urlscan.io logo urlscan.io
SecurityTrails logo

r7idrystue.jouwweb.nl Open in urlscan Pro
35.204.150.5  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw#0.6570314004265712
Effective URL: https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
Submission: On October 18 via manual from NP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 5 countries across 9 domains to perform 24 HTTP transactions. The main IP is 35.204.150.5, located in Ascension Island and belongs to GOOGLE, US. The main domain is r7idrystue.jouwweb.nl.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 4th 2020. Valid for: 2 years.
This is the only time r7idrystue.jouwweb.nl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
3 35.204.150.5 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 34.120.151.89 15169 (GOOGLE)
1 136.144.144.230 20857 (TRANSIP-A...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2001:1308:84:... 6400 (Compania ...)
1 34.90.225.198 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 67.202.94.86 32748 (STEADFAST)
1 2620:0:862:ed... 14907 (WIKIMEDIA)
24 13
3    35.204.150.5 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 5.150.204.35.bc.googleusercontent.com
r7idrystue.jouwweb.nl
1    2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    34.120.151.89 (United States)

ASN15169 (GOOGLE, US)
PTR: 89.151.120.34.bc.googleusercontent.com
cdn.jwwb.nl
1    136.144.144.230 (Eindhoven, Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: image-cdn.jouwtest.nl
f.jwwb.nl
1    2606:4700:10::6816:4aab (United States)

ASN13335 (CLOUDFLARENET, US)
widgets.amung.us
3    2606:4700:3036::6818:615f (United States)

ASN13335 (CLOUDFLARENET, US)
jigunspunk-96.xyz
1    2001:1308:84:20:face:b00c:0:a7 (Dominican Republic)

ASN6400 (Compania Dominicana de Telefonos S. A., DO)
scontent.fsti4-1.fna.fbcdn.net
1    34.90.225.198 (United States)

ASN15169 (GOOGLE, US)
PTR: 198.225.90.34.bc.googleusercontent.com
www.jouwweb.nl
2    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    67.202.94.86 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: amung.us
whos.amung.us
1    2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)
upload.wikimedia.org
Domain Requested by
6 cdn.jwwb.nl r7idrystue.jouwweb.nl
3 whos.amung.us widgets.amung.us
r7idrystue.jouwweb.nl
3 jigunspunk-96.xyz 1 redirects r7idrystue.jouwweb.nl
3 r7idrystue.jouwweb.nl cdn.jwwb.nl
2 www.google-analytics.com r7idrystue.jouwweb.nl
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
1 upload.wikimedia.org r7idrystue.jouwweb.nl
1 www.jouwweb.nl r7idrystue.jouwweb.nl
1 scontent.fsti4-1.fna.fbcdn.net r7idrystue.jouwweb.nl
1 widgets.amung.us r7idrystue.jouwweb.nl
1 f.jwwb.nl r7idrystue.jouwweb.nl
1 fonts.googleapis.com r7idrystue.jouwweb.nl
24 12

This site contains no links.

Subject Issuer Validity Valid
*.jouwweb.nl
Sectigo RSA Domain Validation Secure Server CA		 2020-06-04 -
2022-06-05		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
cdn.jwwb.nl
GTS CA 1D2		 2020-09-26 -
2020-12-25		 3 months crt.sh
f.jwwb.nl
Let's Encrypt Authority X3		 2020-09-21 -
2020-12-20		 3 months crt.sh
whos.amung.us
Sectigo RSA Domain Validation Secure Server CA		 2020-05-21 -
2022-05-21		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-16 -
2021-10-15		 a year crt.sh
*.fsti4-1.fna.fbcdn.net
DigiCert SHA2 High Assurance Server CA		 2020-09-04 -
2020-12-02		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.wikipedia.org
Let's Encrypt Authority X3		 2020-09-18 -
2020-12-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
Frame ID: 5887DEC23D41647B48EE0AB7D7CE4CA8
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

24
Requests

100 %
HTTPS

58 %
IPv6

9
Domains

12
Subdomains

13
IPs

5
Countries

298 kB
Transfer

948 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://jigunspunk-96.xyz/location HTTP 301
  • https://jigunspunk-96.xyz/location/

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
r7idrystue.jouwweb.nl/ 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.204.150.5 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
5.150.204.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2c64413684b0b5d59462b82f6b8578dba1042f788eea4bc341a52fe70362323e

