geldlenenzonderbkr.com Open in urlscan Pro
185.95.15.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.geldlenenzonderbkr.com/
Effective URL:
https://geldlenenzonderbkr.com/
Submission: On January 29 via automatic, source certstream-suspicious (January 29th 2021, 6:57:50 am UTC)

Summary HTTP 39 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 39 HTTP transactions. The main IP is 185.95.15.3, located in Netherlands and belongs to HOSTNET, NL. The main domain is geldlenenzonderbkr.com.
TLS certificate: Issued by R3 on January 29th 2021. Valid for: 3 months.

This is the only time geldlenenzonderbkr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 13	185.95.15.3 185.95.15.3	197902 (HOSTNET) (HOSTNET)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
2	35.190.90.202 35.190.90.202	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
39	11

13 185.95.15.3 (Netherlands) 3 redirects

ASN197902 (HOSTNET, NL)
PTR: vps-3fe4b28a.web.managedservice.io

www.geldlenenzonderbkr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geldlenenzonderbkr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.90.202 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 202.90.190.35.bc.googleusercontent.com

steadfastsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	geldlenenzonderbkr.com 3 redirects www.geldlenenzonderbkr.com geldlenenzonderbkr.com	284 KB
9	doubleclick.net googleads.g.doubleclick.net ad.doubleclick.net	645 B
9	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	196 KB
4	gstatic.com fonts.gstatic.com	52 KB
2	steadfastsystem.com steadfastsystem.com	31 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	803 B
1	google.de adservice.google.de	803 B
1	googleadservices.com partner.googleadservices.com	648 B
1	googleapis.com fonts.googleapis.com	1 KB
39	10

	Domain	Requested by
10	geldlenenzonderbkr.com	geldlenenzonderbkr.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com
6	pagead2.googlesyndication.com	geldlenenzonderbkr.com pagead2.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
3	tpc.googlesyndication.com	steadfastsystem.com pagead2.googlesyndication.com tpc.googlesyndication.com
3	www.geldlenenzonderbkr.com	3 redirects
2	steadfastsystem.com	geldlenenzonderbkr.com steadfastsystem.com
1	ad.doubleclick.net	steadfastsystem.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.googleapis.com	geldlenenzonderbkr.com
39	13

This site contains links to these domains. Also see Links.

Domain
geldlenenmetbkr.nl

Subject Issuer	Validity	Valid
geldlenenzonderbkr.com R3	`2021-01-29` - `2021-04-29`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
steadfastsystem.com R3	`2020-12-16` - `2021-03-16`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://geldlenenzonderbkr.com/
Frame ID: BDE6B6CD490999114C556EAAF9F9851B
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210125/r20190131/zrt_lookup.html
Frame ID: 29587A1F7C4B0DC35890AE26C7CB7AA6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9654285304929543&output=html&h=90&slotname=1715052654&adk=4042538573&adf=1285253395&pi=t.ma~as.1715052654&w=786&fwrn=4&lmt=1611878834&rafmt=10&psa=0&format=786x90_0ads_al&url=https%3A%2F%2Fgeldlenenzonderbkr.com%2F&flash=0&fwr=0&wgl=1&dt=1611903453301&bpp=19&bdt=366&idt=84&shv=r20210125&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6266470333846&frm=20&pv=2&ga_vid=1206804529.1611903453&ga_sid=1611903453&ga_hid=1137209570&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=546&ady=419&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893&oid=3&pvsid=442956670540477&pem=956&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=MUo48RaKVJ&p=https%3A//geldlenenzonderbkr.com&dtd=109
Frame ID: F854264A48B040CB07B16CA439648486
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9654285304929543&output=html&h=90&slotname=1715052654&adk=4042538573&adf=2291382110&pi=t.ma~as.1715052654&w=786&fwrn=4&lmt=1611878834&rafmt=10&psa=0&format=786x90_0ads_al&url=https%3A%2F%2Fgeldlenenzonderbkr.com%2F&flash=0&fwr=0&wgl=1&dt=1611903453320&bpp=3&bdt=385&idt=101&shv=r20210125&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=786x90_0ads_al&correlator=6266470333846&frm=20&pv=1&ga_vid=1206804529.1611903453&ga_sid=1611903453&ga_hid=1137209570&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=546&ady=2450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893&oid=3&pvsid=442956670540477&pem=956&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=V4Plu5JgXq&p=https%3A//geldlenenzonderbkr.com&dtd=105
Frame ID: 8AF78185B8A3F52DA82B526FDF4747A9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9654285304929543&output=html&h=600&slotname=7761586253&adk=2960428260&adf=3566280250&pi=t.ma~as.7761586253&w=231&fwrn=4&fwrnh=100&lmt=1611878834&rafmt=1&psa=0&format=231x600&url=https%3A%2F%2Fgeldlenenzonderbkr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1611903453323&bpp=2&bdt=388&idt=104&shv=r20210125&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=786x90_0ads_al%2C786x90_0ads_al&correlator=6266470333846&frm=20&pv=1&ga_vid=1206804529.1611903453&ga_sid=1611903453&ga_hid=1137209570&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=268&ady=369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893&oid=3&pvsid=442956670540477&pem=956&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mE1kqIViPy&p=https%3A//geldlenenzonderbkr.com&dtd=107
Frame ID: 90AB54535445D5FB5DEA41A528EFD6E2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9654285304929543&output=html&adk=1812271804&adf=3025194257&lmt=1611878834&plat=1%3A16809992%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fgeldlenenzonderbkr.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1611903453325&bpp=1&bdt=390&idt=108&shv=r20210125&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=786x90_0ads_al%2C786x90_0ads_al%2C231x600&nras=1&correlator=6266470333846&frm=20&pv=1&ga_vid=1206804529.1611903453&ga_sid=1611903453&ga_hid=1137209570&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893&oid=3&pvsid=442956670540477&pem=956&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=115
Frame ID: 56712035986140D44D1F024B56284A9E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: C9445B5F8D3C16C1ECFE9E4B35AB857B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9654285304929543&output=html&h=240&adk=2343196803&adf=1312855480&pi=t.aa~a.3654940567~rp.4&w=231&fwrn=4&fwrnh=100&lmt=1611878834&rafmt=1&to=qs&pwprc=9082492030&psa=1&format=231x240&url=https%3A%2F%2Fgeldlenenzonderbkr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1611903453719&bpp=1&bdt=784&idt=-M&shv=r20210125&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7bd93357ed1cd00-22ee59bc41ba006f%3AT%3D1611903453%3ART%3D1611903453%3AS%3DALNI_MZj08zkC_kgtq4cLc_1MkApgSw6jw&prev_fmts=786x90_0ads_al%2C786x90_0ads_al%2C231x600%2C0x0&nras=1&correlator=6266470333846&frm=20&pv=1&ga_vid=1206804529.1611903453&ga_sid=1611903453&ga_hid=1137209570&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=268&ady=1296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893&oid=3&psts=AGkb-H_CMmcP8scvLB7kdO4cI_nx35BtwnojPjwxrF_8RG8039fzmzr8hLc%2CAGkb-H_q9tCB0_usirYCbYH-sU1ga7rdp9Pm2yNNy9aLghAQLfTkff54yZo&pvsid=442956670540477&pem=956&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=K36nAbc5Li&p=https%3A//geldlenenzonderbkr.com&dtd=12
Frame ID: 5B1C5F7B7A1FF6FCB5624292BE812146
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9654285304929543&output=html&h=280&adk=2767623100&adf=1730821504&pi=t.aa~a.697687507~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1611878834&rafmt=1&to=qs&pwprc=9082492030&psa=1&format=1200x280&url=https%3A%2F%2Fgeldlenenzonderbkr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611903453719&bpp=1&bdt=784&idt=1&shv=r20210125&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7bd93357ed1cd00-22ee59bc41ba006f%3AT%3D1611903453%3ART%3D1611903453%3AS%3DALNI_MZj08zkC_kgtq4cLc_1MkApgSw6jw&prev_fmts=786x90_0ads_al%2C786x90_0ads_al%2C231x600%2C0x0%2C231x240&nras=1&correlator=6266470333846&frm=20&pv=1&ga_vid=1206804529.1611903453&ga_sid=1611903453&ga_hid=1137209570&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893&oid=3&psts=AGkb-H_CMmcP8scvLB7kdO4cI_nx35BtwnojPjwxrF_8RG8039fzmzr8hLc%2CAGkb-H_q9tCB0_usirYCbYH-sU1ga7rdp9Pm2yNNy9aLghAQLfTkff54yZo&pvsid=442956670540477&pem=956&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Fb2qatDcA1&p=https%3A//geldlenenzonderbkr.com&dtd=15
Frame ID: 26EA3EC69DE41603263DEE29CA73E959
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210125/r20190131/zrt_lookup.html?fsb=1
Frame ID: E302031FFDD71B88AC4AB1A892FB9300
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: B9016DBA2B02C5F1FF0D7F79117A0D5C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.geldlenenzonderbkr.com/ HTTP 301
https://geldlenenzonderbkr.com/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

