpt=77&isd=0&msd=0&ext&xdi=0&ps=1600%2C960&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1130&is=970%2C90&iframe_loc=https%3A%2F%2Fwww.gevonden.cc%2F&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gevonden.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 08:07:10 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set sync
pre.ads.justpremium.com/v/1.0/t/ Frame F217 0
0 120ms
30ms Document
text/html 52.29.136.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.ads.justpremium.com/v/1.0/t/sync?
Requested by: Host: nl.ads.justpremium.com
URL: https://nl.ads.justpremium.com/adserve/js.php?zone=39510
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.136.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-136-183.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Host: pre.ads.justpremium.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.gevonden.cc/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: jpxsession=eb55c5af-3b0c-9cc4-2cb7-450a9c2b8d6c-1581667627959
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.gevonden.cc/

Response headers

Cache-Control: public, no-cache, no-store, must-revalidate
Cache-control: no-cache="set-cookie"
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 14 Feb 2020 08:07:10 GMT
Server: nginx
Set-Cookie: OX_u=; max-age=-1581667630.26; expires=Thu Jan 01 1970 00:00:00 GMT+0000 (Coordinated Universal Time); path=/; domain=.justpremium.com; SameSite=None; Secure; jpxumaster=m-b9f2dc7f-4737-4fe8-ade9-cfc59470396a-11993-830881438; max-age=2592000; expires=Sun Mar 15 2020 08:07:10 GMT+0000 (Coordinated Universal Time); path=/; domain=.justpremium.com; SameSite=None; Secure; AWSELB=DDBD3FE10CA92227E86D526AF48455F2B306019B68A6208BBC1A4DB59614ED0577704D527937692143DE8F6CFB4830EE2FAB90AAA9D92FB6C7AF6CEF04C1B4354F189E5627;PATH=/;MAX-AGE=60 AWSELBCORS=DDBD3FE10CA92227E86D526AF48455F2B306019B68A6208BBC1A4DB59614ED0577704D527937692143DE8F6CFB4830EE2FAB90AAA9D92FB6C7AF6CEF04C1B4354F189E5627;PATH=/;MAX-AGE=60;SECURE;SAMESITE=None
Content-Length: 1391
Connection: keep-alive

GET
H2 200 / Show response
nl.ads.justpremium.com/adserve/client/ 12 KB
4 KB 40ms
40ms XHR
application/json 3.122.22.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nl.ads.justpremium.com/adserve/client/?zone=39510&debug=1&ru=https%3A%2F%2Fwww.gevonden.cc%2F&sw=1600&sh=1200&ww=1600&wh=1200&ui=1349f851-924d-c6c8-28da-3287d04259d4-1581667627959&tt=1581667630157&rid=4a68e4e5-326d-2105-943e-af7a1ffc7bf3-1581667627959&eu=1&cs=
Requested by: Host: nl.ads.justpremium.com
URL: https://nl.ads.justpremium.com/adserve/js.php?zone=39510
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.22.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-22-27.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0d97bba946b46f44ef61822bc764b881f435ea071fc30257c50c1ad2c0855420

Request headers

Referer: https://www.gevonden.cc/
Origin: https://www.gevonden.cc
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 08:07:10 GMT
content-encoding: gzip
server: nginx
status: 200
vary: origin,accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gevonden.cc
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H/1.1 200
OK tracking.gif
tracking.justpremium.com/ Frame 5D79 43 B
332 B 30ms
30ms Image
image/gif 52.17.234.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.justpremium.com/tracking.gif?rid=4a68e4e5-326d-2105-943e-af7a1ffc7bf3-1581667627959&sid=eb55c5af-3b0c-9cc4-2cb7-450a9c2b8d6c-1581667627959&uid=1349f851-924d-c6c8-28da-3287d04259d4-1581667627959&vr=v2.5.325&ru=https%3A%2F%2Fwww.gevonden.cc%2F&tt=1581667630705&siw=1100&sh=1200&sw=1600&wh=1200&ww=1600&an=3.0.0&vn=eu-central-1&sd=&_c=alljky21581667630705&et=&aid=203059,203059,213597,213597,202071,302667,302667&said=590065,347014,590064,367213,345160,615929,615930&ei=16651068%2C1092392%2C16651067%2C1123251%2C115840%2C16684586%2C22094275&fc=pu,pu,cf,cf,wv,wp,wp&sp=32,1,32,1,24,32,1&at=adserver&cid=&ist=0,0,0,0,0,0,0&mg=&dl=&dlt=&ev=&vt=&zid=39510&dr=548&di=&pr=&cw=&ch=&nt=&st=&jp=%7B%22ph%22%3A960%7D&ty=ex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.234.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-234-156.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 14 Feb 2020 08:07:10 GMT
Last-Modified: Tue, 29 Oct 2019 11:59:16 GMT
Server: nginx
ETag: "5db82994-2b"
Content-Type: image/gif
Cache-Control: public, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43

