urlscan.io logo urlscan.io
SecurityTrails logo

verdie.gierweb.nl Open in urlscan Pro
176.116.18.94  Public Scan

Go To Rescan Add Verdict Report
URL: https://verdie.gierweb.nl/
Submission: On September 15 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 9 domains to perform 18 HTTP transactions. The main IP is 176.116.18.94, located in Offenbach, Germany and belongs to SYNLINQ synlinq.de, DE. The main domain is verdie.gierweb.nl.
TLS certificate: Issued by R11 on September 15th 2024. Valid for: 3 months.
This is the only time verdie.gierweb.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 176.116.18.94 44486 (SYNLINQ s...)
2 2a00:1450:400... 15169 (GOOGLE)
6 188.114.96.3 13335 (CLOUDFLAR...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 172.240.108.68 7979 (SERVERS-COM)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 172.67.74.163 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
1 216.58.206.66 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 158.69.254.144 16276 (OVH)
18 10
2    176.116.18.94 (Offenbach, Germany)

ASN44486 (SYNLINQ synlinq.de, DE)
PTR: 94.18.116.176.in-addr.arpa
verdie.gierweb.nl
2    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3.bp.blogspot.com
6    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
gasakcdn.pages.dev
1    2a02:26f0:3500:f::1732:8317 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn-icons-png.flaticon.com
2    172.240.108.68 (United States)

ASN7979 (SERVERS-COM, US)
postponeclement.com
1    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
suggestqueries.google.com
1    172.67.74.163 (United States)

ASN13335 (CLOUDFLARENET, US)
picsum.photos
1    2a04:4e42:600::347 (United States)

ASN54113 (FASTLY, US)
fastly.picsum.photos
1    216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f2.1e100.net
pagead2.googlesyndication.com
1    2606:4700:10::ac42:8472 (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
1    158.69.254.144 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns548341.ip-158-69-254.net
s4.histats.com
Apex Domain
Subdomains		 Transfer
6 pages.dev
gasakcdn.pages.dev
4 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 11817
s4.histats.com — Cisco Umbrella Rank: 12004
5 KB
2 picsum.photos
picsum.photos — Cisco Umbrella Rank: 74194
fastly.picsum.photos — Cisco Umbrella Rank: 100184
208 KB
2 postponeclement.com
postponeclement.com
2 blogspot.com
3.bp.blogspot.com — Cisco Umbrella Rank: 19715
665 B
2 gierweb.nl
verdie.gierweb.nl
4 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
51 KB
1 google.com
suggestqueries.google.com — Cisco Umbrella Rank: 1741
800 B
1 flaticon.com
cdn-icons-png.flaticon.com — Cisco Umbrella Rank: 47316
15 KB
18 9
Domain Requested by
6 gasakcdn.pages.dev verdie.gierweb.nl
2 postponeclement.com gasakcdn.pages.dev
2 3.bp.blogspot.com verdie.gierweb.nl
2 verdie.gierweb.nl
1 s4.histats.com s10.histats.com
1 s10.histats.com verdie.gierweb.nl
1 pagead2.googlesyndication.com gasakcdn.pages.dev
1 fastly.picsum.photos verdie.gierweb.nl
1 picsum.photos 1 redirects
1 suggestqueries.google.com verdie.gierweb.nl
1 cdn-icons-png.flaticon.com verdie.gierweb.nl
18 11

This site contains no links.

Subject Issuer Validity Valid
verdie.gierweb.nl
R11		 2024-09-15 -
2024-12-14		 3 months crt.sh
misc-sni.blogspot.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
gasakcdn.pages.dev
Cloudflare Inc ECC CA-3		 2024-01-11 -
2024-12-31		 a year crt.sh
*.flaticon.com
E5		 2024-08-11 -
2024-11-09		 3 months crt.sh
postponeclement.com
R11		 2024-08-08 -
2024-11-06		 3 months crt.sh
*.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
s10.histats.com
WE1		 2024-08-07 -
2024-11-05		 3 months crt.sh
histats.com
R11		 2024-08-06 -
2024-11-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://verdie.gierweb.nl/
Frame ID: C55447BF041FD2E51DD73A1C8A0A5749
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

18
Requests

94 %
HTTPS

45 %
IPv6

9
Domains

11
Subdomains

10
IPs

4
Countries

287 kB
Transfer

400 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://picsum.photos/1920/1080?random=0.9706782604235011 HTTP 302
  • https://fastly.picsum.photos/id/969/1920/1080.jpg?hmac=RgqP6vqBQWFZMkao5c37hRxr0nE5oZmxULBRDD9EbEI