39
Requests

100 %
HTTPS

60 %
IPv6

10
Domains

13
Subdomains

11
IPs

3
Countries

594 kB
Transfer

1410 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://geldlenenmetbkr.nl/
Title: geld lenen met BKR

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.geldlenenzonderbkr.com/ HTTP 301
https://geldlenenzonderbkr.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://www.geldlenenzonderbkr.com/wp-content/uploads/BOgEdQSUlCAa/wHAjSBoFrjHY.js?ver=2.2.3 HTTP 301
https://geldlenenzonderbkr.com/wp-content/uploads/BOgEdQSUlCAa/wHAjSBoFrjHY.js?ver=2.2.3

Request Chain 8

https://www.geldlenenzonderbkr.com/wp-content/uploads/2020/08/background-top.png HTTP 301
https://geldlenenzonderbkr.com/wp-content/uploads/2020/08/background-top.png

39 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
geldlenenzonderbkr.com/
Redirect Chain

https://www.geldlenenzonderbkr.com/
https://geldlenenzonderbkr.com/

59 KB
12 KB

42ms
42ms

Document
text/html

185.95.15.3
HOSTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://geldlenenzonderbkr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.95.15.3 , Netherlands, ASN197902 (HOSTNET, NL),
Reverse DNS: vps-3fe4b28a.web.managedservice.io
Software: nginx/1.18.0 / PleskLin
Resource Hash: e9482437c9439fdfbfeebf35aff073182a472cc8ec854b24261715bdb1132076

Request headers

:method: GET
:authority: geldlenenzonderbkr.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx/1.18.0
date: Fri, 29 Jan 2021 06:57:32 GMT
content-type: text/html; charset=UTF-8
content-length: 12198
vary: Accept-Encoding
last-modified: Fri, 29 Jan 2021 00:07:14 GMT
accept-ranges: bytes
cache-control: max-age=0
expires: Fri, 29 Jan 2021 06:57:32 GMT
content-encoding: gzip
x-powered-by: PleskLin

Redirect headers

server: nginx/1.18.0
date: Fri, 29 Jan 2021 06:57:32 GMT
content-type: text/html
content-length: 169
location: https://geldlenenzonderbkr.com/

GET
H2 200 f3edb667b866997c96c1405a16c38550.css
geldlenenzonderbkr.com/wp-content/cache/min/1/ 247 KB
48 KB 75ms
74ms Stylesheet
text/css 185.95.15.3
HOSTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://geldlenenzonderbkr.com/wp-content/cache/min/1/f3edb667b866997c96c1405a16c38550.css
Requested by: Host: geldlenenzonderbkr.com
URL: https://geldlenenzonderbkr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.95.15.3 , Netherlands, ASN197902 (HOSTNET, NL),
Reverse DNS: vps-3fe4b28a.web.managedservice.io
Software: nginx/1.18.0 / PleskLin
Resource Hash: aff20e6254001fe1a955b9b46737bd30fe493e49e4b44bd3ac94e039752f345b

Request headers

Referer: https://geldlenenzonderbkr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 06:57:32 GMT
content-encoding: gzip
etag: W/"5f97d91a-3dca1"
last-modified: Tue, 27 Oct 2020 08:23:54 GMT
server: nginx/1.18.0
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public
expires: Sat, 29 Jan 2022 06:57:32 GMT

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=3.4.0&display=swap

Requested by

Host: geldlenenzonderbkr.com
URL: https://geldlenenzonderbkr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df58f18539b22232ee65b471dddb7073be9ca5d69f17d99a2e07ed021fb785be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://geldlenenzonderbkr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 29 Jan 2021 06:57:32 GMT
server: ESF
date: Fri, 29 Jan 2021 06:57:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Jan 2021 06:57:32 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
geldlenenzonderbkr.com/wp-content/plugins/jquery-updater/js/ 87 KB
35 KB 54ms
53ms Script
application/javascript 185.95.15.3
HOSTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://geldlenenzonderbkr.com/wp-content/plugins/jquery-updater/js/jquery-3.5.1.min.js?ver=3.5.1
Requested by: Host: geldlenenzonderbkr.com
URL: https://geldlenenzonderbkr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.95.15.3 , Netherlands, ASN197902 (HOSTNET, NL),
Reverse DNS: vps-3fe4b28a.web.managedservice.io
Software: nginx/1.18.0 / PleskLin
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://geldlenenzonderbkr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 06:57:32 GMT
content-encoding: gzip
etag: W/"5f57908f-15d84"
last-modified: Tue, 08 Sep 2020 14:09:19 GMT
server: nginx/1.18.0
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Sat, 29 Jan 2022 06:57:32 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 57ms
38ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: geldlenenzonderbkr.com
URL: https://geldlenenzonderbkr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9104e557e2d95e8275007ce5944bd5d217c7071985d54c359657fcf87235f9cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geldlenenzonderbkr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 06:57:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47379
x-xss-protection: 0
server: cafe
etag: 3184210123534915854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 29 Jan 2021 06:57:33 GMT