Request headers

:method
GET
:authority
r7idrystue.jouwweb.nl
:scheme
https
:path
/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
nginx
date
Sun, 18 Oct 2020 08:39:53 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
JWSESSION=i2r875gjim766qeps48akr2pvhnf4qte; path=/; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate no-transform
pragma
no-cache
x-ua-compatible
IE=Edge
content-encoding
gzip
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?display=fallback&family=Roboto%3A400%2C700%2C400italic%2C700italic%7CQuestrial%3A400%2C700%2C400italic%2C700italic
Requested by
Host: r7idrystue.jouwweb.nl
URL: https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0283bac07498ba13bd3cb1c1552f33b56a4e151364c0999dad4632c5bbe908af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 18 Oct 2020 08:39:53 GMT
server
ESF
date
Sun, 18 Oct 2020 08:39:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 18 Oct 2020 08:39:53 GMT
styles.28bb2de681032e13b228.css
cdn.jwwb.nl/assets/website-rendering/ 		106 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jwwb.nl/assets/website-rendering/styles.28bb2de681032e13b228.css?bust=e73f8e1bc95fc60115e806a3cf5bf5db
Requested by
Host: r7idrystue.jouwweb.nl
URL: https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.151.89 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.151.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3e3bcf6d5bb7a86f02e5388599dff1c83766613558105ed22d2de77e23d79ba6

Request headers

Referer
https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 15:37:49 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1602587865
age
147724
x-guploader-uploadid
ABg5-UwWgW9NdbRVIyKrOIYbUsZNOpUb23DM5RDmCl2wdVSRJOl2diwVSMks0cZpxsQ60zvrMOEzkh6eWNolg9lu2t2l27tl7Q
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
18727
last-modified
Tue, 13 Oct 2020 11:18:06 GMT
server
UploadServer
etag
"5232b9355c4136c3730d98ed8ec13f8e"
vary
Accept-Encoding
x-goog-hash
crc32c=f86nYw==, md5=UjK5NVxBNsNzDZjtjsE/jg==
x-goog-generation
1602587886901244
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public,max-age=11232000
x-goog-stored-content-length
18727
accept-ranges
bytes
content-type
text/css
expires
Tue, 23 Feb 2021 15:37:49 GMT
website-rendering.css
cdn.jwwb.nl/assets/fonts/website-rendering/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jwwb.nl/assets/fonts/website-rendering/css/website-rendering.css?bust=4be919fd61ff8cec059b9f9204332f02
Requested by
Host: r7idrystue.jouwweb.nl
URL: https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.151.89 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.151.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a3ae7e60194f63e30a18e27bd1ec2c7c7d62006bd46c40d92938eb66cd5d2dae

Request headers

Referer
https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 15:37:49 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1600677296
age
147724
x-guploader-uploadid
ABg5-UxabHd8n81yYK-WBUyvIr9CajywJNM0sfD6_juuhUarEjcUtVHpbU5ioNBpwfh82rTnQXhtSDiaoY-d_tyzXFbhhPD0mA
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
1260
last-modified
Mon, 21 Sep 2020 08:35:16 GMT
server
UploadServer
etag
"638c2214f923b525bb990b26cb430758"
vary
Accept-Encoding
x-goog-hash
crc32c=y0YmYw==, md5=Y4wiFPkjtSW7mQsmy0MHWA==
x-goog-generation
1600677316557109
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public,max-age=11232000
x-goog-stored-content-length
1260
accept-ranges
bytes
content-type
text/css
expires
Tue, 23 Feb 2021 15:37:49 GMT
style.css
f.jwwb.nl/public/p/a/y/temp-unnamvefjjhiikxmasdb/ 		79 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f.jwwb.nl/public/p/a/y/temp-unnamvefjjhiikxmasdb/style.css?bust=1602999575
Requested by
Host: r7idrystue.jouwweb.nl
URL: https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.144.230 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
image-cdn.jouwtest.nl
Software
nginx/1.18.0 /
Resource Hash
9da97112506f4de86d486d08fa1a30e1a0421dbb5d187aa0214cdc63e3d2237b

Request headers

Referer
https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 08:39:53 GMT
content-encoding
gzip
last-modified
Sun, 18 Oct 2020 05:39:36 GMT
server
nginx/1.18.0
etag
W/"2b00937ca7a7556ef749d4a1c5ed0b31"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=315360000
x-cached
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
small.js
widgets.amung.us/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.amung.us/small.js
Requested by
Host: r7idrystue.jouwweb.nl
URL: https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0298a25db873588e37945ece2b90e9f573dda86bfc84ae9f3efb8c3fbdcbce84