GET
H/1.1 200
OK 115840 Show response
search.spotxchange.com/vast/2.00/ 67 B
1 KB 93ms
50ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.00/115840?VPAID=js&player_width=1800&player_height=1000&content_page_url=https%3A%2F%2Fwww.gevonden.cc%2F&ad_mute=1&ad_volume=0&ad_unit=instream&sdk_name=Direct_AdOS_SDK&sdk_version=1.25.0&sdk_dist=-beta&vast_and_cached_response=false&hide_skin=1&custom%5Bch%5D=in&custom%5Bf%5D=13.0&custom%5Badid%5D=202071&custom%5Bzid%5D=39510&user[consent]=1&regs[gdpr]=1&media_transcoding[]=medium&cb=1581667630707
Requested by: Host: cdn.justpremium.com
URL: https://cdn.justpremium.com/js/v2.5.325/jpx.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://www.gevonden.cc/
Origin: https://www.gevonden.cc
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 14 Feb 2020 08:07:10 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000207
X-SpotX-Timing-SpotMarket: 0.029114
X-SpotX-Timing-Page-Mux: 0.000217
X-SpotX-Timing-Page-Require: 0.000280
X-fe: 096
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000028
Content-Length: 76
X-SpotX-Timing-Page: 0.032137
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000214
Last-Modified: Fri, 14 Feb 2020 08:07:10 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.029114
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.gevonden.cc
X-SpotX-Timing-Page-Misc: 0.002067
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
pre.ads.justpremium.com/v/1.0/t/singletag/ 2 B
1 KB 107ms
107ms XHR
application/json 52.29.136.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.ads.justpremium.com/v/1.0/t/singletag/?i=1581667630709
Requested by: Host: cdn.justpremium.com
URL: https://cdn.justpremium.com/js/v2.5.325/jpx.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.136.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-136-183.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.gevonden.cc/
Origin: https://www.gevonden.cc
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 14 Feb 2020 08:07:10 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
Access-Control-Allow-Origin: https://www.gevonden.cc
Cache-Control: public, no-cache, no-store, must-revalidate, no-cache="set-cookie"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 22

GET
H/1.1 200
OK tracking.gif
tracking.justpremium.com/ Frame 5D79 43 B
332 B 30ms
30ms Image
image/gif 52.17.234.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.justpremium.com/tracking.gif?rid=4a68e4e5-326d-2105-943e-af7a1ffc7bf3-1581667627959&sid=eb55c5af-3b0c-9cc4-2cb7-450a9c2b8d6c-1581667627959&uid=1349f851-924d-c6c8-28da-3287d04259d4-1581667627959&vr=v2.5.325&ru=https%3A%2F%2Fwww.gevonden.cc%2F&tt=1581667630768&siw=1100&sh=1200&sw=1600&wh=1200&ww=1600&an=3.0.0&vn=eu-central-1&sd=&_c=ask5hl51581667630768&et=&aid=202071,203059,203059,213597,213597,302667,302667&said=345160,590065,347014,590064,367213,615929,615930&ei=115840%2C16651068%2C1092392%2C16651067%2C1123251%2C16684586%2C22094275&fc=wv,pu,pu,cf,cf,wp,wp&sp=24,32,1,32,1,32,1&at=adserver&cid=&ist=0,0,0,0,0,0,0&mg=&dl=&dlt=&ev=&vt=&zid=39510&dr=611&di=&pr=&cw=&ch=&nt=&st=&jp=%7B%22ph%22%3A960%7D&ty=adr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.234.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-234-156.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 14 Feb 2020 08:07:10 GMT
Last-Modified: Tue, 29 Oct 2019 11:59:16 GMT
Server: nginx
ETag: "5db82994-2b"
Content-Type: image/gif
Cache-Control: public, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43