GET
H2

200

wHAjSBoFrjHY.js Show response
geldlenenzonderbkr.com/wp-content/uploads/BOgEdQSUlCAa/
Redirect Chain

https://www.geldlenenzonderbkr.com/wp-content/uploads/BOgEdQSUlCAa/wHAjSBoFrjHY.js?ver=2.2.3
https://geldlenenzonderbkr.com/wp-content/uploads/BOgEdQSUlCAa/wHAjSBoFrjHY.js?ver=2.2.3

28 KB
7 KB

52ms
51ms

Script
application/javascript

185.95.15.3
HOSTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://geldlenenzonderbkr.com/wp-content/uploads/BOgEdQSUlCAa/wHAjSBoFrjHY.js?ver=2.2.3
Requested by: Host: geldlenenzonderbkr.com
URL: https://geldlenenzonderbkr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.95.15.3 , Netherlands, ASN197902 (HOSTNET, NL),
Reverse DNS: vps-3fe4b28a.web.managedservice.io
Software: nginx/1.18.0 / PleskLin
Resource Hash: 44dfc054e133cc7a34d7d2dc43455eaeb5882ce6a589353d1122e818ef96c61c

Request headers

Referer: https://geldlenenzonderbkr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 06:57:32 GMT
content-encoding: gzip
etag: W/"5e7c7eac-6e89"
last-modified: Thu, 26 Mar 2020 10:06:36 GMT
server: nginx/1.18.0
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Sat, 29 Jan 2022 06:57:32 GMT

Redirect headers

location: https://geldlenenzonderbkr.com/wp-content/uploads/BOgEdQSUlCAa/wHAjSBoFrjHY.js?ver=2.2.3
date: Fri, 29 Jan 2021 06:57:32 GMT
server: nginx/1.18.0
content-length: 169
content-type: text/html

GET
H2 200 d36efb81c7eb619d7496cc1a05f92962.js Show response
geldlenenzonderbkr.com/wp-content/cache/min/1/ 60 KB
21 KB 68ms
67ms Script
application/javascript 185.95.15.3
HOSTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://geldlenenzonderbkr.com/wp-content/cache/min/1/d36efb81c7eb619d7496cc1a05f92962.js
Requested by: Host: geldlenenzonderbkr.com
URL: https://geldlenenzonderbkr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.95.15.3 , Netherlands, ASN197902 (HOSTNET, NL),
Reverse DNS: vps-3fe4b28a.web.managedservice.io
Software: nginx/1.18.0 / PleskLin
Resource Hash: 9366d7c41eef3b324ac329c09530f53aa1cddc0e3cb49ac3e80052796bddba7e

Request headers

Referer: https://geldlenenzonderbkr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 06:57:32 GMT
content-encoding: gzip
etag: W/"600a991b-f1e7"
last-modified: Fri, 22 Jan 2021 09:21:31 GMT
server: nginx/1.18.0
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Sat, 29 Jan 2022 06:57:32 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 v2eik8B3dmg_dvLE_pkzKq7_7Kus3i1r57PciobF-KeJS_jI8MIGFJ2O4ufmJMZn1wLY-40ZKHMReCG7acL088DNd-HckXxDjzq9nxrpFagVcyHuAO65qbf9v03sF Show response
steadfastsystem.com/ 103 KB
30 KB 272ms
221ms Script
text/javascript 35.190.90.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://steadfastsystem.com/v2eik8B3dmg_dvLE_pkzKq7_7Kus3i1r57PciobF-KeJS_jI8MIGFJ2O4ufmJMZn1wLY-40ZKHMReCG7acL088DNd-HckXxDjzq9nxrpFagVcyHuAO65qbf9v03sF

Requested by

Host: geldlenenzonderbkr.com
URL: https://geldlenenzonderbkr.com/wp-content/cache/min/1/d36efb81c7eb619d7496cc1a05f92962.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.90.202 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

202.90.190.35.bc.googleusercontent.com

Software

Resource Hash

f3d44d0598946430660a1d55f9a95e502c7ac2bb14b22733854ce6c4debb4990

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://geldlenenzonderbkr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "4f422c62547a0044941f2d84cd85fd5f7d71f7582d8418017f6b70373ac9545b"
vary: Accept-Encoding, Accept-Language
x-hostname: 2c48c892
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Fri, 29 Jan 2021 06:57:33 GMT
timing-allow-origin: *

GET
H2

200

background-top.png
geldlenenzonderbkr.com/wp-content/uploads/2020/08/
Redirect Chain

https://www.geldlenenzonderbkr.com/wp-content/uploads/2020/08/background-top.png
https://geldlenenzonderbkr.com/wp-content/uploads/2020/08/background-top.png

191 B
422 B

72ms
72ms

Image
image/png

185.95.15.3
HOSTNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geldlenenzonderbkr.com/wp-content/uploads/2020/08/background-top.png
Requested by: Host: geldlenenzonderbkr.com
URL: https://geldlenenzonderbkr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.95.15.3 , Netherlands, ASN197902 (HOSTNET, NL),
Reverse DNS: vps-3fe4b28a.web.managedservice.io
Software: nginx/1.18.0 / PleskLin
Resource Hash: cc48112008b7f36ee4864da15802ffabb0c8cb7498f86ed4dcf5d251fc5b9fdb

Request headers

Referer: https://geldlenenzonderbkr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 06:57:33 GMT
last-modified: Thu, 27 Aug 2020 12:10:37 GMT
server: nginx/1.18.0
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/png
x-accel-version: 0.01
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 191
expires: Sat, 29 May 2021 06:57:33 GMT

Redirect headers

location: https://geldlenenzonderbkr.com/wp-content/uploads/2020/08/background-top.png
date: Fri, 29 Jan 2021 06:57:33 GMT
server: nginx/1.18.0
content-length: 169
content-type: text/html