Request headers

Referer
https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 08:39:53 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1577
status
200
cf-request-id
05dc768daf0000972a3ba26000000001
last-modified
Mon, 05 Oct 2020 15:47:16 GMT
server
cloudflare
etag
W/"5f7b4004-1ed7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
5e40f38f7c52972a-FRA
expires
Mon, 19 Oct 2020 08:13:36 GMT
/
jigunspunk-96.xyz/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jigunspunk-96.xyz/?api=1&lan=facebookapphk&ht=2
Requested by
Host: r7idrystue.jouwweb.nl
URL: https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6818:615f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.32
Resource Hash
ea0215a793e48d8955ae06be73eb99aff43ddbf0d8b9f3bf322aca303dde9b94

Request headers

Referer
https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 08:39:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.2.32
status
200
cf-request-id
05dc768e6000002c3e9b1a8000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603010394"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
x-turbo-charged-by
LiteSpeed
cf-ray
5e40f39099bb2c3e-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
119881575_180335270283099_2147672490261436954_n.jpg
scontent.fsti4-1.fna.fbcdn.net/v/t1.0-9/ 		21 B
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.fsti4-1.fna.fbcdn.net/v/t1.0-9/119881575_180335270283099_2147672490261436954_n.jpg?_nc_cat=110&_nc_sid=8024bb&_nc_ohc=XorCOnfD0v4AX_8C1Zl&_nc_ht=scontent.fsti4-1.fna&oh=3618e620f31947d9bafa3867cb408329&oe=5F88F6EC
Requested by
Host: r7idrystue.jouwweb.nl
URL: https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:1308:84:20:face:b00c:0:a7 , Dominican Republic, ASN6400 (Compania Dominicana de Telefonos S. A., DO),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

Referer
https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
403
date
Sun, 18 Oct 2020 08:39:53 GMT
server
proxygen-bolt
access-control-allow-origin
*
content-length
21
x-fb-config-version-flb-prod
584
content-type
text/plain
nl-NL.js
cdn.jwwb.nl/assets/build/website-rendering/ 		54 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jwwb.nl/assets/build/website-rendering/nl-NL.js?bust=3640d5a1d27002d3ad37f768b83f9312
Requested by
Host: r7idrystue.jouwweb.nl
URL: https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.151.89 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.151.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5ac7250968d2ff00d9db30d8f5f9f2e8c08265e72574c41cbf4f57fa32376912

Request headers

Referer
https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 15:38:43 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1601997345
age
147670
x-guploader-uploadid
ABg5-Uzfgg5DCOPsFjPH4QWSWtWA5i4V5JKXx0EHHao7moO_4zfiLHQZxeWMfIgG1A7NlwKk-KjQLZ5MsZg4g22E8W0XHVDpyQ
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
15179
last-modified
Tue, 06 Oct 2020 15:16:06 GMT
server
UploadServer
etag
"fa2858a343c5630c934d6302f4fb3803"
vary
Accept-Encoding
x-goog-hash
crc32c=cQtX3Q==, md5=+ihYo0PFYwyTTWMC9Ps4Aw==
x-goog-generation
1601997366918739
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public,max-age=11232000
x-goog-stored-content-length
15179
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 23 Feb 2021 15:38:43 GMT
manifest.c14461ee9970a8f51131.js
cdn.jwwb.nl/assets/website-rendering/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jwwb.nl/assets/website-rendering/manifest.c14461ee9970a8f51131.js?bust=67c65973b3eb9a416520b8373e316c59
Requested by
Host: r7idrystue.jouwweb.nl
URL: https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.151.89 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.151.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
45be4f65ef9a6c415f0f73860879be6692375964f9d5993b0cb700b8c6ed70f6