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
verdie.gierweb.nl/ 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://verdie.gierweb.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
176.116.18.94 Offenbach, Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS
94.18.116.176.in-addr.arpa
Software
nginx /
Resource Hash
0b182a1d511fa114b432a3b8d4ee409c1352c508c822702e66de0590916a3171
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
content-encoding
br
content-type
text/html
date
Sun, 15 Sep 2024 13:49:16 GMT
etag
W/"66e69a3d-2ed6"
last-modified
Sun, 15 Sep 2024 08:26:37 GMT
referrer-policy
same-origin
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
btn_close.gif
3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/ 		362 B
665 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif
Requested by
Host: verdie.gierweb.nl
URL: https://verdie.gierweb.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 10:45:07 GMT
x-content-type-options
nosniff
age
11049
content-disposition
inline;filename="btn_close.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
362
x-xss-protection
0
server
fife
etag
"v1764"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 16 Sep 2024 10:45:07 GMT
byup.js
gasakcdn.pages.dev/ 		279 B
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gasakcdn.pages.dev/byup.js
Requested by
Host: verdie.gierweb.nl
URL: https://verdie.gierweb.nl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db19427eb0006b02a888557a7bb7f9de977005d9a3ff6dd91ef3216fffafe6ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 13:49:16 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6f372cb7ac14004a8c06f006f5d2ea82"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BpghaNPwGD9dxhMYdShyoCxcX0cgEPRWiqxnX0B9RjFrj1699i04iajro7b3j7EteqYZajXBHMb%2BGELgVVE6XPxU%2FV2bFlIJtz3IazDMws6x43xbG2FChKoHntxJLmeO37V86c0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8c3914412d1f9195-FRA
alt-svc
h3=":443"; ma=86400
622669.png
cdn-icons-png.flaticon.com/512/622/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-icons-png.flaticon.com/512/622/622669.png
Requested by
Host: verdie.gierweb.nl
URL: https://verdie.gierweb.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:f::1732:8317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fde793e0a0a21d6aaf814f98dec48c574d92eaa3415015abc8263704423c8fcb