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=3.4.0&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://geldlenenzonderbkr.com
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=3.4.0&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 18:59:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:14 GMT
server: sffe
age: 129501
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13324
x-xss-protection: 0
expires: Thu, 27 Jan 2022 18:59:12 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=3.4.0&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://geldlenenzonderbkr.com
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=3.4.0&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 16:18:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:11 GMT
server: sffe
age: 139139
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12976
x-xss-protection: 0
expires: Thu, 27 Jan 2022 16:18:34 GMT

GET
H2 200 fa-solid-900.woff2
geldlenenzonderbkr.com/wp-content/themes/storefront/assets/fonts/ 78 KB
78 KB 36ms
36ms Font
application/octet-stream 185.95.15.3
HOSTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://geldlenenzonderbkr.com/wp-content/themes/storefront/assets/fonts/fa-solid-900.woff2
Requested by: Host: geldlenenzonderbkr.com
URL: https://geldlenenzonderbkr.com/wp-content/cache/min/1/f3edb667b866997c96c1405a16c38550.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.95.15.3 , Netherlands, ASN197902 (HOSTNET, NL),
Reverse DNS: vps-3fe4b28a.web.managedservice.io
Software: nginx/1.18.0 / PleskLin
Resource Hash: 7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

Origin: https://geldlenenzonderbkr.com
Referer: https://geldlenenzonderbkr.com/wp-content/cache/min/1/f3edb667b866997c96c1405a16c38550.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 06:57:33 GMT
etag: "601186ae-13654"
last-modified: Wed, 27 Jan 2021 15:28:46 GMT
server: nginx/1.18.0
x-powered-by: PleskLin
content-type: application/octet-stream
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 79444
expires: Sun, 28 Feb 2021 06:57:33 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 13 KB
13 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu3cOWxw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=3.4.0&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ec7f22119da3493aedefd66ffd30f0aaf4cf4aee42d8254638bcca5971c3568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://geldlenenzonderbkr.com
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=3.4.0&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 18:30:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:08 GMT
server: sffe
age: 217598
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13224
x-xss-protection: 0
expires: Wed, 26 Jan 2022 18:30:55 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 13 KB
13 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=3.4.0&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://geldlenenzonderbkr.com
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=3.4.0&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 18:32:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:16 GMT
server: sffe
age: 217495
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13108
x-xss-protection: 0
expires: Wed, 26 Jan 2022 18:32:38 GMT

GET
H2 200 Geld-lenen-zonder-BKR.jpg
geldlenenzonderbkr.com/wp-content/uploads/2013/01/ 44 KB
44 KB 80ms
80ms Image
image/jpeg 185.95.15.3
HOSTNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geldlenenzonderbkr.com/wp-content/uploads/2013/01/Geld-lenen-zonder-BKR.jpg
Requested by: Host: geldlenenzonderbkr.com
URL: https://geldlenenzonderbkr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.95.15.3 , Netherlands, ASN197902 (HOSTNET, NL),
Reverse DNS: vps-3fe4b28a.web.managedservice.io
Software: nginx/1.18.0 / PleskLin
Resource Hash: b40f2a64e0e969f83690cefbb00c3e0b2a7ed86b452191b4346f81eb95c7b988

Request headers

Referer: https://geldlenenzonderbkr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 06:57:33 GMT
etag: "532d5864-afdd"
last-modified: Sat, 22 Mar 2014 09:31:16 GMT
server: nginx/1.18.0
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 45021
expires: Sat, 29 May 2021 06:57:33 GMT

GET
H2 200 geld.jpg
geldlenenzonderbkr.com/wp-content/uploads/2013/01/ 37 KB
37 KB 84ms
84ms Image
image/jpeg 185.95.15.3
HOSTNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geldlenenzonderbkr.com/wp-content/uploads/2013/01/geld.jpg
Requested by: Host: geldlenenzonderbkr.com
URL: https://geldlenenzonderbkr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.95.15.3 , Netherlands, ASN197902 (HOSTNET, NL),
Reverse DNS: vps-3fe4b28a.web.managedservice.io
Software: nginx/1.18.0 / PleskLin
Resource Hash: ccd67a3ecc5fb96a19e9fe93f7add65f339db1f0b78cdfd22fa5d121807507f5

Request headers

Referer: https://geldlenenzonderbkr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 06:57:33 GMT
etag: "50e9ab61-9275"
last-modified: Sun, 06 Jan 2013 16:50:41 GMT
server: nginx/1.18.0
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 37493
expires: Sat, 29 May 2021 06:57:33 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210125/r20190131/ 225 KB
84 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210125/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d02fb5f704ff38ff82b318690f99d75fc141cd7ce3f6b65922d10935f2edb29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geldlenenzonderbkr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 06:57:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 86115
x-xss-protection: 0
server: cafe
etag: 12340649430595442554
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Jan 2021 06:57:33 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210125/r20190131/ Frame 2958 0
0 6ms
5ms Document
text/html 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210125/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210125/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://geldlenenzonderbkr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://geldlenenzonderbkr.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 28 Jan 2021 16:19:07 GMT
expires: Thu, 11 Feb 2021 16:19:07 GMT
content-type: text/html; charset=UTF-8
etag: 6748560809430760793
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4784
x-xss-protection: 0
age: 52706
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 212 B
648 B 114ms
58ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=geldlenenzonderbkr.com&callback=_gfp_s_&client=ca-pub-9654285304929543

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210125/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

979ed8cd2e35c6dee4ff1dc4a4766943e8dd0b33e237dcc72d08248824bfc0cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geldlenenzonderbkr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 06:57:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 48ms
27ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=geldlenenzonderbkr.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210125/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geldlenenzonderbkr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Jan 2021 06:57:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 49ms
28ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=geldlenenzonderbkr.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210125/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geldlenenzonderbkr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Jan 2021 06:57:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame F854 0
0 148ms
147ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9654285304929543&output=html&h=90&slotname=1715052654&adk=4042538573&adf=1285253395&pi=t.ma~as.1715052654&w=786&fwrn=4&lmt=1611878834&rafmt=10&psa=0&format=786x90_0ads_al&url=https%3A%2F%2Fgeldlenenzonderbkr.com%2F&flash=0&fwr=0&wgl=1&dt=1611903453301&bpp=19&bdt=366&idt=84&shv=r20210125&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6266470333846&frm=20&pv=2&ga_vid=1206804529.1611903453&ga_sid=1611903453&ga_hid=1137209570&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=546&ady=419&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893&oid=3&pvsid=442956670540477&pem=956&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=MUo48RaKVJ&p=https%3A//geldlenenzonderbkr.com&dtd=109