Request headers

Referer
https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 15:37:49 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1602082234
age
147724
x-guploader-uploadid
ABg5-Uw-mNTu1ZlXAP238wfLW4qNXOAgn2IdeNYEgBDjz-oW2WMBOnn_GPUF3-vW2KN8XUWgBg53Yox3b6dSVXz1Ekmitg7e1w
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
2293
last-modified
Wed, 07 Oct 2020 14:50:57 GMT
server
UploadServer
etag
"2688cc3634d6e96b8cb8159be5011bbe"
vary
Accept-Encoding
x-goog-hash
crc32c=tQnq/g==, md5=JojMNjTW6WuMuBWb5QEbvg==
x-goog-generation
1602082257654568
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public,max-age=11232000
x-goog-stored-content-length
2293
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 23 Feb 2021 15:37:49 GMT
vendors~main.35bc7bb4f9db15a818f0.js
cdn.jwwb.nl/assets/website-rendering/ 		484 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jwwb.nl/assets/website-rendering/vendors~main.35bc7bb4f9db15a818f0.js?bust=d418a6e210ccd21cb6857dd533849e87
Requested by
Host: r7idrystue.jouwweb.nl
URL: https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.151.89 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.151.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6404fbc320796f886179df2715cd080cda6dc0fdb62953002ffcc612609af41a

Request headers

Referer
https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 15:37:49 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1602847564
age
147724
x-guploader-uploadid
ABg5-Uyzm2CcT_ChitglcvXIGZlob3oQIU4oADUAjjF60hgRhCfnHMIJM1wWHX9pMuMSO6S7k2hjkBjZA8-QyQKvEaXgaZ5Kig
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
143589
last-modified
Fri, 16 Oct 2020 11:26:30 GMT
server
UploadServer
etag
"334eb236bb2fa44e3e790513fea98a14"
vary
Accept-Encoding
x-goog-hash
crc32c=y7NbwQ==, md5=M06yNrsvpE4+eQUT/qmKFA==
x-goog-generation
1602847590387198
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public,max-age=11232000
x-goog-stored-content-length
143589
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 23 Feb 2021 15:37:49 GMT
main.098a7293f5506a9e40e3.js
cdn.jwwb.nl/assets/website-rendering/ 		96 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jwwb.nl/assets/website-rendering/main.098a7293f5506a9e40e3.js?bust=1b27d0461c7652843f13564a2a8104f2
Requested by
Host: r7idrystue.jouwweb.nl
URL: https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.151.89 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.151.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
14a02f9f5d76df964fa050db0ab317c86f8244b704c37acd669edeb4ac5d83bf

Request headers

Referer
https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 15:37:49 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1602847564
age
147724
x-guploader-uploadid
ABg5-Uy1N3lcDuVUitfP0WpukT8jN4r88Vca_3JnKScnsRhMhFxn1GyCcIoD9e7Hf6iqY3MjeaOM1c3uyE2R3IkahPXl63hnrA
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
26945
last-modified
Fri, 16 Oct 2020 11:26:30 GMT
server
UploadServer
etag
"e0e97c88b42bc3c05b0b460a80974e98"
vary
Accept-Encoding
x-goog-hash
crc32c=Fz62aA==, md5=4Ol8iLQrw8BbC0YKgJdOmA==
x-goog-generation
1602847590340570
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public,max-age=11232000
x-goog-stored-content-length
26945
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 23 Feb 2021 15:37:49 GMT
1671878
www.jouwweb.nl/v2/unsafe-token/ 		61 B
409 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.jouwweb.nl/v2/unsafe-token/1671878
Requested by
Host: r7idrystue.jouwweb.nl
URL: https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.90.225.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
198.225.90.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
464a77d0885f0ad86740a1104880d62c295c008ed53b0b269dd5e6929d9b199e