GET
H/1.1 200
OK 115840 Show response
search.spotxchange.com/vast/2.00/ 67 B
1 KB 29ms
29ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.00/115840?VPAID=js&player_width=1800&player_height=1000&content_page_url=https%3A%2F%2Fwww.gevonden.cc%2F&ad_mute=1&ad_volume=0&ad_unit=instream&sdk_name=Direct_AdOS_SDK&sdk_version=1.25.0&sdk_dist=-beta&vast_and_cached_response=false&hide_skin=1&custom%5Bch%5D=in&custom%5Bf%5D=13.0&custom%5Badid%5D=202071&custom%5Bzid%5D=39510&user[consent]=1&regs[gdpr]=1&media_transcoding[]=medium&cb=1581667635961
Requested by: Host: cdn.justpremium.com
URL: https://cdn.justpremium.com/js/v2.5.325/jpx.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://www.gevonden.cc/
Origin: https://www.gevonden.cc
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 14 Feb 2020 08:07:15 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000576
X-SpotX-Timing-SpotMarket: 0.007900
X-SpotX-Timing-Page-Mux: 0.000205
X-SpotX-Timing-Page-Require: 0.000328
X-fe: 115
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000028
Content-Length: 76
X-SpotX-Timing-Page: 0.012079
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000288
Last-Modified: Fri, 14 Feb 2020 08:07:15 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.007900
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.gevonden.cc
X-SpotX-Timing-Page-Misc: 0.002732
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000021
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
pre.ads.justpremium.com/v/1.0/t/singletag/ 2 B
1 KB 106ms
105ms XHR
application/json 52.29.136.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.ads.justpremium.com/v/1.0/t/singletag/?i=1581667635962
Requested by: Host: cdn.justpremium.com
URL: https://cdn.justpremium.com/js/v2.5.325/jpx.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.136.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-136-183.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.gevonden.cc/
Origin: https://www.gevonden.cc
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 14 Feb 2020 08:07:16 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
Access-Control-Allow-Origin: https://www.gevonden.cc
Cache-Control: public, no-cache, no-store, must-revalidate, no-cache="set-cookie"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 22

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 16:42:43	Name: IDE Value: AHWqTUnArMHzKMflpba21UmAlsKQEyKhFpkafIcUS76u-N93cCgUmtDjre1vIYHt
.gevonden.cc/	1970-01-20 00:52:19	Name: __gads Value: ID=85fbe278bfc56c24:T=1581667628:S=ALNI_Mb1jggBvqGaj5ZM188LSyedZ1JZeA
.gevonden.cc/	1970-01-19 07:21:07	Name: _gat_UA-118647873-1 Value: 1
.gevonden.cc/	1970-01-19 07:21:07	Name: _gat_gtag_UA_115827224_1 Value: 1
.gevonden.cc/	1970-01-20 00:52:19	Name: _ga Value: GA1.2.1717232856.1581667628
.gevonden.cc/	1970-01-19 07:22:34	Name: _gid Value: GA1.2.1704373617.1581667628
.gevonden.cc/	1970-01-19 08:04:19	Name: __cfduid Value: d8488b563f1be65b15bb211c6563a61e31581667627