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210125/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9654285304929543&output=html&h=90&slotname=1715052654&adk=4042538573&adf=1285253395&pi=t.ma~as.1715052654&w=786&fwrn=4&lmt=1611878834&rafmt=10&psa=0&format=786x90_0ads_al&url=https%3A%2F%2Fgeldlenenzonderbkr.com%2F&flash=0&fwr=0&wgl=1&dt=1611903453301&bpp=19&bdt=366&idt=84&shv=r20210125&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6266470333846&frm=20&pv=2&ga_vid=1206804529.1611903453&ga_sid=1611903453&ga_hid=1137209570&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=546&ady=419&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893&oid=3&pvsid=442956670540477&pem=956&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=MUo48RaKVJ&p=https%3A//geldlenenzonderbkr.com&dtd=109
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://geldlenenzonderbkr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://geldlenenzonderbkr.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 29 Jan 2021 06:57:33 GMT
server: cafe
content-length: 4853
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 29-Jan-2021 07:12:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 29 Jan 2021 06:57:33 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210125/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c36a34cc0d1fba1f6684e46a84e23f1b3138df20e59d8f99679cd40588ed14e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geldlenenzonderbkr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 06:57:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611791148528130"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28336
x-xss-protection: 0
expires: Fri, 29 Jan 2021 06:57:33 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8AF7 0
0 127ms
126ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9654285304929543&output=html&h=90&slotname=1715052654&adk=4042538573&adf=2291382110&pi=t.ma~as.1715052654&w=786&fwrn=4&lmt=1611878834&rafmt=10&psa=0&format=786x90_0ads_al&url=https%3A%2F%2Fgeldlenenzonderbkr.com%2F&flash=0&fwr=0&wgl=1&dt=1611903453320&bpp=3&bdt=385&idt=101&shv=r20210125&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=786x90_0ads_al&correlator=6266470333846&frm=20&pv=1&ga_vid=1206804529.1611903453&ga_sid=1611903453&ga_hid=1137209570&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=546&ady=2450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893&oid=3&pvsid=442956670540477&pem=956&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=V4Plu5JgXq&p=https%3A//geldlenenzonderbkr.com&dtd=105

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210125/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9654285304929543&output=html&h=90&slotname=1715052654&adk=4042538573&adf=2291382110&pi=t.ma~as.1715052654&w=786&fwrn=4&lmt=1611878834&rafmt=10&psa=0&format=786x90_0ads_al&url=https%3A%2F%2Fgeldlenenzonderbkr.com%2F&flash=0&fwr=0&wgl=1&dt=1611903453320&bpp=3&bdt=385&idt=101&shv=r20210125&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=786x90_0ads_al&correlator=6266470333846&frm=20&pv=1&ga_vid=1206804529.1611903453&ga_sid=1611903453&ga_hid=1137209570&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=546&ady=2450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893&oid=3&pvsid=442956670540477&pem=956&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=V4Plu5JgXq&p=https%3A//geldlenenzonderbkr.com&dtd=105
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://geldlenenzonderbkr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://geldlenenzonderbkr.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 29 Jan 2021 06:57:33 GMT
server: cafe
content-length: 4858
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 29-Jan-2021 07:12:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 29 Jan 2021 06:57:33 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 90AB 0
0 421ms
421ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9654285304929543&output=html&h=600&slotname=7761586253&adk=2960428260&adf=3566280250&pi=t.ma~as.7761586253&w=231&fwrn=4&fwrnh=100&lmt=1611878834&rafmt=1&psa=0&format=231x600&url=https%3A%2F%2Fgeldlenenzonderbkr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1611903453323&bpp=2&bdt=388&idt=104&shv=r20210125&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=786x90_0ads_al%2C786x90_0ads_al&correlator=6266470333846&frm=20&pv=1&ga_vid=1206804529.1611903453&ga_sid=1611903453&ga_hid=1137209570&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=268&ady=369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893&oid=3&pvsid=442956670540477&pem=956&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mE1kqIViPy&p=https%3A//geldlenenzonderbkr.com&dtd=107

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210125/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1166939861049141941/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1166939861049141941/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJvthabIwO4CFUiDhQodSxINaQ&gqi=3bETYIOcG6KDwuIPoOuV8A8&layout=/sadbundle/%24csp%253Der3%24/1166939861049141941/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9654285304929543&output=html&h=600&slotname=7761586253&adk=2960428260&adf=3566280250&pi=t.ma~as.7761586253&w=231&fwrn=4&fwrnh=100&lmt=1611878834&rafmt=1&psa=0&format=231x600&url=https%3A%2F%2Fgeldlenenzonderbkr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1611903453323&bpp=2&bdt=388&idt=104&shv=r20210125&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=786x90_0ads_al%2C786x90_0ads_al&correlator=6266470333846&frm=20&pv=1&ga_vid=1206804529.1611903453&ga_sid=1611903453&ga_hid=1137209570&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=268&ady=369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893&oid=3&pvsid=442956670540477&pem=956&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mE1kqIViPy&p=https%3A//geldlenenzonderbkr.com&dtd=107
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://geldlenenzonderbkr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://geldlenenzonderbkr.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1166939861049141941/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1166939861049141941/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJvthabIwO4CFUiDhQodSxINaQ&gqi=3bETYIOcG6KDwuIPoOuV8A8&layout=/sadbundle/%24csp%253Der3%24/1166939861049141941/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 29 Jan 2021 06:57:33 GMT
server: cafe
content-length: 32475
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 29-Jan-2021 07:12:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 29 Jan 2021 06:57:33 GMT
cache-control: private

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
52 B 38ms
38ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fgeldlenenzonderbkr.com%2F&tn=DIV&id=cookie-law-info-bar&ign=false

Requested by

Host: geldlenenzonderbkr.com
URL: https://geldlenenzonderbkr.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geldlenenzonderbkr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jan 2021 06:57:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5671 0
0 246ms
246ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9654285304929543&output=html&adk=1812271804&adf=3025194257&lmt=1611878834&plat=1%3A16809992%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fgeldlenenzonderbkr.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1611903453325&bpp=1&bdt=390&idt=108&shv=r20210125&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=786x90_0ads_al%2C786x90_0ads_al%2C231x600&nras=1&correlator=6266470333846&frm=20&pv=1&ga_vid=1206804529.1611903453&ga_sid=1611903453&ga_hid=1137209570&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893&oid=3&pvsid=442956670540477&pem=956&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=115