Request headers

Referer
https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Oct 2020 08:39:53 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json; charset=utf-8
status
200
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, no-transform
x-robots-tag
noindex
x-ua-compatible
IE=Edge
QdVUSTchPBm7nuUeVf70viFluW44JQ.woff2
fonts.gstatic.com/s/questrial/v12/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/questrial/v12/QdVUSTchPBm7nuUeVf70viFluW44JQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=fallback&family=Roboto%3A400%2C700%2C400italic%2C700italic%7CQuestrial%3A400%2C700%2C400italic%2C700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8c0a7a26103f8ea912875c9144943241e7d33c3f544da46d76a6d71d3c234fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://r7idrystue.jouwweb.nl
Referer
https://fonts.googleapis.com/css?display=fallback&family=Roboto%3A400%2C700%2C400italic%2C700italic%7CQuestrial%3A400%2C700%2C400italic%2C700italic
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 14 Oct 2020 00:19:33 GMT
x-content-type-options
nosniff
last-modified
Thu, 24 Sep 2020 23:51:03 GMT
server
sffe
age
375620
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12944
x-xss-protection
0
expires
Thu, 14 Oct 2021 00:19:33 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=fallback&family=Roboto%3A400%2C700%2C400italic%2C700italic%7CQuestrial%3A400%2C700%2C400italic%2C700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://r7idrystue.jouwweb.nl
Referer
https://fonts.googleapis.com/css?display=fallback&family=Roboto%3A400%2C700%2C400italic%2C700italic%7CQuestrial%3A400%2C700%2C400italic%2C700italic
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 12 Oct 2020 09:05:23 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
516870
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Tue, 12 Oct 2021 09:05:23 GMT
vendors~photoswipe.ff78866049e7ba47ff4a.js
r7idrystue.jouwweb.nl/assets/website-rendering/ 		0
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://r7idrystue.jouwweb.nl/assets/website-rendering/vendors~photoswipe.ff78866049e7ba47ff4a.js
Requested by
Host: cdn.jwwb.nl
URL: https://cdn.jwwb.nl/assets/website-rendering/manifest.c14461ee9970a8f51131.js?bust=67c65973b3eb9a416520b8373e316c59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.204.150.5 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
5.150.204.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 08:39:53 GMT
content-encoding
gzip
last-modified
Fri, 16 Oct 2020 15:28:24 GMT
server
nginx
etag
W/"5f89bc18-a18a"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=11232000
service-worker-allowed
/
expires
Thu, 25 Feb 2021 08:39:53 GMT
photoswipe.b1de1cd217ac4d70e4c2.js
r7idrystue.jouwweb.nl/assets/website-rendering/ 		0
373 B 		Other
General
Check archive.org
Download Go to
Full URL
https://r7idrystue.jouwweb.nl/assets/website-rendering/photoswipe.b1de1cd217ac4d70e4c2.js
Requested by
Host: cdn.jwwb.nl
URL: https://cdn.jwwb.nl/assets/website-rendering/manifest.c14461ee9970a8f51131.js?bust=67c65973b3eb9a416520b8373e316c59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.204.150.5 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
5.150.204.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 08:39:53 GMT
last-modified
Fri, 16 Oct 2020 15:28:24 GMT
server
nginx
etag
"5f89bc18-96"
content-type
application/javascript
status
200
cache-control
max-age=11232000
accept-ranges
bytes
content-length
150
service-worker-allowed
/
expires
Thu, 25 Feb 2021 08:39:53 GMT
analytics.js
www.google-analytics.com/ 		45 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: r7idrystue.jouwweb.nl
URL: https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
5052
date
Sun, 18 Oct 2020 07:15:41 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Sun, 18 Oct 2020 09:15:41 GMT
/
whos.amung.us/pingjs/ 		31 B
147 B 		Script
General
Check archive.org
Download Go to
Full URL
https://whos.amung.us/pingjs/?k=00luka77z&t=VIDEO&c=s&x=https%3A%2F%2Fr7idrystue.jouwweb.nl%2F%3Ffbclid%3DIwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw%230.6570314004265712&y=&a=-1&d=0.468&v=27&r=2053
Requested by
Host: widgets.amung.us
URL: https://widgets.amung.us/small.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.202.94.86 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
amung.us
Software
/
Resource Hash
e5209d30bd58924ef89cea66e7fc8c71704f0fc651310342f59e1d5ca8952889

Request headers

Referer
https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sun, 18 Oct 2020 08:39:54 GMT
content-encoding
gzip
content-type
text/javascript;charset=UTF-8
collect
www.google-analytics.com/j/ 		2 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&aip=1&a=4309840&t=pageview&_s=1&dl=https%3A%2F%2Fr7idrystue.jouwweb.nl%2F%3Ffbclid%3DIwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw&dp=%2F&ul=en-us&de=UTF-8&dt=VIDEO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=683320645&gjid=106857565&cid=683949010.1603010394&tid=UA-8406245-4&_gid=9051646.1603010394&_r=1&_slc=1&cd1=not%20checked&cd2=&cd3=free&cd4=visitable&cd7=nl&cd5=1671878&z=428005401
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 18 Oct 2020 08:39:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://r7idrystue.jouwweb.nl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
jigunspunk-96.xyz/location/
Redirect Chain
  • https://jigunspunk-96.xyz/location
  • https://jigunspunk-96.xyz/location/
1 KB
526 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jigunspunk-96.xyz/location/
Requested by
Host: r7idrystue.jouwweb.nl
URL: https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6818:615f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.32
Resource Hash
93e4c97f0dce9fc2ca3daab9433b40c7c656eb3c42dd1b683e135f243b8ebfb6