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 13:49:16 GMT
x-amz-meta-goog-reserved-file-mtime
1511248793
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
14434
pragma
public
last-modified
Tue, 19 Sep 2023 00:37:29 GMT
etag
"2aaa6f1be965eb98de80e55286525ff6"
vary
Accept-Encoding
x-goog-generation
1695083849653623
content-type
image/png
access-control-allow-origin
*
x-default-rule
YES
cache-control
public, max-age=31536000
x-goog-stored-content-length
14434
x-amz-checksum-crc32c
0EA8Rw==
accept-ranges
bytes
x-amz-meta-x-goog-reserved-source-generation
1634243770203978
expires
Sun, 15 Sep 2024 13:49:16 GMT
hobby.js
gasakcdn.pages.dev/ 		280 B
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gasakcdn.pages.dev/hobby.js
Requested by
Host: verdie.gierweb.nl
URL: https://verdie.gierweb.nl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa88659c378c03a7df112145a076d1d1c2946634b9010402e43ce139fb5ec70d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 13:49:16 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"afecea10cfb40e02fd8c8cee8547510b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gV5tvIqBkbH2LzER18TGhFw3RmhBShkVQp8wmkr2rnhJcv7QUZ0prABZBhqBHntY%2FKQsbjaeLAB0POGWPRQ0yJrk%2FaLQbUXznMLFshRMQ0cjizTemQBBvcwb75XtM9n3UbdDcmg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8c3914413d259195-FRA
alt-svc
h3=":443"; ma=86400
spare.js
gasakcdn.pages.dev/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gasakcdn.pages.dev/spare.js
Requested by
Host: verdie.gierweb.nl
URL: https://verdie.gierweb.nl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cd3b5667c63a7967a2206b47e38d637776f147b62373e21858834f333204c04
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 13:49:16 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3cfceaca3c5494f30f5085f4ad767a0b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RwhYcDu3T97IQ%2F5YOIsZohbwa%2Fw99KKbk7AVq5HJ4RtPYfV8lxAuf1UXMrZBEzTYDfPAZfb5OzNgpiDB18KywqOcAgBTXFvFQvknDNErdhdcH7vOPnlBAX24tPdWByjZY0F17Xw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8c3914413d219195-FRA
alt-svc
h3=":443"; ma=86400
extra.js
gasakcdn.pages.dev/ 		1 B
475 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gasakcdn.pages.dev/extra.js
Requested by
Host: verdie.gierweb.nl
URL: https://verdie.gierweb.nl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 13:49:16 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1d0ed781ac185aa16548c9ed7d74304f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BhGBdutmr1L48orUgdx%2BGBgzMF61NxnFzhi7J5kiQnroFdJRay8Ia39MRhFEnSxNMD3sJIpXNgZh56US9ZVGJgMHZUEQRcYDs2AswezF4vF%2BFDoyHdJj3ycHsjLsPZO6W9m%2FxW8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8c3914413d239195-FRA
alt-svc
h3=":443"; ma=86400
content-length
1
supp.js
gasakcdn.pages.dev/ 		1 B
513 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gasakcdn.pages.dev/supp.js
Requested by
Host: verdie.gierweb.nl
URL: https://verdie.gierweb.nl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 13:49:16 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1d0ed781ac185aa16548c9ed7d74304f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K13fwB0QbWgSCg5%2F162XO48%2FoVZVWNECvwQ60XShKatlv%2BLWIlPAn3elss%2FEKimSyQNBoELsvNEeZsMQKk0NCR32WkaSAHAv7aUhtVYNf9OW%2BxcZkdkBsdqvHp003OV7S2CW%2FFk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8c3914413d249195-FRA
alt-svc
h3=":443"; ma=86400
content-length
1
slight.js
gasakcdn.pages.dev/ 		1 B
479 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gasakcdn.pages.dev/slight.js
Requested by
Host: verdie.gierweb.nl
URL: https://verdie.gierweb.nl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 13:49:16 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1d0ed781ac185aa16548c9ed7d74304f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=smqLfXZXVqol%2FnSk1eNcdRE8Ty%2BoVMtXskHQd9il8lj%2Fa9OPC%2B%2Fu0zk3VPygEG5bfILYPQ%2BYaDpQJHN333uxIsMccu780puf5P7d4t%2FBkCKAObEWsoKY6C2JR0lPw2cO%2FNudUG8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8c3914413d229195-FRA
alt-svc
h3=":443"; ma=86400
content-length
1
invoke.js
postponeclement.com/9c436c4d1c753df3ce1c30907520c196/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://postponeclement.com/9c436c4d1c753df3ce1c30907520c196/invoke.js
Requested by
Host: gasakcdn.pages.dev
URL: https://gasakcdn.pages.dev/byup.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.68 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sun, 15 Sep 2024 13:49:16 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host
postponeclement.com
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
btn_close.gif
3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/ 		362 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif
Requested by
Host: verdie.gierweb.nl
URL: https://verdie.gierweb.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 10:45:07 GMT
x-content-type-options
nosniff
age
11049
content-disposition
inline;filename="btn_close.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
362
x-xss-protection
0
server
fife
etag
"v1764"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 16 Sep 2024 10:45:07 GMT
invoke.js
postponeclement.com/c160cb85beae5d49f08aeb93156fe646/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://postponeclement.com/c160cb85beae5d49f08aeb93156fe646/invoke.js
Requested by
Host: gasakcdn.pages.dev
URL: https://gasakcdn.pages.dev/hobby.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.68 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sun, 15 Sep 2024 13:49:17 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host
postponeclement.com
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
search
suggestqueries.google.com/complete/ 		20 B
800 B 		Script
General
Check archive.org
Download Go to
Full URL
https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=
Requested by
Host: verdie.gierweb.nl
URL: https://verdie.gierweb.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
5ffae3c0e627b6a2083d67639bfa32ecfe695671ee25f8e1315d2067a4e28df4
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-72DPyDyyo76ZvRuKRTXuaA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sun, 15 Sep 2024 13:49:17 GMT
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-72DPyDyyo76ZvRuKRTXuaA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
content-encoding
br
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
server
gws
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
permissions-policy
unload=()
expires
-1
1080.jpg
fastly.picsum.photos/id/969/1920/
Redirect Chain
  • https://picsum.photos/1920/1080?random=0.9706782604235011
  • https://fastly.picsum.photos/id/969/1920/1080.jpg?hmac=RgqP6vqBQWFZMkao5c37hRxr0nE5oZmxULBRDD9EbEI
208 KB
208 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fastly.picsum.photos/id/969/1920/1080.jpg?hmac=RgqP6vqBQWFZMkao5c37hRxr0nE5oZmxULBRDD9EbEI
Requested by
Host: verdie.gierweb.nl
URL: https://verdie.gierweb.nl/
Protocol
H2
Server
2a04:4e42:600::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e3665e1b8bd49e38695d7468d84e7238e65e171c23ee1e596e977ce32e4966