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210125/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9654285304929543&output=html&adk=1812271804&adf=3025194257&lmt=1611878834&plat=1%3A16809992%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fgeldlenenzonderbkr.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1611903453325&bpp=1&bdt=390&idt=108&shv=r20210125&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=786x90_0ads_al%2C786x90_0ads_al%2C231x600&nras=1&correlator=6266470333846&frm=20&pv=1&ga_vid=1206804529.1611903453&ga_sid=1611903453&ga_hid=1137209570&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893&oid=3&pvsid=442956670540477&pem=956&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=115
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://geldlenenzonderbkr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://geldlenenzonderbkr.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 29 Jan 2021 06:57:33 GMT
server: cafe
content-length: 28473
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 29-Jan-2021 07:12:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 29 Jan 2021 06:57:33 GMT
cache-control: private

GET
H2 200 Aggjda Show response
ad.doubleclick.net/ddm/adj/Bdaadh/ 11 B
645 B 90ms
32ms Script
text/javascript 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/Bdaadh/Aggjda

Requested by

Host: steadfastsystem.com
URL: https://steadfastsystem.com/v2eik8B3dmg_dvLE_pkzKq7_7Kus3i1r57PciobF-KeJS_jI8MIGFJ2O4ufmJMZn1wLY-40ZKHMReCG7acL088DNd-HckXxDjzq9nxrpFagVcyHuAO65qbf9v03sF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geldlenenzonderbkr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jan 2021 06:57:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame C944 0
0 19ms
5ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html

Requested by

Host: steadfastsystem.com
URL: https://steadfastsystem.com/v2eik8B3dmg_dvLE_pkzKq7_7Kus3i1r57PciobF-KeJS_jI8MIGFJ2O4ufmJMZn1wLY-40ZKHMReCG7acL088DNd-HckXxDjzq9nxrpFagVcyHuAO65qbf9v03sF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-23/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://geldlenenzonderbkr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://geldlenenzonderbkr.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1479
date: Wed, 27 Jan 2021 21:58:43 GMT
expires: Thu, 27 Jan 2022 21:58:43 GMT
last-modified: Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 118730
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210125/r20190131/ 142 KB
51 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210125/r20190131/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210125/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02b25464150bf5deb6db5703e4d14bb7373917be2d501eba70290487d128692b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geldlenenzonderbkr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 06:57:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 52099
x-xss-protection: 0
server: cafe
etag: 405890473636871693
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Jan 2021 06:57:33 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5B1C 0
0 353ms
352ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9654285304929543&output=html&h=240&adk=2343196803&adf=1312855480&pi=t.aa~a.3654940567~rp.4&w=231&fwrn=4&fwrnh=100&lmt=1611878834&rafmt=1&to=qs&pwprc=9082492030&psa=1&format=231x240&url=https%3A%2F%2Fgeldlenenzonderbkr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1611903453719&bpp=1&bdt=784&idt=-M&shv=r20210125&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7bd93357ed1cd00-22ee59bc41ba006f%3AT%3D1611903453%3ART%3D1611903453%3AS%3DALNI_MZj08zkC_kgtq4cLc_1MkApgSw6jw&prev_fmts=786x90_0ads_al%2C786x90_0ads_al%2C231x600%2C0x0&nras=1&correlator=6266470333846&frm=20&pv=1&ga_vid=1206804529.1611903453&ga_sid=1611903453&ga_hid=1137209570&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=268&ady=1296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893&oid=3&psts=AGkb-H_CMmcP8scvLB7kdO4cI_nx35BtwnojPjwxrF_8RG8039fzmzr8hLc%2CAGkb-H_q9tCB0_usirYCbYH-sU1ga7rdp9Pm2yNNy9aLghAQLfTkff54yZo&pvsid=442956670540477&pem=956&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=K36nAbc5Li&p=https%3A//geldlenenzonderbkr.com&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210125/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12745673616984896280/300x250/300x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12745673616984896280/300x250/300x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNarmKbIwO4CFUUTGwodLOYB4Q&gqi=3bETYIjTLcPZtwelx5AQ&layout=/sadbundle/%24csp%253Der3%24/12745673616984896280/300x250/300x250.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9654285304929543&output=html&h=240&adk=2343196803&adf=1312855480&pi=t.aa~a.3654940567~rp.4&w=231&fwrn=4&fwrnh=100&lmt=1611878834&rafmt=1&to=qs&pwprc=9082492030&psa=1&format=231x240&url=https%3A%2F%2Fgeldlenenzonderbkr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1611903453719&bpp=1&bdt=784&idt=-M&shv=r20210125&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7bd93357ed1cd00-22ee59bc41ba006f%3AT%3D1611903453%3ART%3D1611903453%3AS%3DALNI_MZj08zkC_kgtq4cLc_1MkApgSw6jw&prev_fmts=786x90_0ads_al%2C786x90_0ads_al%2C231x600%2C0x0&nras=1&correlator=6266470333846&frm=20&pv=1&ga_vid=1206804529.1611903453&ga_sid=1611903453&ga_hid=1137209570&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=268&ady=1296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893&oid=3&psts=AGkb-H_CMmcP8scvLB7kdO4cI_nx35BtwnojPjwxrF_8RG8039fzmzr8hLc%2CAGkb-H_q9tCB0_usirYCbYH-sU1ga7rdp9Pm2yNNy9aLghAQLfTkff54yZo&pvsid=442956670540477&pem=956&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=K36nAbc5Li&p=https%3A//geldlenenzonderbkr.com&dtd=12
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://geldlenenzonderbkr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://geldlenenzonderbkr.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12745673616984896280/300x250/300x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12745673616984896280/300x250/300x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNarmKbIwO4CFUUTGwodLOYB4Q&gqi=3bETYIjTLcPZtwelx5AQ&layout=/sadbundle/%24csp%253Der3%24/12745673616984896280/300x250/300x250.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 29 Jan 2021 06:57:34 GMT
server: cafe
content-length: 37859
x-xss-protection: 0
set-cookie: IDE=AHWqTUnhcWtTwIEVV1sdT2HtloswO0xAM4w_0li-Robtf1qscwmLxeEYOUD6qW5jZQE; expires=Wed, 23-Feb-2022 06:57:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 29 Jan 2021 06:57:34 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 26EA 0
0 384ms
384ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9654285304929543&output=html&h=280&adk=2767623100&adf=1730821504&pi=t.aa~a.697687507~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1611878834&rafmt=1&to=qs&pwprc=9082492030&psa=1&format=1200x280&url=https%3A%2F%2Fgeldlenenzonderbkr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611903453719&bpp=1&bdt=784&idt=1&shv=r20210125&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7bd93357ed1cd00-22ee59bc41ba006f%3AT%3D1611903453%3ART%3D1611903453%3AS%3DALNI_MZj08zkC_kgtq4cLc_1MkApgSw6jw&prev_fmts=786x90_0ads_al%2C786x90_0ads_al%2C231x600%2C0x0%2C231x240&nras=1&correlator=6266470333846&frm=20&pv=1&ga_vid=1206804529.1611903453&ga_sid=1611903453&ga_hid=1137209570&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893&oid=3&psts=AGkb-H_CMmcP8scvLB7kdO4cI_nx35BtwnojPjwxrF_8RG8039fzmzr8hLc%2CAGkb-H_q9tCB0_usirYCbYH-sU1ga7rdp9Pm2yNNy9aLghAQLfTkff54yZo&pvsid=442956670540477&pem=956&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Fb2qatDcA1&p=https%3A//geldlenenzonderbkr.com&dtd=15