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://acdn.adnxs.com/ast/ast.js(Line 1) Message: AST library loaded: 0.28.0
console-api	log	URL: https://cdn.justpremium.com/js/v2.5.325/jpx.js(Line 1) Message: %c(00:00:495.71)%cJAdManager: version v2.5.325 initialized padding: 2px; background: rgba(0, 0, 0, 0.5); color: rgba(255, 255, 255, 1); padding: 2px; background: rgba( 0, 153, 204, 0.3); color: rgba( 0, 153, 204, 1);
console-api	log	URL: https://cdn.justpremium.com/js/v2.5.325/jpx.js(Line 1) Message: (https://cdn.justpremium.com/js/v2.5.325/jpx.js:1:192709)
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js?21065540(Line 6) Message: Exception in queued GPT command TypeError: Cannot read property 'addService' of null
console-api	log	URL: https://cdn.justpremium.com/js/v2.5.325/jpx.js(Line 1) Message: %c(00:03:179.99)%cJQueue: No ad to run padding: 2px; background: rgba(0, 0, 0, 0.5); color: rgba(255, 255, 255, 1); padding: 2px; background: rgba( 0, 153, 204, 0.3); color: rgba( 0, 153, 204, 1);
console-api	log	URL: https://cdn.justpremium.com/js/v2.5.325/jpx.js(Line 1) Message: (https://cdn.justpremium.com/js/v2.5.325/jpx.js:1:39865)
console-api	log	URL: https://cdn.justpremium.com/js/v2.5.325/jpx.js(Line 1) Message: %c(00:08:433.08)%cJQueue: No ad to run padding: 2px; background: rgba(0, 0, 0, 0.5); color: rgba(255, 255, 255, 1); padding: 2px; background: rgba( 0, 153, 204, 0.3); color: rgba( 0, 153, 204, 1);
console-api	log	URL: https://cdn.justpremium.com/js/v2.5.325/jpx.js(Line 1) Message: (https://cdn.justpremium.com/js/v2.5.325/jpx.js:1:39865)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
adservice.google.com
adservice.google.de
as-sec.casalemedia.com
cdn.justpremium.com
googleads.g.doubleclick.net
gum.criteo.com
js-sec.indexww.com
nl.ads.justpremium.com
pagead2.googlesyndication.com
pre.ads.justpremium.com
search.spotxchange.com
secure.adnxs.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tracking.justpremium.com
www.gevonden.cc
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
13.225.78.59
172.217.22.2
185.94.180.123
23.210.249.164
23.210.249.83
2606:4700:3037::681c:958
2a00:1450:4001:806::2008
2a00:1450:4001:806::200e
2a00:1450:4001:814::2002
2a00:1450:4001:81e::2001
2a00:1450:4001:820::2002
2a00:1450:400c:c00::9b
2a02:2638::1c
3.122.22.27
37.252.173.38
52.17.234.156
52.29.136.183
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06349254c3a3832ea81973863ce5873ab441c1b8006ee1cb553425d152fabf88
0d97bba946b46f44ef61822bc764b881f435ea071fc30257c50c1ad2c0855420
1100a1086bf7d5abe14651aeb51d67612386ab12e4909dd72c38964e64e14298
1cc33b0645193b03341bb802079e2cb8e29848f82f7440ed13984b01e1f2ef1c
2222b7911b03c9f557f2e70ccf37bd758595c330c7bdf5a49ec45130c9628d1b
25577f833d4e24bb6a11a23c4b12a16d872813004a5f171a5e1e2035e6fe2f5e
2a2364a3b22db53b1b7fb014c5b13d658806951bc0a6fd894013a180aec6f944
2bbe4d4e1a168926c878be73ce8e09b71e70f3823575de43e0623a4e2dfb609d
3037bfe3d2fab9e227ba1cd50b58046e30e9528cb4ee9d82d8a4427aa0bd4253
460c16e3336e92c24e18f94c1a8380d9d9d4ba1f744547e3d214305027f76c4a
4c116971435f5105187b69d9c11e8c421978aa79fbde8c44ca51ac3b5ee4b400
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51306b94354b978995db93f41f35703be797c4ae698013ffac3a20810d1947ae
67c34438a0e8ab3423cddecdc5487835d742613d29d33dfa74010235643be1f2
6d23d32e6bdd43e3186a05296510a1eca1a6ab6c2cbac3066d4ab7c6f747ac37
6fe5c3364516b1b4c96ca410a45b518f730e71a946c501803039197e047d957a
7489ac302947c2b69b5ef7fc5c418fc5f03c342f77e4076b0f57e4d4712285a2
753a9a1fa3d73f841436cf70edff129314c3eb1aa3c2f2409c02eb1ccd205419
763274fc2b16998d4b389ec81da5119f6e73a76822fef45af8bdf41d3d5cc33d
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86a02f75821a5b737c3ab14867ae8f0c72574fec81bedeb0b7b19d01dcc39216
8e81fe23ad8a0ee46817de0141bc11ad880e8a4745d0d8bd76d1040321dbf26c
98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3
9b8bd48fdcc4a1aba295611eb00f6cb9476bd32908a6da45f3102f700bcb7040
a1da9eaa652bb6c842ba736c24c00c173e84dc01025aedd3e049c34e1762e74d
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a
b4714d5afbd206aa6e5862b917a3dd866d71f043e37cb2e1889f3a4e896291de
b580508e58fda6eb50037d39e200e18dcf8d17e1f740b537c13fc5faed52f1f5
b6e788b9f19b4e172b423477ac957bcacd2eaec47bd48ed7a336007b797bbed2
b9ac0a22925f718ab22622bf58ecd1995aef7fbe59f5f9811afaa835fbb450da
c61d53c6505e7604efa05c6ccef932f18d110d33cc7970696533e72ebdf732d3
c8cd17deba82c54b30d94146adf0a80135b2c4bf9e5467007b0f0d4f30004661
d699f303990ce9bd7d7c97e9bd3cad6a46ecf2532f475cf22ae58213237821b9
d8433d8f365d339d0bbffa14580e324fcbd8a963679ab21a1cddd450e7e4021c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea4be333cae007cd9cef001830f2652fbdd426f17ee11babe5e3d3609e362c18
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ebe54c2b4cdb3fc0bd7bd45b2ce574428f0e970bdd1e9395f50916bce1628cc6
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ee948c85e0825b84d3052e087accfc7c2a38260b4d1fc5b6233d59378434a4d9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04fd5209a9c5c3cfb005e2d3d425bd9f43591497fbebd461cfbe5143e952980
fbc8bf9d7f5524b49d5ca9f5a27abd21cff789baf1508f778fab156c7b4947e7

www.gevonden.cc Open in urlscan Pro 2606:4700:3037::681c:958 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

62 Requests

100 %HTTPS

47 %IPv6

14 Domains

21 Subdomains

18 IPs

7 Countries

935 kBTransfer

2205 kBSize

7 Cookies

0 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gevonden.cc Open in urlscan Pro
2606:4700:3037::681c:958 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

100 %
HTTPS

47 %
IPv6

14
Domains

21
Subdomains

18
IPs

7
Countries

935 kB
Transfer

2205 kB
Size

7
Cookies

62 HTTP transactions
2 data transactions