Request headers

Referer
https://verdie.gierweb.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

picsum-id
969
date
Sun, 15 Sep 2024 13:49:17 GMT
via
1.1 varnish
age
99233
x-cache
HIT
content-disposition
inline; filename="969-1920x1080.jpg"
content-length
212480
x-served-by
cache-mad22071-MAD
server
nginx
x-timer
S1726408158.518742,VS0,VE1
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0

Redirect headers

date
Sun, 15 Sep 2024 13:49:17 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7LwRjK8g%2BAqoLrHkBG0vuHiO4Gbr2UPoh2jk5HOLsmJU2HAsI%2BaLfp5%2BVWTIrd%2BYrQwyrYViT9MRTwHUUjO1xHZzdzXTWV8It9y0uonooSwYl%2FCPLVW%2BxmQkhG64Kh8%3D"}],"group":"cf-nel","max_age":604800}
location
https://fastly.picsum.photos/id/969/1920/1080.jpg?hmac=RgqP6vqBQWFZMkao5c37hRxr0nE5oZmxULBRDD9EbEI
cache-control
private, no-cache, no-store, must-revalidate
cf-ray
8c391446ed3b03ec-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
51 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: gasakcdn.pages.dev
URL: https://gasakcdn.pages.dev/spare.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
51e98e669cd5bf36cf327dd7f095ea09502f22313dc1c5f906a46453172a84d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 13:49:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52255
x-xss-protection
0
server
cafe
etag
14766804551986214038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 15 Sep 2024 13:49:17 GMT
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: verdie.gierweb.nl
URL: https://verdie.gierweb.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac42:8472 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 13:49:17 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
64471
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
8c391447ec65bb5f-FRA
content-length
4547
0.php
s4.histats.com/stats/ 		50 B
184 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4864650&@f16&@g1&@h1&@i1&@j1726408157478&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@tnl-NL&@u1600&@b1:82603654&@b3:1726408157&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fverdie.gierweb.nl%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
063f1e95c6c401e3c2bd30f5da470db8c7efb73649784bfa8b8b14d43d1c0c29

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 15 Sep 2024 13:49:17 GMT
Connection
close
Content-Length
50
Content-Type
text/html;charset=UTF-8
favicon.ico
verdie.gierweb.nl/ 		548 B
219 B 		Other
General
Check archive.org
Download Go to
Full URL
https://verdie.gierweb.nl/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
176.116.18.94 Offenbach, Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS
94.18.116.176.in-addr.arpa
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer
https://verdie.gierweb.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 13:49:18 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding
content-type
text/html

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| baseUrl function| toTitleCase object| atOptions function| autoRelated function| parseSpintax object| seco function| detectAdBlock object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues

7 Cookies

Domain/Path Name / Value
verdie.gierweb.nl/ Name: HstCfa4864650
Value: 1726408157478
verdie.gierweb.nl/ Name: HstCla4864650
Value: 1726408157478
verdie.gierweb.nl/ Name: HstCmu4864650
Value: 1726408157478
verdie.gierweb.nl/ Name: HstPn4864650
Value: 1
verdie.gierweb.nl/ Name: HstPt4864650
Value: 1
verdie.gierweb.nl/ Name: HstCnv4864650
Value: 1
verdie.gierweb.nl/ Name: HstCns4864650
Value: 1

9 Console Messages

Source Level URL
Text
javascript warning URL: https://gasakcdn.pages.dev/byup.js(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://postponeclement.com/9c436c4d1c753df3ce1c30907520c196/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://gasakcdn.pages.dev/byup.js(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://postponeclement.com/9c436c4d1c753df3ce1c30907520c196/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://postponeclement.com/9c436c4d1c753df3ce1c30907520c196/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://gasakcdn.pages.dev/hobby.js(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://postponeclement.com/c160cb85beae5d49f08aeb93156fe646/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://gasakcdn.pages.dev/hobby.js(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://postponeclement.com/c160cb85beae5d49f08aeb93156fe646/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://postponeclement.com/c160cb85beae5d49f08aeb93156fe646/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://verdie.gierweb.nl/(Line 283)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://verdie.gierweb.nl/(Line 283)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://verdie.gierweb.nl/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block