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210125/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2991101413295838963/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2991101413295838963/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPKLmKbIwO4CFQ2O7Qod0mgMtw&gqi=3bETYMvtLcfItweIx6ioAQ&layout=/sadbundle/%24csp%253Der3%24/2991101413295838963/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9654285304929543&output=html&h=280&adk=2767623100&adf=1730821504&pi=t.aa~a.697687507~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1611878834&rafmt=1&to=qs&pwprc=9082492030&psa=1&format=1200x280&url=https%3A%2F%2Fgeldlenenzonderbkr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611903453719&bpp=1&bdt=784&idt=1&shv=r20210125&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7bd93357ed1cd00-22ee59bc41ba006f%3AT%3D1611903453%3ART%3D1611903453%3AS%3DALNI_MZj08zkC_kgtq4cLc_1MkApgSw6jw&prev_fmts=786x90_0ads_al%2C786x90_0ads_al%2C231x600%2C0x0%2C231x240&nras=1&correlator=6266470333846&frm=20&pv=1&ga_vid=1206804529.1611903453&ga_sid=1611903453&ga_hid=1137209570&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893&oid=3&psts=AGkb-H_CMmcP8scvLB7kdO4cI_nx35BtwnojPjwxrF_8RG8039fzmzr8hLc%2CAGkb-H_q9tCB0_usirYCbYH-sU1ga7rdp9Pm2yNNy9aLghAQLfTkff54yZo&pvsid=442956670540477&pem=956&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Fb2qatDcA1&p=https%3A//geldlenenzonderbkr.com&dtd=15
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://geldlenenzonderbkr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://geldlenenzonderbkr.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2991101413295838963/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2991101413295838963/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPKLmKbIwO4CFQ2O7Qod0mgMtw&gqi=3bETYMvtLcfItweIx6ioAQ&layout=/sadbundle/%24csp%253Der3%24/2991101413295838963/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 29 Jan 2021 06:57:34 GMT
server: cafe
content-length: 39288
x-xss-protection: 0
set-cookie: IDE=AHWqTUmKtRgmwPv4_skaZmzYAl6F5sThkfyPCKudmf8czfLUfoHbC0aM4yPmoKSD; expires=Wed, 23-Feb-2022 06:57:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 29 Jan 2021 06:57:34 GMT
cache-control: private

GET
H3-Q050 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210125/r20190131/ Frame E302 0
0 6ms
6ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210125/r20190131/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210125/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210125/r20190131/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://geldlenenzonderbkr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://geldlenenzonderbkr.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 28 Jan 2021 16:15:47 GMT
expires: Thu, 11 Feb 2021 16:15:47 GMT
content-type: text/html; charset=UTF-8
etag: 6748560809430760793
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4784
x-xss-protection: 0
age: 52906
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 33ms
32ms XHR
application/json 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210125&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210125/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68b04a366afefafd73271e6e6c970de9bbf830192aa90158ffcf29ff06d66796

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geldlenenzonderbkr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Jan 2021 06:57:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6893
x-xss-protection: 0

POST
H2 200 v2ycx79rLpUiq9XnoMgnEKopv27r-FeEw_adTx7qRBIwUF7Ctkq8Z69jrkNM5BQ1mDycfYDjhzmuHtz8X6aJ17Qj-Mh4Y-aCNVhItyuI_Vj3Hts3CNWGLhNHg-RfSxAJhXYIC-DTgrLAG Show response
steadfastsystem.com/ 216 B
618 B 71ms
25ms Fetch
application/json 35.190.90.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://steadfastsystem.com/v2ycx79rLpUiq9XnoMgnEKopv27r-FeEw_adTx7qRBIwUF7Ctkq8Z69jrkNM5BQ1mDycfYDjhzmuHtz8X6aJ17Qj-Mh4Y-aCNVhItyuI_Vj3Hts3CNWGLhNHg-RfSxAJhXYIC-DTgrLAG

Requested by

Host: steadfastsystem.com
URL: https://steadfastsystem.com/v2eik8B3dmg_dvLE_pkzKq7_7Kus3i1r57PciobF-KeJS_jI8MIGFJ2O4ufmJMZn1wLY-40ZKHMReCG7acL088DNd-HckXxDjzq9nxrpFagVcyHuAO65qbf9v03sF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.90.202 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