Request headers

Referer
https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 08:39:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.2.32
status
200
cf-request-id
05dc768eed00002c3eab00a000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603010394"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
5e40f3917b9c2c3e-FRA
expires
Sun, 25 Oct 2020 08:39:53 GMT

Redirect headers

date
Sun, 18 Oct 2020 08:39:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
301
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603010394"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://jigunspunk-96.xyz/location/
x-turbo-charged-by
LiteSpeed
cf-ray
5e40f3912b082c3e-FRA
cf-request-id
05dc768ebd00002c3e71a05000000001
Facebook_Messenger_logo_2020.svg
upload.wikimedia.org/wikipedia/commons/b/be/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/b/be/Facebook_Messenger_logo_2020.svg
Requested by
Host: r7idrystue.jouwweb.nl
URL: https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
e42b2701c93e405f51ec8e02ded6f4e063593223640ae292d638640d163c4bd1
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Referer
https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 07:02:27 GMT
content-encoding
gzip
vary
Accept-Encoding
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
5847
x-cache-status
hit-front
x-cache
cp3061 hit, cp3063 hit/81
status
200
server-timing
cache;desc="hit-front"
content-length
590
x-client-ip
2a01:4f8:121:131a::2
x-object-meta-sha1base36
39qh6g7k251532kxi8i11ri0ewfnonm
last-modified
Fri, 16 Oct 2020 08:23:01 GMT
server
ATS/8.0.8
etag
W/2bbd15b24a446561ee20dee06b85d3ea
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/svg+xml
access-control-allow-origin
*
x-timestamp
1602836580.12986
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
truncated
/ 		954 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0cae74ee5bad20861dee4906df15d793b948297238f4da81c1b0d7adf3d25f38

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
00carne
whos.amung.us/widget/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://whos.amung.us/widget/00carne
Requested by
Host: r7idrystue.jouwweb.nl
URL: https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.202.94.86 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
amung.us
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
/
whos.amung.us/pingjs/ 		29 B
145 B 		Script
General
Check archive.org
Download Go to
Full URL
https://whos.amung.us/pingjs/?k=locos01&t=Facebook%20Videos&c=s&x=https%3A%2F%2Fr7idrystue.jouwweb.nl%2F%3Ffbclid%3DIwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw%230.7556411150291544&y=&a=-1&d=0.468&v=27&r=9663
Requested by
Host: widgets.amung.us
URL: https://widgets.amung.us/small.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.202.94.86 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
amung.us
Software
/
Resource Hash
c61ba0258629fe5405c682b2c4f258b395c11b5c2c375c68fb060cf5465857f4

Request headers

Referer
https://r7idrystue.jouwweb.nl/?fbclid=IwAR1zKpg3xaoqm8oaeMyNp8etStAJ_IFOP-fGfzrQIf52GNBo9PYYWk07exw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sun, 18 Oct 2020 08:39:54 GMT
content-encoding
gzip
content-type
text/javascript;charset=UTF-8
truncated
/ 		439 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| JOUWWEB string| google_analytics_uacct string| google_analytics_domain_name object| backgroundElement undefined| WAU_ren function| WAU_small function| WAU_small_request function| WAU_r_s function| WAU_insert function| WAU_legacy_b function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady object| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| applyFocusVisiblePolyfill object| Unsafe function| jQuery function| $ function| moment object| responsiveContainers function| jwReCaptchaLoaded object| cookieconsent string| GoogleAnalyticsObject function| ga boolean| IS_MOBILE number| limit_bot string| object string| type string| OUTPUT object| ___ object| params number| tt object| to_object string| a object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| __updateOrientation function| checking function| creatingInput function| searchingForms object| x string| x1 string| x2

5 Cookies

Domain/Path Name / Value
.r7idrystue.jouwweb.nl/ Name: _gid
Value: GA1.3.9051646.1603010394
r7idrystue.jouwweb.nl/ Name: JwUnsafe
Value: 0%7C1603010393
.r7idrystue.jouwweb.nl/ Name: _gat_jw38833143
Value: 1
.r7idrystue.jouwweb.nl/ Name: _ga
Value: GA1.3.683949010.1603010394
r7idrystue.jouwweb.nl/ Name: JWSESSION
Value: i2r875gjim766qeps48akr2pvhnf4qte