202.90.190.35.bc.googleusercontent.com

Software

Resource Hash

840ea4ae35389912af9cb88774987bace79b3fd8fe54d215d834c9fb6f45958c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://geldlenenzonderbkr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Fri, 29 Jan 2021 06:57:34 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://geldlenenzonderbkr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: 2c48c892
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Fri, 29 Jan 2021 06:57:33 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210125/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geldlenenzonderbkr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 06:57:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Fri, 29 Jan 2021 06:57:34 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame B901 0
0 6ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://geldlenenzonderbkr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://geldlenenzonderbkr.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Fri, 29 Jan 2021 01:21:15 GMT
expires: Sat, 29 Jan 2022 01:21:15 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 20179
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
177 B 42ms
41ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210125&jk=442956670540477&bg=!FxSlFFfNAAVwd1e1cDsAKQB2-Dxa-2jYympSIWCJ4mbEVttL_2i3YCMfvlcGjq4mxLaKKIblLOy_AgAAAG5SAAAAEWgBBwoBD6dQnCl7Uh9y_DjPHbhEkXEwrYblTWJrMUsyF9iO_assHn5j9JQhPgpud3JhATsCtkzjcovnTT6LRjEIXzGkfNvMRpBbOwW1BWo_DsFpNeej9SFs7uiFK9_-bi6dbphVdx0TwaanRlGeB5pFP_sSmMFC2LoBPd-5w5qwg20FMiO22SZC_nZZ4VCA08zLDS7beUjewlQPwWqQhkNCEDfj-z8nee3UvhcO4vWCe7hqnOBMkkwN-1Z1Pok8DaDOU3IAUmqcBoDrgrbl7Iel3iBRda8q2tjO2HEzAL6O6aheZRgSzdKZJNGdQi1z7Ttr38p7GCNWu3C_DBBl-2kdq9gcB9VeDKRWBaky1IIImyDVT6uZAdrInPSypm8rRiShzYzhdzXnFH98Qr2-lI0DVppqaQI_T99aH2CMMOV5pUr_umGswxTba8gBUqx0_RrkSMeQtcAkBe2beCwqacBTVETzTJ24A1Sntvb9_EKOqGgMCG1VgJdfGB_wOzIWXRjk9nLtMqBIHnuc3DANVLzTfsKfJAaO59nCJlxhZxHOhuNnkfT2sB8p5mcrbj_c3G211ssqoKWcMIL-ojuUxaq-Xh5MsDEaXHJMogl1e_Rqj27q6HGc92Vtzn0aN4IO7RCuu4taH6j2dPJnX_tfZ-eKXE_8KxRvQZg-CjWAz0U3qYgMSlbZzsCdL540_BC-JQ_PrdmMlRWdGSSXJPaIDObpc_1DYCA7j7V9XEf-CS7_lVFwJxt8khyRmhYB2l-9pSjQ8h6A3QPeXiAK2cuIxTUeE86IsY5Fe3VjC3YcxqftM5ZpGyAYGH0fAKBURkbSTHkQmYKch7WiNXGpMozCVxgIKedRy1rI_FZvYGr4EkdQRNulhwq0ezSNwLewcLmq8jFsoWnATkz8LTbgSSY914NAqstkaiGxoUVd10j_U9zQnBPZRa-OO1DQxtS-6isEsHAoPviv2Y9OS8SGS0pt7EK8NakiPtfK6mm2A9C2kNFkFHA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geldlenenzonderbkr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jan 2021 06:57:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 admin-ajax.php Show response
geldlenenzonderbkr.com/wp-admin/ 0
344 B 2411ms
2410ms XHR
text/html 185.95.15.3
HOSTNET

General

Check archive.org

Show headers Download Go to

Full URL

https://geldlenenzonderbkr.com/wp-admin/admin-ajax.php

Requested by

Host: geldlenenzonderbkr.com
URL: https://geldlenenzonderbkr.com/wp-content/plugins/jquery-updater/js/jquery-3.5.1.min.js?ver=3.5.1

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.95.15.3 , Netherlands, ASN197902 (HOSTNET, NL),

Reverse DNS

vps-3fe4b28a.web.managedservice.io

Software

nginx/1.18.0 / PleskLin

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://geldlenenzonderbkr.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 29 Jan 2021 06:57:37 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.18.0
x-powered-by: PleskLin
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://geldlenenzonderbkr.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
vary: Accept-Encoding
content-length: 0
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 01:06:39	Name: IDE Value: AHWqTUmKtRgmwPv4_skaZmzYAl6F5sThkfyPCKudmf8czfLUfoHbC0aM4yPmoKSD
geldlenenzonderbkr.com/	1970-01-20 00:30:39	Name: cookielawinfo-checkbox-necessary Value: yes
geldlenenzonderbkr.com/	1970-01-20 00:30:39	Name: cookielawinfo-checkbox-non-necessary Value: yes
.geldlenenzonderbkr.com/	1970-01-20 01:06:39	Name: __gads Value: ID=f7bd93357ed1cd00-22ee59bc41ba006f:T=1611903453:RT=1611903453:S=ALNI_MZj08zkC_kgtq4cLc_1MkApgSw6jw
.doubleclick.net/	1970-01-19 15:45:07	Name: DSID Value: NO_DATA
geldlenenzonderbkr.com/	1969-12-31 23:59:59	Name: quads_browser_width Value: 1600

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://geldlenenzonderbkr.com/wp-content/cache/min/1/d36efb81c7eb619d7496cc1a05f92962.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.de
fonts.googleapis.com
fonts.gstatic.com
geldlenenzonderbkr.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
steadfastsystem.com
tpc.googlesyndication.com
www.geldlenenzonderbkr.com
www.googletagservices.com
142.250.74.198
172.217.18.98
185.95.15.3
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200a
2a00:1450:4001:817::2003
2a00:1450:4001:818::2002
2a00:1450:4001:819::2002
2a00:1450:4001:82b::2002
35.190.90.202
02b25464150bf5deb6db5703e4d14bb7373917be2d501eba70290487d128692b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
44dfc054e133cc7a34d7d2dc43455eaeb5882ce6a589353d1122e818ef96c61c
487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb
68b04a366afefafd73271e6e6c970de9bbf830192aa90158ffcf29ff06d66796
7ec7f22119da3493aedefd66ffd30f0aaf4cf4aee42d8254638bcca5971c3568
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
840ea4ae35389912af9cb88774987bace79b3fd8fe54d215d834c9fb6f45958c
9104e557e2d95e8275007ce5944bd5d217c7071985d54c359657fcf87235f9cf
9366d7c41eef3b324ac329c09530f53aa1cddc0e3cb49ac3e80052796bddba7e
979ed8cd2e35c6dee4ff1dc4a4766943e8dd0b33e237dcc72d08248824bfc0cc
aff20e6254001fe1a955b9b46737bd30fe493e49e4b44bd3ac94e039752f345b
b40f2a64e0e969f83690cefbb00c3e0b2a7ed86b452191b4346f81eb95c7b988
c36a34cc0d1fba1f6684e46a84e23f1b3138df20e59d8f99679cd40588ed14e2
cc48112008b7f36ee4864da15802ffabb0c8cb7498f86ed4dcf5d251fc5b9fdb
ccd67a3ecc5fb96a19e9fe93f7add65f339db1f0b78cdfd22fa5d121807507f5
d02fb5f704ff38ff82b318690f99d75fc141cd7ce3f6b65922d10935f2edb29a
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
df58f18539b22232ee65b471dddb7073be9ca5d69f17d99a2e07ed021fb785be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9482437c9439fdfbfeebf35aff073182a472cc8ec854b24261715bdb1132076
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f3d44d0598946430660a1d55f9a95e502c7ac2bb14b22733854ce6c4debb4990
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8

geldlenenzonderbkr.com Open in urlscan Pro 185.95.15.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

100 %HTTPS

60 %IPv6

10 Domains

13 Subdomains

11 IPs

3 Countries

594 kBTransfer

1410 kBSize

6 Cookies

1 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

geldlenenzonderbkr.com Open in urlscan Pro
185.95.15.3 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

100 %
HTTPS

60 %
IPv6

10
Domains

13
Subdomains

11
IPs

3
Countries

594 kB
Transfer

1410 kB
Size

6
Cookies

39 HTTP transactions
1 data transactions