9 Console Messages

Source Level URL
Text
console-api log URL: https://jigunspunk-96.xyz/?api=1&lan=facebookapphk&ht=2(Line 71)
Message:
[object HTMLScriptElement]
console-api log URL: https://jigunspunk-96.xyz/?api=1&lan=facebookapphk&ht=2(Line 71)
Message:
[object HTMLScriptElement]
console-api log URL: https://jigunspunk-96.xyz/?api=1&lan=facebookapphk&ht=2(Line 71)
Message:
[object HTMLScriptElement]
console-api log URL: https://jigunspunk-96.xyz/?api=1&lan=facebookapphk&ht=2(Line 71)
Message:
[object HTMLScriptElement]
console-api log URL: https://jigunspunk-96.xyz/?api=1&lan=facebookapphk&ht=2(Line 71)
Message:
[object HTMLScriptElement]
console-api log URL: https://jigunspunk-96.xyz/?api=1&lan=facebookapphk&ht=2(Line 71)
Message:
[object HTMLScriptElement]
console-api log URL: https://jigunspunk-96.xyz/?api=1&lan=facebookapphk&ht=2(Line 71)
Message:
[object HTMLScriptElement]
console-api log URL: https://jigunspunk-96.xyz/?api=1&lan=facebookapphk&ht=2(Line 71)
Message:
[object HTMLScriptElement]
console-api log URL: https://jigunspunk-96.xyz/?api=1&lan=facebookapphk&ht=2(Line 71)
Message:
[object HTMLScriptElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jwwb.nl
f.jwwb.nl
fonts.googleapis.com
fonts.gstatic.com
jigunspunk-96.xyz
r7idrystue.jouwweb.nl
scontent.fsti4-1.fna.fbcdn.net
upload.wikimedia.org
whos.amung.us
widgets.amung.us
www.google-analytics.com
www.jouwweb.nl
136.144.144.230
2001:1308:84:20:face:b00c:0:a7
2606:4700:10::6816:4aab
2606:4700:3036::6818:615f
2620:0:862:ed1a::2:b
2a00:1450:4001:809::200e
2a00:1450:4001:81a::200a
2a00:1450:4001:825::2003
34.120.151.89
34.90.225.198
35.204.150.5
67.202.94.86
0283bac07498ba13bd3cb1c1552f33b56a4e151364c0999dad4632c5bbe908af
0298a25db873588e37945ece2b90e9f573dda86bfc84ae9f3efb8c3fbdcbce84
0cae74ee5bad20861dee4906df15d793b948297238f4da81c1b0d7adf3d25f38
14a02f9f5d76df964fa050db0ab317c86f8244b704c37acd669edeb4ac5d83bf
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
2c64413684b0b5d59462b82f6b8578dba1042f788eea4bc341a52fe70362323e
3e3bcf6d5bb7a86f02e5388599dff1c83766613558105ed22d2de77e23d79ba6
45be4f65ef9a6c415f0f73860879be6692375964f9d5993b0cb700b8c6ed70f6
464a77d0885f0ad86740a1104880d62c295c008ed53b0b269dd5e6929d9b199e
5ac7250968d2ff00d9db30d8f5f9f2e8c08265e72574c41cbf4f57fa32376912
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6404fbc320796f886179df2715cd080cda6dc0fdb62953002ffcc612609af41a
93e4c97f0dce9fc2ca3daab9433b40c7c656eb3c42dd1b683e135f243b8ebfb6
9da97112506f4de86d486d08fa1a30e1a0421dbb5d187aa0214cdc63e3d2237b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a3ae7e60194f63e30a18e27bd1ec2c7c7d62006bd46c40d92938eb66cd5d2dae
c61ba0258629fe5405c682b2c4f258b395c11b5c2c375c68fb060cf5465857f4
d8c0a7a26103f8ea912875c9144943241e7d33c3f544da46d76a6d71d3c234fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42b2701c93e405f51ec8e02ded6f4e063593223640ae292d638640d163c4bd1
e5209d30bd58924ef89cea66e7fc8c71704f0fc651310342f59e1d5ca8952889
ea0215a793e48d8955ae06be73eb99aff43ddbf0d8b9f3bf322aca303dde9b94
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac