| 112assen.nl/wp-content/uploads/sites/7/2022/04/Depositphotos_371189856_L-1536x1018.jpg | 104.21.30.166 | | 277 kB |
URL 112assen.nl/wp-content/uploads/sites/7/2022/04/Depositphotos_371189856_L-1536x1018.jpg IP104.21.30.166:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", baseline, precision 8, 1536x1018, components 3 Size277 kB (276660 bytes) Hashbd75054b299fe4f46e074644595bb89c 0eb7da0790eeb70557498774d4f5783c388cde31 c334a95ccc6866546c93ea2f13aafc162e55deca7c60fd404e78c2f9aced9dc0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/sites/7/2022/04/Depositphotos_371189856_L-1536x1018.jpg HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:06 GMT
content-type: image/jpeg
content-length: 276660
last-modified: Mon, 25 Apr 2022 15:09:10 GMT
etag: "6266b996-438b4"
x-powered-by: PleskLin
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ENJD4G9R4v6cmgvgKzOFH19lXbecgojoVYgCMUHVapKeyNgoOMl06RDeHgbTRirL2adDRvheMvD%2FszfHY9dAKq%2FrGLJ9QzxF8U7S%2FC1W1A7d9ldRNrh9f0UkX9qlTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24642def56b9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 112assen.nl/dodenherdenking-4-mei-in-assen/ | 104.21.30.166 | 200 OK | 61 kB |
URL User Request GET HTTP/2112assen.nl/dodenherdenking-4-mei-in-assen/ IP104.21.30.166:443
CertificateIssuerGoogle Trust Services LLC Subject112assen.nl Fingerprint87:8B:2B:44:2A:C9:AA:00:BB:0B:DD:58:BD:63:BC:3A:9A:4D:11:4D ValiditySun, 07 Apr 2024 04:23:48 GMT - Sat, 06 Jul 2024 04:23:47 GMT
File typeHTML document, ASCII text, with very long lines (17962), with CRLF, LF line terminators Hash141c3c4f1a56aedc75982f3daf36e782 0bfc2ffcdf6e712a707ac992f0016d178c7f1032 6cb66d2e0d47af4091f8a46537497017a190b3d5c84325ed5e808543734f9334
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /dodenherdenking-4-mei-in-assen/ HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 11:55:06 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.2.18, PleskLin
cf-edge-cache: cache,platform=wordpress
x-tec-api-version: v1
x-tec-api-root: https://112assen.nl/wp-json/tribe/events/v1/
x-tec-api-origin: https://112assen.nl
x-cache-status: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dQtnYvi29ZYn%2BY7ZM%2F%2BBilvCiy0ZArHHk97%2BWTZSlNyIN%2BHBrW5%2FgnU%2Fk%2FcR1cvAx4ekxKJVeNDvkiHCrUKhxWZj%2Fe3bm5OopCN7miuD%2FPyJD9N7XyOwZMHKY3BBcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879e24604fc5b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 112assen.nl/wp-content/themes/112press/style.css | 104.21.30.166 | 200 OK | 84 kB |
URL GET HTTP/3112assen.nl/wp-content/themes/112press/style.css IP104.21.30.166:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject112assen.nl Fingerprint87:8B:2B:44:2A:C9:AA:00:BB:0B:DD:58:BD:63:BC:3A:9A:4D:11:4D ValiditySun, 07 Apr 2024 04:23:48 GMT - Sat, 06 Jul 2024 04:23:47 GMT
File typeUnicode text, UTF-8 text, with very long lines (18651), with no line terminators Hashcdb950de108abf357e3d5fff0a6d993e 101089730839654aab0ea2c9d2b134b25e1d4106 29718e18696937a85fc45a82da8eff9755a8cbd9ca6fdbd9740aa901cb806926
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/112press/style.css HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:06 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=23052
etag: W/"652fe393-5a0c"
last-modified: Wed, 18 Oct 2023 13:54:27 GMT
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2BxoMleKOjqa69rH6BUqyKXK7nCECOiTA8z0kVzFb6ZnAN79X87LFm5OS0tpIklJrbBjoAuADiPQzfeTPsJ7omYOA03T%2BjI2CyuvtF0UdYL8S0O5xr1M8aoMDdYGzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24641dd256b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 112assen.nl/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 | 104.21.30.166 | 200 OK | 15 kB |
URL GET HTTP/3112assen.nl/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 IP104.21.30.166:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject112assen.nl Fingerprint87:8B:2B:44:2A:C9:AA:00:BB:0B:DD:58:BD:63:BC:3A:9A:4D:11:4D ValiditySun, 07 Apr 2024 04:23:48 GMT - Sat, 06 Jul 2024 04:23:47 GMT
File typeASCII text, with very long lines (59701) Hash51a8390b47aa0582cf2d9c96c5addee2 b16a640874025d085c38119a1a02a3460f83f2de 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:06 GMT
content-type: text/css
last-modified: Wed, 03 Apr 2024 01:49:50 GMT
etag: W/"660cb5be-1bae5"
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aejCPBK0Jra4wIMFpgD8ZBaIr5wR0YdPPAe%2BSqg%2BOKX119K5qJm5V6Wt61WVnrS0DWeBGs09tI6hvE6H167wJ2wND9MfIa4ohnKTLm06iwSWkHdIqVTaGRi1qTp1wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24641dd356b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 112assen.nl/wp-content/plugins/user-submitted-posts/resources/usp.css?ver=20240319 | 104.21.30.166 | | 79 kB |
URL 112assen.nl/wp-content/plugins/user-submitted-posts/resources/usp.css?ver=20240319 IP104.21.30.166:0
File typeASCII text, with very long lines (12748), with no line terminators Hashd6c04897a5050855a4440fca691fe7e8 780afe9e79cadb781f089c6052576f2edc667f3c 55f90ed1e04462e6c8dc6554431a4ae367f485007e8c64c889c3b74bcb521c30
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/user-submitted-posts/resources/usp.css?ver=20240319 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:06 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=13404
etag: W/"660af274-345c"
last-modified: Mon, 01 Apr 2024 17:44:20 GMT
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2HolqpZ5Ls%2Fxq6loW%2FkdMr5FFN35pa2WR3kwm%2F0TtxvmAUf6Wk57fZ%2BG1BEoFyB%2BWJE0zYM2RFJd%2FyUFeeLE%2FetzRO6NgMrBQE%2B3ONudxfUFu2FMNFVC64smsKa%2BVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24642dde56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 112assen.nl/wp-content/uploads/sites/7/2022/10/112Assen.png | 104.21.30.166 | 200 OK | 5.3 kB |
URL GET HTTP/3112assen.nl/wp-content/uploads/sites/7/2022/10/112Assen.png IP104.21.30.166:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject112assen.nl Fingerprint87:8B:2B:44:2A:C9:AA:00:BB:0B:DD:58:BD:63:BC:3A:9A:4D:11:4D ValiditySun, 07 Apr 2024 04:23:48 GMT - Sat, 06 Jul 2024 04:23:47 GMT
File typePNG image data, 500 x 170, 8-bit colormap, non-interlaced Hash40ce7682078bdd063d5a8ec83ba0b77f 766e5cff9600723b801fcfa20aab404e7722f9a8 a9a2e755c2e436d769d5fdeca1bac92181fa2342f28c18177cc3903f601ff74c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/sites/7/2022/10/112Assen.png HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:06 GMT
content-type: image/png
content-length: 5319
last-modified: Mon, 31 Oct 2022 08:01:38 GMT
etag: "635f80e2-14c7"
x-powered-by: PleskLin
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VBnl%2F8ea3QtXGYYOO0obpIlABxY4%2B19RK7sYoAIpNj49scq9z%2BYs4I5ks9ioYM7tkflA2vpE4HMIfeXCQnDy38M%2Fcnm2rPYf2jIhZHndsAEzWzlbncCFFhX6Lk%2BgqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e2466284956b9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 112assen.nl/wp-content/uploads/sites/7/2021/08/cropped-cropped-112Press-32x32.jpg | 104.21.30.166 | 200 OK | 901 B |
URL GET HTTP/3112assen.nl/wp-content/uploads/sites/7/2021/08/cropped-cropped-112Press-32x32.jpg IP104.21.30.166:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject112assen.nl Fingerprint87:8B:2B:44:2A:C9:AA:00:BB:0B:DD:58:BD:63:BC:3A:9A:4D:11:4D ValiditySun, 07 Apr 2024 04:23:48 GMT - Sat, 06 Jul 2024 04:23:47 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", baseline, precision 8, 32x32, components 3 Hashefb9d66edf5c4385681da02bbbe20a35 f638ebd3d1d4acb29f740a01f1fdedee49070def 907e7bea1478a96b31bf9c99abf0d003b6420d1645ebf44886796a3194c43513
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/sites/7/2021/08/cropped-cropped-112Press-32x32.jpg HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:06 GMT
content-type: image/jpeg
content-length: 901
last-modified: Mon, 16 Aug 2021 21:58:45 GMT
etag: "611adf95-385"
x-powered-by: PleskLin
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=te5fjxbib5kj%2F4BAziZjH5OjKMOUz%2FESQ0vQ%2B21B41w8q%2B8EXgN1VT02Bs0RGiWwUiHmtHdp83ineUGqqsA3H4XNFVf%2BBNZgFVTUhkMDwmWGW1xo1PaZABWDZcLqEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e246759bb56b9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 112assen.nl/wp-content/plugins/wpdiscuz-widgets/assets/third-party/slick/slick.min.css?ver=7.0.8 | 104.21.30.166 | 200 OK | 2.6 kB |
URL GET HTTP/3112assen.nl/wp-content/plugins/wpdiscuz-widgets/assets/third-party/slick/slick.min.css?ver=7.0.8 IP104.21.30.166:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject112assen.nl Fingerprint87:8B:2B:44:2A:C9:AA:00:BB:0B:DD:58:BD:63:BC:3A:9A:4D:11:4D ValiditySun, 07 Apr 2024 04:23:48 GMT - Sat, 06 Jul 2024 04:23:47 GMT
File typeASCII text, with very long lines (1327), with no line terminators Hashda4e146913da6966d85a6b8686886edb 03a28dac9dfc6c33e6175c9c185911c56525d31b fb3ed351cd5c0f1f30f88778ee1f9b056598e6d25ac4fdcab1eebcd8be521cd9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/wpdiscuz-widgets/assets/third-party/slick/slick.min.css?ver=7.0.8 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:06 GMT
content-type: text/css
last-modified: Fri, 13 Aug 2021 12:12:43 GMT
etag: W/"611661bb-52f"
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9bE%2FD83elZSlJec7JCXd%2BRHOV8CqJsMUnUvt5ZMnTfSJOWMSbntOV0P4v7lGATqwbcyIvGT8jVxspn2VDf1KwNCOP4rrKZUuf6DeHvBUP4D5Ng291bN%2BkpSXeNp26A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24642de956b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 112assen.nl/cdn-cgi/challenge-platform/h/b/jsd/r/879e24604fc5b517 | 104.21.30.166 | 200 OK | 0 B |
URL POST HTTP/3112assen.nl/cdn-cgi/challenge-platform/h/b/jsd/r/879e24604fc5b517 IP104.21.30.166:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject112assen.nl Fingerprint87:8B:2B:44:2A:C9:AA:00:BB:0B:DD:58:BD:63:BC:3A:9A:4D:11:4D ValiditySun, 07 Apr 2024 04:23:48 GMT - Sat, 06 Jul 2024 04:23:47 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/jsd/r/879e24604fc5b517 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12174
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:06 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=YRzukmtU9nwfDHc.PPTQ7ARY0OBv2VWVuY.vdd2EbdQ-1714046106-1.0.1.1-F4mqBAjJbykrWkQ5erK1ysm8M7bE11gp5toRyQEkwvuPeOtGk81A.JkQ39sXbafcqPjGYsRPk5xdQYlaIHx9rw; path=/; expires=Fri, 25-Apr-25 11:55:06 GMT; domain=.112assen.nl; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tTlu7z%2FldI1q0RKR%2FGd%2By6sndQMnc73yChPEbe52nzMOVIzJnYLnT4NXQV06botJdKVyews97Y4EBTmqtmul402wvfXK5isIASbCfZS1m5hzBwuzqjefY%2BkI1SCERw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879e2467ca3d56b9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 112assen.nl/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.3 | 104.21.30.166 | | 7.4 kB |
URL 112assen.nl/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.3 IP104.21.30.166:0
File typeASCII text, with very long lines (2357), with no line terminators Hash2347acf2b1fa29cf046f967fc6ddfbad 6b91708be32e6833f04e50ea45c4000060b93a17 e2d4b7ac2cf724a064d15a4379ccca7a81c346dcb143f279d83a0e99f9563cc7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.3 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:06 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=2894
etag: W/"65fcf1c6-b4e"
last-modified: Fri, 22 Mar 2024 02:49:42 GMT
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iE69iWoAJ2JOkgBYyJIVgazZinuCgiZEfa0McdrcmCRkCbnkTMpp6HDueXqAOx48o0SFUTVwiRlNUYI29OoyfbhBTyXkeMEPVoV8Jh2RbjC%2BvYghDTm%2FE0piTNTbqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24641dd756b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| code.jquery.com/jquery-1.7.1.min.js | 151.101.194.137 | | 94 kB |
URL code.jquery.com/jquery-1.7.1.min.js IP151.101.194.137:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (32769) Hashddb84c1587287b2df08966081ef063bf 9eb9ac595e9b5544e2dc79fff7cd2d0b4b5ef71f 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
GET /jquery-1.7.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://systeem.online-banners.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: "28feccc0-16eac"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 25 Apr 2024 11:55:06 GMT
age: 29896
x-served-by: cache-lga21945-LGA, cache-hel1410022-HEL
x-cache: HIT, HIT
x-cache-hits: 25, 543
x-timer: S1714046107.909848,VS0,VE0
vary: Accept-Encoding
content-length: 93868
X-Firefox-Spdy: h2
|
|
| online-banners.nl/systeem/banners/0cliqi_groot.gif | 104.21.40.31 | 200 OK | 54 kB |
URL GET HTTP/2online-banners.nl/systeem/banners/0cliqi_groot.gif IP104.21.40.31:443
Requested byhttps://systeem.online-banners.nl/stramien.php?id=192 CertificateIssuerGoogle Trust Services LLC Subjectonline-banners.nl Fingerprint49:6C:01:04:0E:49:39:41:BB:48:4B:9F:8E:BB:6E:F8:48:F5:C6:92 ValidityWed, 06 Mar 2024 17:27:25 GMT - Tue, 04 Jun 2024 17:27:24 GMT
File typeGIF image data, version 89a, 1110 x 127 Hasheb9825146bfc269d383bfa0fe80bdabe 06995f0ec79a88fd4fba08815dca9c0adf89aa05 a3f312b632ec940ed7ec818181ced8e3f5999042f9a99cdc7506bcc96e7bf058
GET /systeem/banners/0cliqi_groot.gif HTTP/1.1
Host: online-banners.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://systeem.online-banners.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 11:55:06 GMT
content-type: image/gif
content-length: 53502
last-modified: Wed, 25 Aug 2021 07:24:26 GMT
cache-control: max-age=16070400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qRICfk1kZMXqspJ84Wle1zOLyF8YkNmka32FRIlf0Y4iiK40fC4jJlN2%2BHUBzbMLiL%2BeUnsgfpApLhSQ1wTzGoXwW31fPKGKgXefSfi%2F2eCnWvq2tjqAnmsX1VfsYAH%2BHuLm3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e2467ca96b50b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js?ver=6.5.2 | 142.250.74.74 | | 34 kB |
URL ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js?ver=6.5.2 IP142.250.74.74:0
File typeJavaScript source, ASCII text, with very long lines (32341) Hash8fc25e27d42774aeae6edbc0a18b72aa b66ed708717bf0b4a005a4d0113af8843ef3b8ff b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
GET /ajax/libs/jquery/1.11.0/jquery.min.js?ver=6.5.2 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 19 Apr 2024 01:56:59 GMT
expires: Sat, 19 Apr 2025 01:56:59 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 554297
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js?ver=6.2 | 142.250.74.74 | | 34 kB |
URL ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js?ver=6.2 IP142.250.74.74:0
File typeJavaScript source, ASCII text, with very long lines (32341) Hash8fc25e27d42774aeae6edbc0a18b72aa b66ed708717bf0b4a005a4d0113af8843ef3b8ff b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
GET /ajax/libs/jquery/1.11.0/jquery.min.js?ver=6.2 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 05:39:52 GMT
expires: Fri, 25 Apr 2025 05:39:52 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 22524
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-74R040FQ8P | 142.250.74.72 | | 100 kB |
URL www.googletagmanager.com/gtag/js?id=G-74R040FQ8P IP142.250.74.72:0
File typeJavaScript source, ASCII text, with very long lines (5945) Size100 kB (100202 bytes) Hash334c211f92811b0ef47a762a21b33105 1369766cb091436bf6bfad43783ef9649c45c425 ad635487b38cd02071c98014274bb0cc79986434594195ae7a4f8baa559926e2
GET /gtag/js?id=G-74R040FQ8P HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 11:55:16 GMT
expires: Thu, 25 Apr 2024 11:55:16 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100202
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cse.google.com/cse.js?cx=787679f714753a4b2 | 172.217.21.174 | | 3.0 kB |
URL cse.google.com/cse.js?cx=787679f714753a4b2 IP172.217.21.174:0
File typeJavaScript source, ASCII text, with very long lines (3170) Hash204b96072043e3a823353ff497daa1da a4d0f38ac465fdf9761956754262536c6102702d ee6fc5d1af0608ca8cc93953d56eeac3dfc56cb20a954d6a921453d108c67c5f
GET /cse.js?cx=787679f714753a4b2 HTTP/1.1
Host: cse.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-Kcdm6vEQBhh7gwQ_VVnXVQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Thu, 25 Apr 2024 11:55:17 GMT
server: gws
content-length: 3035
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 112assen.nl/wp-content/plugins/user-submitted-posts/resources/jquery.cookie.js?ver=20240319 | 104.21.30.166 | | 77 kB |
URL 112assen.nl/wp-content/plugins/user-submitted-posts/resources/jquery.cookie.js?ver=20240319 IP104.21.30.166:0
File typeJavaScript source, ASCII text, with very long lines (1496), with no line terminators Hash6ebe5cfc0b17fb2ccbde3f9aced83a60 b17a649544e5f0aacd1377c09594ae0b02f1fbca 753fec6a90f781aabb66c29d5f9868e9120d3d0d7f1f1dbeedef892306f752c6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/user-submitted-posts/resources/jquery.cookie.js?ver=20240319 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Cookie: cf_clearance=YRzukmtU9nwfDHc.PPTQ7ARY0OBv2VWVuY.vdd2EbdQ-1714046106-1.0.1.1-F4mqBAjJbykrWkQ5erK1ysm8M7bE11gp5toRyQEkwvuPeOtGk81A.JkQ39sXbafcqPjGYsRPk5xdQYlaIHx9rw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:16 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1499
etag: W/"660af274-5db"
last-modified: Mon, 01 Apr 2024 17:44:20 GMT
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2M09pH5DT1Bf4JNhC7XEQ2NDFrQnKZUKFxfRloQu7UiOiLVNC0La8bF90Ry3UrWt8eEsSG%2FJwe%2BxlHi6qmhne%2FoSUUgNB3iBzrs4JyncOLMbVE2NTlbSnND0R09snA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24a428d856b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| kit.fontawesome.com/5d401dde41.js | 172.64.147.188 | 200 OK | 84 kB |
URL GET HTTP/2kit.fontawesome.com/5d401dde41.js IP172.64.147.188:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerDigiCert Inc Subject*.fontawesome.com Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT
File typegzip compressed data, from Unix Hash37f02914b8f201041d42a7680b07e3b8 9b62396783f10fca9f9766a303385072c55cc733 1b1a8aee68a2dc9390db941c7cdfde9e00dc44dd38ba22e20687795c184aa242
GET /5d401dde41.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 11:55:17 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, stale-while-revalidate=30
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F8mD3LZ1k-xTfRcaHvlj
cf-cache-status: MISS
server: cloudflare
cf-ray: 879e24a7a8e756cc-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-WPTT9J6 | 142.250.74.72 | | 54 kB |
URL www.googletagmanager.com/gtm.js?id=GTM-WPTT9J6 IP142.250.74.72:0
File typeJavaScript source, ASCII text, with very long lines (12056) Hashee0e3ce73cd59d0ed24d3d6db89d7531 ddbb52fd90c4a1a2923bba15ed323651f54d05bf da7f33b3f1cb376c1c7bd04fbb0040f1aaf7154e624600e87279ea51de8b647a
GET /gtm.js?id=GTM-WPTT9J6 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 11:55:17 GMT
expires: Thu, 25 Apr 2024 11:55:17 GMT
cache-control: private, max-age=900
last-modified: Thu, 25 Apr 2024 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 53695
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 112assen.nl/wp-content/plugins/the-events-calendar/src/resources/js/views/manager.min.js?ver=6.3.7 | 104.21.30.166 | | 15 kB |
URL 112assen.nl/wp-content/plugins/the-events-calendar/src/resources/js/views/manager.min.js?ver=6.3.7 IP104.21.30.166:0
File typeJavaScript source, ASCII text, with very long lines (7510) Hashce4297bd05da8ae500a390796cd79d3d 9624c7db64e02922a997622db2ad7b425a5130c4 c69d6d956a86e0d89bfeaff333bfa205315a6a0dc19a142c88ae5642f9c180a3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/the-events-calendar/src/resources/js/views/manager.min.js?ver=6.3.7 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Cookie: cf_clearance=YRzukmtU9nwfDHc.PPTQ7ARY0OBv2VWVuY.vdd2EbdQ-1714046106-1.0.1.1-F4mqBAjJbykrWkQ5erK1ysm8M7bE11gp5toRyQEkwvuPeOtGk81A.JkQ39sXbafcqPjGYsRPk5xdQYlaIHx9rw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:16 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 01:49:43 GMT
etag: W/"6621cdb7-1ea0"
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X1AgFb3SGDomWVyZX3CzfNc%2FnddXotVVtYTpplmfXiaw%2F6N99xr7lkgH4N0El7U%2BfpuR6T5mwW2A1UQjoCQpTN4KKjjhRN%2FtKnOZXFRpFaomZeO%2FoGNk1ehh3y9a0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24a4893e56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=5d401dde41 | 172.67.139.119 | 200 OK | 4.2 kB |
URL GET HTTP/2ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=5d401dde41 IP172.67.139.119:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98 ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT
File typeASCII text, with very long lines (26500) Hash76f34b71fc9fb641507ff6a822cc07f5 73ed2f8f21cd40fb496e61306acbb5849d4dbff4 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
GET /releases/v5.15.4/css/free-v4-shims.min.css?token=5d401dde41 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://112assen.nl/
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 11:55:17 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UfDxWb0WlC_PLILWPKddOAIxBWBFnVHzHjf7rOu3nNH-lWKqXGBtRA==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AQneu2ADM7kc9WBtzuHbvX3N5iBNipXN27UUBSOzqf7bOx3fHlLdqdc2ldvRL0I8fRMj530PLElO8fK3gR06eHxj2wD4pc01McTazkEZTBwSKNDFS9jLd6NB8v8TTXB%2BBR2%2Fl5fEGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879e24a95e8c712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/a?id=GTM-WPTT9J6&v=3&t=t&pid=734998375&cv=7&rv=44o0&tc=5&es=1&e=gtm.init&eid=0&h=Ag&z=0 | 142.250.74.72 | | 0 B |
URL www.googletagmanager.com/a?id=GTM-WPTT9J6&v=3&t=t&pid=734998375&cv=7&rv=44o0&tc=5&es=1&e=gtm.init&eid=0&h=Ag&z=0 IP142.250.74.72:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a?id=GTM-WPTT9J6&v=3&t=t&pid=734998375&cv=7&rv=44o0&tc=5&es=1&e=gtm.init&eid=0&h=Ag&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:17 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/a?id=GTM-WPTT9J6&v=3&t=t&pid=734998375&cv=7&rv=44o0&tc=5&es=1&e=gtm.js&eid=1&h=Ag&tr=1html.1html.1html.5html&ti=1html.1html.1html.1html&z=0 | 142.250.74.72 | 200 OK | 0 B |
URL GET HTTP/3www.googletagmanager.com/a?id=GTM-WPTT9J6&v=3&t=t&pid=734998375&cv=7&rv=44o0&tc=5&es=1&e=gtm.js&eid=1&h=Ag&tr=1html.1html.1html.5html&ti=1html.1html.1html.1html&z=0 IP142.250.74.72:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a?id=GTM-WPTT9J6&v=3&t=t&pid=734998375&cv=7&rv=44o0&tc=5&es=1&e=gtm.js&eid=1&h=Ag&tr=1html.1html.1html.5html&ti=1html.1html.1html.1html&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:17 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 112assen.nl/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.9.3 | 104.21.30.166 | | 4.6 kB |
URL 112assen.nl/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.9.3 IP104.21.30.166:0
File typeASCII text, with very long lines (934), with no line terminators Hashec0187677793456f98473f49d9e9b95f 8c55e0f4a29865e871f3d54be8d480a0665891d9 df0ec8330290d184b1084527076cb87d41b33ba706ff5ab579d761f0cb6a744b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.9.3 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Cookie: cf_clearance=YRzukmtU9nwfDHc.PPTQ7ARY0OBv2VWVuY.vdd2EbdQ-1714046106-1.0.1.1-F4mqBAjJbykrWkQ5erK1ysm8M7bE11gp5toRyQEkwvuPeOtGk81A.JkQ39sXbafcqPjGYsRPk5xdQYlaIHx9rw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"65fcf1c6-3a6"
last-modified: Fri, 22 Mar 2024 02:49:42 GMT
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zEhLT%2BHyt%2B5zRRuTKuqTrldz8lfJRYCfGuF9waccFQ5Yi6VMQ2QXp4r2suuy2eXQj%2BOuAtPrTfyuJDBowRn%2Bc8b3QqzGmQaqhkIDy0tf9ka%2BtkHv85xwx55bR363Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24a4792756b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 112assen.nl/wp-content/themes/112press/_/js/prefixfree.min.js | 104.21.30.166 | 200 OK | 2.5 kB |
URL GET HTTP/3112assen.nl/wp-content/themes/112press/_/js/prefixfree.min.js IP104.21.30.166:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject112assen.nl Fingerprint87:8B:2B:44:2A:C9:AA:00:BB:0B:DD:58:BD:63:BC:3A:9A:4D:11:4D ValiditySun, 07 Apr 2024 04:23:48 GMT - Sat, 06 Jul 2024 04:23:47 GMT
File typeJavaScript source, ASCII text, with very long lines (6062) Hash6f8041e12856bd26716a46e43a77abae 5e1817c9e796b3839f839a4f80f6fc3b521c5626 ac6efc42d87b793ed5821ad64db4f2d5ceb9f17ece2130689773a394cd70d4b0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/112press/_/js/prefixfree.min.js HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Cookie: cf_clearance=YRzukmtU9nwfDHc.PPTQ7ARY0OBv2VWVuY.vdd2EbdQ-1714046106-1.0.1.1-F4mqBAjJbykrWkQ5erK1ysm8M7bE11gp5toRyQEkwvuPeOtGk81A.JkQ39sXbafcqPjGYsRPk5xdQYlaIHx9rw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:16 GMT
content-type: application/javascript
last-modified: Mon, 31 Oct 2022 07:54:02 GMT
etag: W/"635f7f1a-17fa"
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YM1cGWQYaRY6k48Jv73ulSUVGIR4MktJQ%2FbaqMf43he3wwq6b9Nuxoy1%2BvViGoLY3goVXtEkRkVab%2FN6qwwHOVWmi8jgaKDH9DmrfXnGKyvvo1BFQh7xqOTYVU8CWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24a408b856b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.google.com/recaptcha/api.js?render=6LdEBRAcAAAAAC1DyQBCamf_PTVEJDX12JEPr1-Q&ver=3.0 | 142.250.74.164 | | 101 kB |
URL www.google.com/recaptcha/api.js?render=6LdEBRAcAAAAAC1DyQBCamf_PTVEJDX12JEPr1-Q&ver=3.0 IP142.250.74.164:0
Size101 kB (100777 bytes) Hashf378561dca1356aa1b9d4f94314d2c9a be0a4e29933b6c35b89d81e9c195a11e6e63422a a73683bb10db373b63f5e6f8bf001a0be2c652ebbe0fa8a0fe429353d62b21e3
GET /recaptcha/api.js?render=6LdEBRAcAAAAAC1DyQBCamf_PTVEJDX12JEPr1-Q&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Thu, 25 Apr 2024 11:55:16 GMT
date: Thu, 25 Apr 2024 11:55:16 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 112assen.nl/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16 | 104.21.30.166 | | 1.8 kB |
URL 112assen.nl/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16 IP104.21.30.166:0
File typeASCII text, with very long lines (1604), with no line terminators Hash2a489d28e2fc2088b3fe0bcda8417525 af48dd19c11ceac12d2473b2b8e216da9d9d432c c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Cookie: cf_clearance=YRzukmtU9nwfDHc.PPTQ7ARY0OBv2VWVuY.vdd2EbdQ-1714046106-1.0.1.1-F4mqBAjJbykrWkQ5erK1ysm8M7bE11gp5toRyQEkwvuPeOtGk81A.JkQ39sXbafcqPjGYsRPk5xdQYlaIHx9rw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:17 GMT
content-type: text/css
last-modified: Sat, 20 Apr 2024 16:42:28 GMT
etag: W/"6623f074-644"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 11
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=14UqAkqVnnFkKCO8AnZDkO8BSZpg%2FafeMEFYLjbUwtSDy9nLctxnaTEEEK0QAGYPwo9ePvWiT1TH88uJ5GDGx9dGpDaTLTxAGNcbx99ktMvloHxXxWr5qyZRoE3CrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24a77c0f56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.google.com/cse/static/element/8435450f13508ca1/default+nl.css | 142.250.74.164 | | 9.1 kB |
URL www.google.com/cse/static/element/8435450f13508ca1/default+nl.css IP142.250.74.164:0
Hashbaccb7180fe061b63ed061ec10c3b0c8 bfb31590ba6e758eb8f25735b564d7e4a0919025 a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
GET /cse/static/element/8435450f13508ca1/default+nl.css HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 9068
date: Thu, 25 Apr 2024 11:55:17 GMT
expires: Thu, 25 Apr 2024 11:55:17 GMT
cache-control: private, max-age=31536000
last-modified: Wed, 10 Jan 2024 16:43:07 GMT
x-content-type-options: nosniff
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 112assen.nl/wp-content/plugins/the-events-calendar/src/resources/js/views/breakpoints.min.js?ver=6.3.7 | 104.21.30.166 | | 1.8 kB |
URL 112assen.nl/wp-content/plugins/the-events-calendar/src/resources/js/views/breakpoints.min.js?ver=6.3.7 IP104.21.30.166:0
File typeJavaScript source, ASCII text, with very long lines (2041) Hashc702663276f24df37591a35b3a350854 c3ba9320c62c4260e1425116a17960291ddc9a06 2692203cd28584290fc56c0d1c8021b415b0993a8e6c34922efbe33bb2271125
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/the-events-calendar/src/resources/js/views/breakpoints.min.js?ver=6.3.7 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Cookie: cf_clearance=YRzukmtU9nwfDHc.PPTQ7ARY0OBv2VWVuY.vdd2EbdQ-1714046106-1.0.1.1-F4mqBAjJbykrWkQ5erK1ysm8M7bE11gp5toRyQEkwvuPeOtGk81A.JkQ39sXbafcqPjGYsRPk5xdQYlaIHx9rw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:16 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 01:49:43 GMT
etag: W/"6621cdb7-943"
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xPGZ1bkJhXhALHFOUwoWEJp9rbzYcoX0SQ6NHdUWc3FBas5UAqeW4ZZDfAPeNTjdpikn53X0R%2FEPT3ZbHhWZg5jBzf7ey%2BJe21xIx6flTLGINga1x8O7MFTm6aAjkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24a4793056b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 112assen.nl/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.3 | 104.21.30.166 | | 214 kB |
URL 112assen.nl/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.3 IP104.21.30.166:0
File typeJavaScript source, ASCII text, with very long lines (11513), with no line terminators Size214 kB (213706 bytes) Hashefc27e253fae1b7b891fb5a40e687768 ad12044651ffac0badcd0e42f32edef91678b1ff 46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.3 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Cookie: cf_clearance=YRzukmtU9nwfDHc.PPTQ7ARY0OBv2VWVuY.vdd2EbdQ-1714046106-1.0.1.1-F4mqBAjJbykrWkQ5erK1ysm8M7bE11gp5toRyQEkwvuPeOtGk81A.JkQ39sXbafcqPjGYsRPk5xdQYlaIHx9rw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"65fcf1c6-2cf9"
last-modified: Fri, 22 Mar 2024 02:49:42 GMT
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ktl9j4NtpUWA%2FqnVR23skt8hjcfVjULzbHK6i5qfiB%2BvjmLDFpKb26Oyl4bwpLj2wrWCkcACSj0WqoP8A7wrv7RsySQeMgiJCQ9iyg3TyCGYHpU5jObfnA2xwp0AoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24a438ea56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 112assen.nl/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 | 104.21.30.166 | | 122 kB |
URL 112assen.nl/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 IP104.21.30.166:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (38582), with no line terminators Size122 kB (122518 bytes) Hash92f8c01350c630f414f5d0b015ad6864 eab40ab4e77f92f2fb17684aaf44b579a51b8034 17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Cookie: cf_clearance=YRzukmtU9nwfDHc.PPTQ7ARY0OBv2VWVuY.vdd2EbdQ-1714046106-1.0.1.1-F4mqBAjJbykrWkQ5erK1ysm8M7bE11gp5toRyQEkwvuPeOtGk81A.JkQ39sXbafcqPjGYsRPk5xdQYlaIHx9rw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:16 GMT
content-type: application/javascript
last-modified: Wed, 03 Apr 2024 01:49:50 GMT
etag: W/"660cb5be-96be"
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zn1o5WLg1MGx0Fsylmuros%2F01MEeVjbf3RvMoComLX5jdP9OXk%2FsDHvMy3cRLBeFlFbo%2F5HfB%2Ba%2Fcwvl7JpDP9%2BC6%2FbmtHoLacUnAPoJBlyHugdPqKDgEoAOsCDOag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24a4792656b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-74R040FQ8P&cid=828244286.1714046118>m=45je44o0v883496993za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=591656459 | 142.250.74.163 | | 42 B |
URL www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-74R040FQ8P&cid=828244286.1714046118>m=45je44o0v883496993za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=591656459 IP142.250.74.163:0
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-74R040FQ8P&cid=828244286.1714046118>m=45je44o0v883496993za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=591656459 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 25 Apr 2024 11:55:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 112assen.nl/wp-content/plugins/perfmatters/js/lazyload.min.js?ver=2.1.8 | 104.21.30.166 | 200 OK | 3.3 kB |
URL GET HTTP/3112assen.nl/wp-content/plugins/perfmatters/js/lazyload.min.js?ver=2.1.8 IP104.21.30.166:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject112assen.nl Fingerprint87:8B:2B:44:2A:C9:AA:00:BB:0B:DD:58:BD:63:BC:3A:9A:4D:11:4D ValiditySun, 07 Apr 2024 04:23:48 GMT - Sat, 06 Jul 2024 04:23:47 GMT
File typeJavaScript source, ASCII text, with very long lines (9355), with no line terminators Hashb4edcd1be13b85ed07b019a0158233f5 410d4f063b36cbd908c7733272cc3b9ef615e9e0 58c8e6e0ae274de20ed5f0c47f704de948659e6b8595df77e3e0c2875718d9ef
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/perfmatters/js/lazyload.min.js?ver=2.1.8 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:06 GMT
content-type: application/javascript
last-modified: Tue, 17 Oct 2023 10:33:56 GMT
etag: W/"652e6314-248b"
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zPOx4AuyD4B6SJG7X1iJAFkvOKXvM227GDi0Nnz%2FNR0h%2F4MHt0ztnEuljRPasvvV0%2B7JXzV3oQN01gR6D8OPIwXLsGPYu9DbxONu73dPnh%2F6mc2YVERKTYT3LnpA9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24643e1656b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| vpaid.vidoomy.com/player/latest/vidoomy-player.js | 185.76.9.25 | | 155 kB |
URL vpaid.vidoomy.com/player/latest/vidoomy-player.js IP185.76.9.25:0 ASN#60068 Datacamp Limited
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size155 kB (154755 bytes) Hash9d87991887aef162c434c42afcb47b13 f08ce5dd16e609ccb4ee56cab3b52190f1b5615e e01db331a7ef3904f44b7eeec3924c2cbc2a069e84c654d1aefbe4309611cb69
GET /player/latest/vidoomy-player.js HTTP/1.1
Host: vpaid.vidoomy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 11:55:18 GMT
content-type: text/plain
vary: Accept-Encoding
last-modified: Fri, 12 Apr 2024 13:25:18 GMT
x-rgw-object-type: Normal
etag: W/"8855ea21504e39731dc0d8faaa040af2"
x-amz-meta-s3cmd-attrs: atime:1712928317/ctime:1712928317/gid:114/gname:jenkins/md5:8855ea21504e39731dc0d8faaa040af2/mode:33188/mtime:1712928317/uid:108/uname:jenkins
x-amz-storage-class: STANDARD
x-amz-request-id: tx0000096fcb8797775e609-00661939a5-2bc58ec-prg
x-77-nzt: BLlMCRQ3Nzf/+isAALlMChM3Nzf/BQ0BACUTwjQ3Nzf/7BcAAFm7vKaPco8A
x-77-nzt-ray: af585630790b3816a6442a66dfe7a803
content-encoding: gzip
x-accel-expires: @1715002791
x-accel-date: 1714034860
x-77-cache: HIT
x-77-age: 11258
access-control-allow-credentials: true
server: CDN77-Turbo
x-cache: HIT
x-age: 11258
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js | 142.250.74.35 | 200 OK | 206 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js IP142.250.74.35:443
Requested byhttps://www.google.com/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeJavaScript source, ASCII text, with very long lines (631) Size206 kB (205803 bytes) Hashe2e79d6b927169d9e0e57e3baecc0993 1299473950b2999ba0b7f39bd5e4a60eafd1819d 231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b
GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 20:51:00 GMT
expires: Thu, 24 Apr 2025 20:51:00 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 54258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.131 | | 48 kB |
URL GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.131:0
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 08:04:32 GMT
expires: Wed, 23 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 186646
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.131 | | 48 kB |
URL GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.131:0
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 08:04:32 GMT
expires: Wed, 23 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 186646
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 | 142.250.74.131 | | 128 kB |
URL fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 IP142.250.74.131:0
File typeWeb Open Font Format (Version 2), TrueType, length 128352, version 1.0 Size128 kB (128352 bytes) Hash53436aca8627a49f4deaaa44dc9e3c05 0bc0c675480d94ec7e8609dda6227f88c5d08d2c 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
GET /s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 19 Apr 2024 11:06:05 GMT
expires: Sat, 19 Apr 2025 11:06:05 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
content-type: font/woff2
age: 521353
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-74R040FQ8P>m=45je44o0v883496993za200&_p=1714046116489&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=828244286.1714046118&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714046117&sct=1&seg=0&dl=https%3A%2F%2F112assen.nl%2Fdodenherdenking-4-mei-in-assen%2F&dt=Dodenherdenking%204%20mei%20in%20Assen&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=12041 | 216.239.32.36 | | 0 B |
URL region1.analytics.google.com/g/collect?v=2&tid=G-74R040FQ8P>m=45je44o0v883496993za200&_p=1714046116489&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=828244286.1714046118&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714046117&sct=1&seg=0&dl=https%3A%2F%2F112assen.nl%2Fdodenherdenking-4-mei-in-assen%2F&dt=Dodenherdenking%204%20mei%20in%20Assen&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=12041 IP216.239.32.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-74R040FQ8P>m=45je44o0v883496993za200&_p=1714046116489&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=828244286.1714046118&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714046117&sct=1&seg=0&dl=https%3A%2F%2F112assen.nl%2Fdodenherdenking-4-mei-in-assen%2F&dt=Dodenherdenking%204%20mei%20in%20Assen&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=12041 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://112assen.nl
date: Thu, 25 Apr 2024 11:55:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.131 | 200 OK | 15 kB |
URL GET HTTP/3fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.131:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdEBRAcAAAAAC1DyQBCamf_PTVEJDX12JEPr1-Q&co=aHR0cHM6Ly8xMTJhc3Nlbi5ubDo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=1vaw0uih6rq2 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0 Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 06:43:51 GMT
expires: Wed, 23 Apr 2025 06:43:51 GMT
cache-control: public, max-age=31536000
age: 191487
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 112assen.nl/wp-content/plugins/the-events-calendar/common/src/resources/js/underscore-before.js | 104.21.30.166 | 200 OK | 17 kB |
URL GET HTTP/3112assen.nl/wp-content/plugins/the-events-calendar/common/src/resources/js/underscore-before.js IP104.21.30.166:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject112assen.nl Fingerprint87:8B:2B:44:2A:C9:AA:00:BB:0B:DD:58:BD:63:BC:3A:9A:4D:11:4D ValiditySun, 07 Apr 2024 04:23:48 GMT - Sat, 06 Jul 2024 04:23:47 GMT
File typeJavaScript source, ASCII text Hashe55c07471d8cbffac6ff39f0a6fefaef 3217a7ab02e4fa5593d384a18a0b521e8776bafd b49afbda53cb80ad17ca11665ba1884b11721ca9cadd0c407dfdc48773cfb635
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/the-events-calendar/common/src/resources/js/underscore-before.js HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Cookie: cf_clearance=YRzukmtU9nwfDHc.PPTQ7ARY0OBv2VWVuY.vdd2EbdQ-1714046106-1.0.1.1-F4mqBAjJbykrWkQ5erK1ysm8M7bE11gp5toRyQEkwvuPeOtGk81A.JkQ39sXbafcqPjGYsRPk5xdQYlaIHx9rw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:16 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1278
etag: W/"6621cdb7-4fe"
last-modified: Fri, 19 Apr 2024 01:49:43 GMT
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0lxhwfZS2hNTWY5HlMRu3su5jqwATYMerYZOq7EbL20%2BWnELPvT76X0fElBhZtAYmBqo6A7gXN6ensTBwsMPjLISiRGB2Msh%2B4CdPv7f0dkOfsNjkJlAPqAqxyetyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24a4792c56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 112assen.nl/wp-content/plugins/simple-weather/js/moment.min.js | 104.21.30.166 | | 25 kB |
URL 112assen.nl/wp-content/plugins/simple-weather/js/moment.min.js IP104.21.30.166:0
File typeJavaScript source, ASCII text, with very long lines (32013) Hashaeb7908241d9f6d5a45e504cc4f2ec15 32fdf6730be34538e09378ec6cc55229d9a70151 d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/simple-weather/js/moment.min.js HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Cookie: cf_clearance=YRzukmtU9nwfDHc.PPTQ7ARY0OBv2VWVuY.vdd2EbdQ-1714046106-1.0.1.1-F4mqBAjJbykrWkQ5erK1ysm8M7bE11gp5toRyQEkwvuPeOtGk81A.JkQ39sXbafcqPjGYsRPk5xdQYlaIHx9rw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:16 GMT
content-type: application/javascript
last-modified: Fri, 13 Aug 2021 13:19:49 GMT
etag: W/"61167175-c909"
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2B37P%2FKB52YN8y8g5g%2BBth9R342fef0z30VI6YnOrOUgOx1KYuqOpBkxzztzJGgVVmaZH4RuR%2Ff4kfX9oSTfG66iMrrYTA660Vz0IiEs3JrIu%2Bw%2BXKSRWomPktr4Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24a4590456b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/recaptcha/api2/logo_48.png | 142.250.74.35 | 200 OK | 2.2 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/api2/logo_48.png IP142.250.74.35:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdEBRAcAAAAAC1DyQBCamf_PTVEJDX12JEPr1-Q&co=aHR0cHM6Ly8xMTJhc3Nlbi5ubDo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=1vaw0uih6rq2 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashef9941290c50cd3866e2ba6b793f010d 4736508c795667dcea21f8d864233031223b7832 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:54:07 GMT
expires: Thu, 02 May 2024 02:54:07 GMT
cache-control: public, max-age=604800
age: 32471
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fundingchoicesmessages.google.com/el/AGSKWxUN4yV8cdYNTV_9HfqjMOCdZQmwHmatMuGZ2LrzMPWAby4WHmxZCWwm97Uu5RYp1zhJe7fu8rN8GFXq1Xg6Edt0fmM4y0f4ldE1-OiFd6nL95GD4BlzzYYz0eVlCKXbn_dM9GzSww== | 216.58.211.14 | | 0 B |
URL fundingchoicesmessages.google.com/el/AGSKWxUN4yV8cdYNTV_9HfqjMOCdZQmwHmatMuGZ2LrzMPWAby4WHmxZCWwm97Uu5RYp1zhJe7fu8rN8GFXq1Xg6Edt0fmM4y0f4ldE1-OiFd6nL95GD4BlzzYYz0eVlCKXbn_dM9GzSww== IP216.58.211.14:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /el/AGSKWxUN4yV8cdYNTV_9HfqjMOCdZQmwHmatMuGZ2LrzMPWAby4WHmxZCWwm97Uu5RYp1zhJe7fu8rN8GFXq1Xg6Edt0fmM4y0f4ldE1-OiFd6nL95GD4BlzzYYz0eVlCKXbn_dM9GzSww== HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 169
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=utf-8
access-control-allow-methods: POST, GET, OPTIONS
access-control-max-age: 86400
access-control-allow-origin: https://112assen.nl
access-control-allow-credentials: true
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 25 Apr 2024 11:55:18 GMT
content-security-policy: script-src 'nonce-yGe_769fp4XvBS0zHQY4sA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1ZBiqGV4xtQKxE7pM1hDgFiIh2NZ58qNbAITLtybxAQAw8sMBw"
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 112assen.nl/wp-json/simple-weather/v1/get_weather/ | 104.21.30.166 | | 2.3 kB |
URL 112assen.nl/wp-json/simple-weather/v1/get_weather/ IP104.21.30.166:0
Hashaee7a79918f51e705ddf0b34bffc31fd 9732e1b7736b1eb75d9e14f682d9b90bfe48d6a0 07cc14893003c0bc74f72ab841ffdacf5dd8cb203fdeb723dd622c1b23b3b41a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /wp-json/simple-weather/v1/get_weather/ HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 262
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Cookie: cf_clearance=YRzukmtU9nwfDHc.PPTQ7ARY0OBv2VWVuY.vdd2EbdQ-1714046106-1.0.1.1-F4mqBAjJbykrWkQ5erK1ysm8M7bE11gp5toRyQEkwvuPeOtGk81A.JkQ39sXbafcqPjGYsRPk5xdQYlaIHx9rw; _ga_74R040FQ8P=GS1.1.1714046117.1.0.1714046117.60.0.0; _ga=GA1.1.828244286.1714046118
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:18 GMT
content-type: application/json; charset=UTF-8
x-powered-by: PHP/8.2.18, PleskLin
cf-edge-cache: cache,platform=wordpress
x-robots-tag: noindex
link: <https://112assen.nl/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: POST
access-control-allow-origin: https://112assen.nl
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
access-control-allow-credentials: true
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cmu3WmY0rpkr0wIfS8B587sXbfflrr7%2FP52V7fNf1ugLUe%2BX5AzHJqRB%2FM64%2FrI0aOKyz4HModLV2znmv9HV1Mw7B8y3diT4U1Xh7w%2BXd4HgPUOmnWxQy3uLscwDqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879e24af6c3d56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 112assen.nl/wp-content/plugins/user-submitted-posts/resources/jquery.parsley.min.js?ver=20240319 | 104.21.30.166 | | 206 kB |
URL 112assen.nl/wp-content/plugins/user-submitted-posts/resources/jquery.parsley.min.js?ver=20240319 IP104.21.30.166:0
File typegzip compressed data, max compression Size206 kB (205803 bytes) Hasha484f2f3418f65b8214cbcd3e4a31057 5c002c51b67db40f88b6895a5d5caa67608a65ce 79cbe928773386d07f0127f256f383debed5ccea5ff230465bf46ec7c87319d6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/user-submitted-posts/resources/jquery.parsley.min.js?ver=20240319 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Cookie: cf_clearance=YRzukmtU9nwfDHc.PPTQ7ARY0OBv2VWVuY.vdd2EbdQ-1714046106-1.0.1.1-F4mqBAjJbykrWkQ5erK1ysm8M7bE11gp5toRyQEkwvuPeOtGk81A.JkQ39sXbafcqPjGYsRPk5xdQYlaIHx9rw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:16 GMT
content-type: application/javascript
last-modified: Mon, 01 Apr 2024 17:44:20 GMT
etag: W/"660af274-a7a2"
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tq0%2FFt8nzrzXY7RfQ3X3oMotOEKwYoDw3Wmu3BJlIdHWWLaNduOdNCAnsc%2FTDxxoJR%2Bu02WYSGwhx80JxtEKXxSXrUzhIkfhDAjRIICyXfpgWPdBYXvF4DkLTd41cg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24a428da56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 112assen.nl/wp-content/plugins/simple-weather/font/weathericons-regular-webfont.woff2 | 104.21.30.166 | | 45 kB |
URL 112assen.nl/wp-content/plugins/simple-weather/font/weathericons-regular-webfont.woff2 IP104.21.30.166:0
File typeWeb Open Font Format (Version 2), TrueType, length 44720, version 1.6553 Hash1cd48d78f06d33973d9d761d426e69bf 718dd740e8340888352129e592fed085409e891e 9327647771c09df82095dba3591c77cca41a9cedca948ae01e7fb70c690dcbd5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/simple-weather/font/weathericons-regular-webfont.woff2 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Cookie: cf_clearance=YRzukmtU9nwfDHc.PPTQ7ARY0OBv2VWVuY.vdd2EbdQ-1714046106-1.0.1.1-F4mqBAjJbykrWkQ5erK1ysm8M7bE11gp5toRyQEkwvuPeOtGk81A.JkQ39sXbafcqPjGYsRPk5xdQYlaIHx9rw; _ga_74R040FQ8P=GS1.1.1714046117.1.0.1714046117.60.0.0; _ga=GA1.1.828244286.1714046118
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:18 GMT
content-type: font/woff2
content-length: 44720
last-modified: Fri, 13 Aug 2021 13:19:49 GMT
etag: "61167175-aeb0"
x-powered-by: PleskLin
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=83wCv1vgqMdJoMTK4uR9L0lqw0EJtaPZLmxEHFw5N9ScDiC5hB1lColFPwlVK8CSxhEJM76pKz4BdrbVLt%2BYdnHFVmZ3cuy3wqYyS%2BiBmYSLmCE8hJauc49V4kKt0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24b18ec256b9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| lh3.googleusercontent.com/Oq0adiMHtjnlw-jppRhfNg6MyKXnstP9QYFlSh_fceGJEVu7yi1468LyYDIlV5SoiVML65666TUDRrmBDpDwVvYmyKWdTuDhEkGjGvcpP9rIcocaJYyQvw=h60 | 142.250.74.97 | | 2.5 kB |
URL lh3.googleusercontent.com/Oq0adiMHtjnlw-jppRhfNg6MyKXnstP9QYFlSh_fceGJEVu7yi1468LyYDIlV5SoiVML65666TUDRrmBDpDwVvYmyKWdTuDhEkGjGvcpP9rIcocaJYyQvw=h60 IP142.250.74.97:0
File typePNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced Hash5f990eab7dcc95fa1c8ffdb6a6f5fd53 eb546cea6b409271c124e5824b392547c7eafd3e 5952bd3f9f2457002b2e37862fca43f5511ebda27c9b9a64fb31a4112e03711c
GET /Oq0adiMHtjnlw-jppRhfNg6MyKXnstP9QYFlSh_fceGJEVu7yi1468LyYDIlV5SoiVML65666TUDRrmBDpDwVvYmyKWdTuDhEkGjGvcpP9rIcocaJYyQvw=h60 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
x-content-type-options: nosniff
server: fife
content-length: 2488
x-xss-protection: 0
date: Thu, 25 Apr 2024 11:55:18 GMT
expires: Fri, 26 Apr 2024 11:55:18 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/png
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css | 142.250.74.35 | 200 OK | 25 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css IP142.250.74.35:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdEBRAcAAAAAC1DyQBCamf_PTVEJDX12JEPr1-Q&co=aHR0cHM6Ly8xMTJhc3Nlbi5ubDo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=f91sgw3vn9wj CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeASCII text, with very long lines (56412), with no line terminators Hash2c00b9f417b688224937053cd0c284a5 17b4c18ebc129055dd25f214c3f11e03e9df2d82 1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed
GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24617
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 15:50:55 GMT
expires: Wed, 23 Apr 2025 15:50:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/css
vary: Accept-Encoding
age: 158664
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js | 142.250.74.35 | 200 OK | 206 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js IP142.250.74.35:443
Requested byhttps://www.google.com/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeJavaScript source, ASCII text, with very long lines (631) Size206 kB (205803 bytes) Hashe2e79d6b927169d9e0e57e3baecc0993 1299473950b2999ba0b7f39bd5e4a60eafd1819d 231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b
GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 20:51:00 GMT
expires: Thu, 24 Apr 2025 20:51:00 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 54259
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 112assen.nl/wp-content/plugins/the-events-calendar/src/resources/css/widget-events-list-skeleton.min.css?ver=6.3.7 | 104.21.30.166 | | 16 kB |
URL 112assen.nl/wp-content/plugins/the-events-calendar/src/resources/css/widget-events-list-skeleton.min.css?ver=6.3.7 IP104.21.30.166:0
File typeASCII text, with very long lines (2304), with no line terminators Hash09d6e5af84180329ca5b7b9262b4b26a 8b561c578b926a7f9f762e26a9de4983e75fb7cd 1ba6b70acc22c181dbab5e6d7110ca2ed1121264bf22c829a442990f3e29e18d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/the-events-calendar/src/resources/css/widget-events-list-skeleton.min.css?ver=6.3.7 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:06 GMT
content-type: text/css
last-modified: Fri, 19 Apr 2024 01:49:43 GMT
etag: W/"6621cdb7-900"
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YxTO235w%2BKcciv7mW6LListK6tOnjsQzeyK7fcMzp62vVR6FIx6vDDlsetMu8sdqiMwvcurm19hpYRzeUYPz4sCkoT8fOHYX40ajwbpzDkC4U44DifOxhaMvNEYgfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24643dff56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.131 | 200 OK | 16 kB |
URL GET HTTP/3fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.131:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdEBRAcAAAAAC1DyQBCamf_PTVEJDX12JEPr1-Q&co=aHR0cHM6Ly8xMTJhc3Nlbi5ubDo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=1vaw0uih6rq2 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0 Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 Apr 2024 22:10:11 GMT
expires: Tue, 22 Apr 2025 22:10:11 GMT
cache-control: public, max-age=31536000
age: 222308
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m | 142.250.74.164 | 200 OK | 7.6 kB |
URL GET HTTP/3www.google.com/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m IP142.250.74.164:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdEBRAcAAAAAC1DyQBCamf_PTVEJDX12JEPr1-Q&co=aHR0cHM6Ly8xMTJhc3Nlbi5ubDo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=1vaw0uih6rq2 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
Hash1c10de955d29db27d5c149805a0d2f33 2e69a3a4333a4894f59965538ad7d562bb53d003 a2c70679f85f1c2ae04db7018631b279a3c2aa95bd4f46eaa5111793e0afc87f
GET /recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdEBRAcAAAAAC1DyQBCamf_PTVEJDX12JEPr1-Q&co=aHR0cHM6Ly8xMTJhc3Nlbi5ubDo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=1vaw0uih6rq2
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 25 Apr 2024 11:55:19 GMT
date: Thu, 25 Apr 2024 11:55:19 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/recaptcha/api2/logo_48.png | 142.250.74.35 | 200 OK | 2.2 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/api2/logo_48.png IP142.250.74.35:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdEBRAcAAAAAC1DyQBCamf_PTVEJDX12JEPr1-Q&co=aHR0cHM6Ly8xMTJhc3Nlbi5ubDo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=1vaw0uih6rq2 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashef9941290c50cd3866e2ba6b793f010d 4736508c795667dcea21f8d864233031223b7832 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:54:07 GMT
expires: Thu, 02 May 2024 02:54:07 GMT
cache-control: public, max-age=604800
age: 32472
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js | 142.250.74.35 | 200 OK | 206 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js IP142.250.74.35:443
Requested byhttps://www.google.com/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeJavaScript source, ASCII text, with very long lines (631) Size206 kB (205803 bytes) Hashe2e79d6b927169d9e0e57e3baecc0993 1299473950b2999ba0b7f39bd5e4a60eafd1819d 231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b
GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 20:51:00 GMT
expires: Thu, 24 Apr 2025 20:51:00 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 54259
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/cse/static/style/look/v4/default.css | 142.250.74.164 | | 1.3 kB |
URL www.google.com/cse/static/style/look/v4/default.css IP142.250.74.164:0
Hashc14e45e189f801818b14f1315605a632 dd7e7fb9d156b343beef0155b41da1c847d69e41 dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
GET /cse/static/style/look/v4/default.css HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 1345
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 11:47:10 GMT
expires: Thu, 25 Apr 2024 12:37:10 GMT
cache-control: public, max-age=3000
age: 489
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
content-type: text/css
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/cse/static/element/8435450f13508ca1/default+nl.css | 142.250.74.164 | | 9.1 kB |
URL www.google.com/cse/static/element/8435450f13508ca1/default+nl.css IP142.250.74.164:0
Hashbaccb7180fe061b63ed061ec10c3b0c8 bfb31590ba6e758eb8f25735b564d7e4a0919025 a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
GET /cse/static/element/8435450f13508ca1/default+nl.css HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 9068
date: Thu, 25 Apr 2024 11:55:19 GMT
expires: Thu, 25 Apr 2024 11:55:19 GMT
cache-control: private, max-age=31536000
last-modified: Wed, 10 Jan 2024 16:43:07 GMT
x-content-type-options: nosniff
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| ad.vidoomy.com/api/adserver/ad/get?data=ZG9tYWluPTExMmFzc2VuLm5sJmZvcm1hdD0xJnU9MTZmNGRlYjAtZGM3Yy00ZTU5LTg1OWYtNzUwOTEwNmE1YTYyJnpvbmVJZD0yMjI4NSZsb29wPTAmY1N0cmluZ1N0YXR1cz1ub3QtZm91bmQmcGFnZVVybD1odHRwcyUzQSUyRiUyRjExMmFzc2VuLm5sJTJGZG9kZW5oZXJkZW5raW5nLTQtbWVpLWluLWFzc2VuJTJGJmtleXdvcmRzPSZwdmVyc2lvbj0zLjE0LjMmdGltZUVsYXBzZWQ9MC0xLjk5 | 212.36.83.216 | 200 OK | 0 B |
URL GET HTTP/1.1ad.vidoomy.com/api/adserver/ad/get?data=ZG9tYWluPTExMmFzc2VuLm5sJmZvcm1hdD0xJnU9MTZmNGRlYjAtZGM3Yy00ZTU5LTg1OWYtNzUwOTEwNmE1YTYyJnpvbmVJZD0yMjI4NSZsb29wPTAmY1N0cmluZ1N0YXR1cz1ub3QtZm91bmQmcGFnZVVybD1odHRwcyUzQSUyRiUyRjExMmFzc2VuLm5sJTJGZG9kZW5oZXJkZW5raW5nLTQtbWVpLWluLWFzc2VuJTJGJmtleXdvcmRzPSZwdmVyc2lvbj0zLjE0LjMmdGltZUVsYXBzZWQ9MC0xLjk5 IP212.36.83.216:443 ASN#15699 OGIC Informatica S.L.
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerSectigo Limited Subject*.vidoomy.com Fingerprint18:AF:A3:4C:BA:C9:5B:1A:FC:8B:1D:B0:76:50:FE:2F:8A:44:59:F3 ValidityWed, 06 Sep 2023 00:00:00 GMT - Sun, 06 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/adserver/ad/get?data=ZG9tYWluPTExMmFzc2VuLm5sJmZvcm1hdD0xJnU9MTZmNGRlYjAtZGM3Yy00ZTU5LTg1OWYtNzUwOTEwNmE1YTYyJnpvbmVJZD0yMjI4NSZsb29wPTAmY1N0cmluZ1N0YXR1cz1ub3QtZm91bmQmcGFnZVVybD1odHRwcyUzQSUyRiUyRjExMmFzc2VuLm5sJTJGZG9kZW5oZXJkZW5raW5nLTQtbWVpLWluLWFzc2VuJTJGJmtleXdvcmRzPSZwdmVyc2lvbj0zLjE0LjMmdGltZUVsYXBzZWQ9MC0xLjk5 HTTP/1.1
Host: ad.vidoomy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-transfer-encoding,vidoomy-brandlift
Referer: https://112assen.nl/
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 11:55:19 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://112assen.nl
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-transfer-encoding,vidoomy-brandlift
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
|
|
| 112assen.nl/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/webfonts/fa-solid-900.woff2 | 104.21.30.166 | 200 OK | 79 kB |
URL GET HTTP/3112assen.nl/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/webfonts/fa-solid-900.woff2 IP104.21.30.166:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject112assen.nl Fingerprint87:8B:2B:44:2A:C9:AA:00:BB:0B:DD:58:BD:63:BC:3A:9A:4D:11:4D ValiditySun, 07 Apr 2024 04:23:48 GMT - Sat, 06 Jul 2024 04:23:47 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 79444, version 331.524 Hashb15db15f746f29ffa02638cb455b8ec0 75a88815c47a249eadb5f0edc1675957f860cca7 7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Cookie: cf_clearance=YRzukmtU9nwfDHc.PPTQ7ARY0OBv2VWVuY.vdd2EbdQ-1714046106-1.0.1.1-F4mqBAjJbykrWkQ5erK1ysm8M7bE11gp5toRyQEkwvuPeOtGk81A.JkQ39sXbafcqPjGYsRPk5xdQYlaIHx9rw; _ga_74R040FQ8P=GS1.1.1714046117.1.0.1714046117.60.0.0; _ga=GA1.1.828244286.1714046118; vido_visitor_id=172e5b6362817b33a26bdcbe3d1af8ae
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:19 GMT
content-type: font/woff2
content-length: 79444
last-modified: Thu, 25 Apr 2024 01:49:49 GMT
etag: "6629b6bd-13654"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 13
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=937byhe6yJyD%2BzedDPAkXyStbvv2plOwuzv2B4myF1OixQZ%2Bmjx3492dVw3CVmFY2fdw2Tnk7CPcdruONgpHqePddphqOua6HSDZgL3VACVLkbnpyYxRDF1jT0Jexw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24b94f7156b9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| static.addtoany.com/menu/modules/core.BRQnzO8v.js | 104.22.71.197 | 200 OK | 104 kB |
URL GET HTTP/3static.addtoany.com/menu/modules/core.BRQnzO8v.js IP104.22.71.197:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size104 kB (103977 bytes) Hash629401c31553d2f42a6ca46e58c2a97b 0ab6084caa72f90913c7e4119f491838726ec5c2 91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805
GET /menu/modules/core.BRQnzO8v.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:19 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
etag: W/"25da5432b1057724b8210f17e9b9db05"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7rryLM7wNdTzG45KVHO%2B2MpIddrSzfHJ0AD%2FnZ5fqT73SIAId2PU16znEO67PLj6RkB7CAhoIYT0nhFX3dy3VOHyexJUadDlvx%2BdMk7%2B2JlFnq%2F5VzVnGse0n4%2BQ%2BRm6ngih2NSz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 879e24b76a698f61-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 112assen.nl/wp-content/plugins/simple-weather/font/weathericons-regular-webfont.woff2 | 104.21.30.166 | | 45 kB |
URL 112assen.nl/wp-content/plugins/simple-weather/font/weathericons-regular-webfont.woff2 IP104.21.30.166:0
File typeWeb Open Font Format (Version 2), TrueType, length 44720, version 1.6553 Hash1cd48d78f06d33973d9d761d426e69bf 718dd740e8340888352129e592fed085409e891e 9327647771c09df82095dba3591c77cca41a9cedca948ae01e7fb70c690dcbd5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/simple-weather/font/weathericons-regular-webfont.woff2 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Cookie: cf_clearance=YRzukmtU9nwfDHc.PPTQ7ARY0OBv2VWVuY.vdd2EbdQ-1714046106-1.0.1.1-F4mqBAjJbykrWkQ5erK1ysm8M7bE11gp5toRyQEkwvuPeOtGk81A.JkQ39sXbafcqPjGYsRPk5xdQYlaIHx9rw; _ga_74R040FQ8P=GS1.1.1714046117.1.0.1714046117.60.0.0; _ga=GA1.1.828244286.1714046118; vido_visitor_id=172e5b6362817b33a26bdcbe3d1af8ae
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:19 GMT
content-type: font/woff2
content-length: 44720
last-modified: Fri, 13 Aug 2021 13:19:49 GMT
etag: "61167175-aeb0"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 1
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q%2BwhXzVuBw8VfNDfXp13oh0nUi0GnJozl2lKaZshuxHT789U55EN133tuGKXre6LnC1R3GmoeBkCiHt2IJzqCbtjYhzVKdrv8TSv5rXIuFpE5F4gtEF4q01T3uCILA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24b97f9f56b9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 112assen.nl/wp-content/plugins/perfmatters/vendor/instant-page/instantpage.js?ver=2.1.8 | 104.21.30.166 | | 78 kB |
URL 112assen.nl/wp-content/plugins/perfmatters/vendor/instant-page/instantpage.js?ver=2.1.8 IP104.21.30.166:0
File typeJavaScript source, ASCII text, with very long lines (3064), with no line terminators Hashe4cfd404815db12686cadc316d95e99a d0349009f6378fdb4d8bd7dd111a0f2129d71146 40ff50d51bd568cd51d37fc1d479996b5d10310e655bd66664d576db727c4057
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/perfmatters/vendor/instant-page/instantpage.js?ver=2.1.8 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Cookie: cf_clearance=YRzukmtU9nwfDHc.PPTQ7ARY0OBv2VWVuY.vdd2EbdQ-1714046106-1.0.1.1-F4mqBAjJbykrWkQ5erK1ysm8M7bE11gp5toRyQEkwvuPeOtGk81A.JkQ39sXbafcqPjGYsRPk5xdQYlaIHx9rw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:16 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=3067
etag: W/"652e6314-bfb"
last-modified: Tue, 17 Oct 2023 10:33:56 GMT
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PuVRTjAwKKfSY6AeYtrGq2mFLsTRFiac8DfcGcMddzZ5YxGDqyTSWF4DSqmKbrjeD0zrcY4izhEF0YubzZJ8jiWyPcPQMzs6ddVqUhGLbcsxgzObSkuFXbpyXc45vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24a4996056b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.131 | | 48 kB |
URL GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.131:0
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 08:04:32 GMT
expires: Wed, 23 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 186647
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 112assen.nl/wp-content/plugins/simple-weather/js/vue.min.js | 104.21.30.166 | 200 OK | 81 kB |
URL GET HTTP/3112assen.nl/wp-content/plugins/simple-weather/js/vue.min.js IP104.21.30.166:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject112assen.nl Fingerprint87:8B:2B:44:2A:C9:AA:00:BB:0B:DD:58:BD:63:BC:3A:9A:4D:11:4D ValiditySun, 07 Apr 2024 04:23:48 GMT - Sat, 06 Jul 2024 04:23:47 GMT
File typeJavaScript source, ASCII text, with very long lines (65450) Hash7e052e2850e70a8db1bd837e08ddda83 c6c536343f5e882b89b3772a2bc13ed94add9f16 01be5ae813c693c4a0de6a5d96c1f31fa9213e49e2216b2f12ecfc16ffecf57f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/simple-weather/js/vue.min.js HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Cookie: cf_clearance=YRzukmtU9nwfDHc.PPTQ7ARY0OBv2VWVuY.vdd2EbdQ-1714046106-1.0.1.1-F4mqBAjJbykrWkQ5erK1ysm8M7bE11gp5toRyQEkwvuPeOtGk81A.JkQ39sXbafcqPjGYsRPk5xdQYlaIHx9rw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:16 GMT
content-type: application/javascript
last-modified: Fri, 13 Aug 2021 13:19:49 GMT
etag: W/"61167175-1430a"
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wJ665ta6ROdUQAjd2UA2AbeDuWfsG1UpFluM%2FujoaHYVh44vqEoLOqZEK9LViQxvzPi9cK%2BN2alSgmMPlmxSUD8xakAYI1P6j1wvkrCk1HzoRdF0GamhQ%2FKWoEIg3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24a448ef56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 | 142.250.74.131 | | 128 kB |
URL fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 IP142.250.74.131:0
File typeWeb Open Font Format (Version 2), TrueType, length 128352, version 1.0 Size128 kB (128352 bytes) Hash53436aca8627a49f4deaaa44dc9e3c05 0bc0c675480d94ec7e8609dda6227f88c5d08d2c 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
GET /s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 19 Apr 2024 11:06:05 GMT
expires: Sat, 19 Apr 2025 11:06:05 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
content-type: font/woff2
age: 521354
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap | 142.250.74.138 | 200 OK | 12 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap IP142.250.74.138:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typegzip compressed data, max compression Hashac53f645a98a25549423472d13823202 5cb52f4a48baa7af4edbca4cc1fc0fd7db1755a7 7b4db73719dc7c836610f58d14c6ec6f7da479d0ef382de1d81a225d148f2fc3
GET /css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 11:55:19 GMT
date: Thu, 25 Apr 2024 11:55:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| ad.vidoomy.com/api/adserver/tracking/e?data=ZXZlbnQ9V2F0ZXJmYWxsQ29tcGxldGUmZm9ybWF0PTEmaWQ9JmRvbWFpbj0xMTJhc3Nlbi5ubCZ1PTE2ZjRkZWIwLWRjN2MtNGU1OS04NTlmLTc1MDkxMDZhNWE2MiZ6b25lSWQ9MjIyODUmZXhlY3V0aW9uPSZkdXJhdGlvbj0mcmVxdWVzdFN0YXR1cz0mcmVxdWVzdFNpemU9JmNTdHJpbmdTdGF0dXM9bm90LWZvdW5kJnZpZXdhYmlsaXR5TWV0aG9kPUlOVEVSU0VDVElPTk9CU0VSVkVSJnI9Jmxvb3A9MCZwdmVyc2lvbj0zLjE0LjMmZGF0YVNvdXJjZT1hZGdldCZ0cz0xNzE0MDQ2MTE5ODQ2JmNvdW50cnk9Tk8mc2RrPSZjaXR5PTMxNDMyNDQmcmVnaW9uPTMxNDMyNDImdGltZUVsYXBzZWQ9MC0xLjk5JnRpbWVzQ2FsbGVkPSZwYWdlVXJsPWh0dHBzJTNBJTJGJTJGMTEyYXNzZW4ubmwlMkZkb2RlbmhlcmRlbmtpbmctNC1tZWktaW4tYXNzZW4lMkY= | 212.36.83.216 | 200 OK | 0 B |
URL OPTIONS HTTP/1.1ad.vidoomy.com/api/adserver/tracking/e?data=ZXZlbnQ9V2F0ZXJmYWxsQ29tcGxldGUmZm9ybWF0PTEmaWQ9JmRvbWFpbj0xMTJhc3Nlbi5ubCZ1PTE2ZjRkZWIwLWRjN2MtNGU1OS04NTlmLTc1MDkxMDZhNWE2MiZ6b25lSWQ9MjIyODUmZXhlY3V0aW9uPSZkdXJhdGlvbj0mcmVxdWVzdFN0YXR1cz0mcmVxdWVzdFNpemU9JmNTdHJpbmdTdGF0dXM9bm90LWZvdW5kJnZpZXdhYmlsaXR5TWV0aG9kPUlOVEVSU0VDVElPTk9CU0VSVkVSJnI9Jmxvb3A9MCZwdmVyc2lvbj0zLjE0LjMmZGF0YVNvdXJjZT1hZGdldCZ0cz0xNzE0MDQ2MTE5ODQ2JmNvdW50cnk9Tk8mc2RrPSZjaXR5PTMxNDMyNDQmcmVnaW9uPTMxNDMyNDImdGltZUVsYXBzZWQ9MC0xLjk5JnRpbWVzQ2FsbGVkPSZwYWdlVXJsPWh0dHBzJTNBJTJGJTJGMTEyYXNzZW4ubmwlMkZkb2RlbmhlcmRlbmtpbmctNC1tZWktaW4tYXNzZW4lMkY= IP212.36.83.216:443 ASN#15699 OGIC Informatica S.L.
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerSectigo Limited Subject*.vidoomy.com Fingerprint18:AF:A3:4C:BA:C9:5B:1A:FC:8B:1D:B0:76:50:FE:2F:8A:44:59:F3 ValidityWed, 06 Sep 2023 00:00:00 GMT - Sun, 06 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/adserver/tracking/e?data=ZXZlbnQ9V2F0ZXJmYWxsQ29tcGxldGUmZm9ybWF0PTEmaWQ9JmRvbWFpbj0xMTJhc3Nlbi5ubCZ1PTE2ZjRkZWIwLWRjN2MtNGU1OS04NTlmLTc1MDkxMDZhNWE2MiZ6b25lSWQ9MjIyODUmZXhlY3V0aW9uPSZkdXJhdGlvbj0mcmVxdWVzdFN0YXR1cz0mcmVxdWVzdFNpemU9JmNTdHJpbmdTdGF0dXM9bm90LWZvdW5kJnZpZXdhYmlsaXR5TWV0aG9kPUlOVEVSU0VDVElPTk9CU0VSVkVSJnI9Jmxvb3A9MCZwdmVyc2lvbj0zLjE0LjMmZGF0YVNvdXJjZT1hZGdldCZ0cz0xNzE0MDQ2MTE5ODQ2JmNvdW50cnk9Tk8mc2RrPSZjaXR5PTMxNDMyNDQmcmVnaW9uPTMxNDMyNDImdGltZUVsYXBzZWQ9MC0xLjk5JnRpbWVzQ2FsbGVkPSZwYWdlVXJsPWh0dHBzJTNBJTJGJTJGMTEyYXNzZW4ubmwlMkZkb2RlbmhlcmRlbmtpbmctNC1tZWktaW4tYXNzZW4lMkY= HTTP/1.1
Host: ad.vidoomy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-transfer-encoding
Referer: https://112assen.nl/
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 11:55:20 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://112assen.nl
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-transfer-encoding
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
|
|
| ad.vidoomy.com/api/adserver/tracking/e?data=ZXZlbnQ9V2F0ZXJmYWxsQ29tcGxldGUmZm9ybWF0PTEmaWQ9JmRvbWFpbj0xMTJhc3Nlbi5ubCZ1PTE2ZjRkZWIwLWRjN2MtNGU1OS04NTlmLTc1MDkxMDZhNWE2MiZ6b25lSWQ9MjIyODUmZXhlY3V0aW9uPSZkdXJhdGlvbj0mcmVxdWVzdFN0YXR1cz0mcmVxdWVzdFNpemU9JmNTdHJpbmdTdGF0dXM9bm90LWZvdW5kJnZpZXdhYmlsaXR5TWV0aG9kPUlOVEVSU0VDVElPTk9CU0VSVkVSJnI9Jmxvb3A9MCZwdmVyc2lvbj0zLjE0LjMmZGF0YVNvdXJjZT1hZGdldCZ0cz0xNzE0MDQ2MTE5ODQ2JmNvdW50cnk9Tk8mc2RrPSZjaXR5PTMxNDMyNDQmcmVnaW9uPTMxNDMyNDImdGltZUVsYXBzZWQ9MC0xLjk5JnRpbWVzQ2FsbGVkPSZwYWdlVXJsPWh0dHBzJTNBJTJGJTJGMTEyYXNzZW4ubmwlMkZkb2RlbmhlcmRlbmtpbmctNC1tZWktaW4tYXNzZW4lMkY= | 212.36.83.216 | 200 OK | 28 B |
URL OPTIONS HTTP/1.1ad.vidoomy.com/api/adserver/tracking/e?data=ZXZlbnQ9V2F0ZXJmYWxsQ29tcGxldGUmZm9ybWF0PTEmaWQ9JmRvbWFpbj0xMTJhc3Nlbi5ubCZ1PTE2ZjRkZWIwLWRjN2MtNGU1OS04NTlmLTc1MDkxMDZhNWE2MiZ6b25lSWQ9MjIyODUmZXhlY3V0aW9uPSZkdXJhdGlvbj0mcmVxdWVzdFN0YXR1cz0mcmVxdWVzdFNpemU9JmNTdHJpbmdTdGF0dXM9bm90LWZvdW5kJnZpZXdhYmlsaXR5TWV0aG9kPUlOVEVSU0VDVElPTk9CU0VSVkVSJnI9Jmxvb3A9MCZwdmVyc2lvbj0zLjE0LjMmZGF0YVNvdXJjZT1hZGdldCZ0cz0xNzE0MDQ2MTE5ODQ2JmNvdW50cnk9Tk8mc2RrPSZjaXR5PTMxNDMyNDQmcmVnaW9uPTMxNDMyNDImdGltZUVsYXBzZWQ9MC0xLjk5JnRpbWVzQ2FsbGVkPSZwYWdlVXJsPWh0dHBzJTNBJTJGJTJGMTEyYXNzZW4ubmwlMkZkb2RlbmhlcmRlbmtpbmctNC1tZWktaW4tYXNzZW4lMkY= IP212.36.83.216:443 ASN#15699 OGIC Informatica S.L.
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerSectigo Limited Subject*.vidoomy.com Fingerprint18:AF:A3:4C:BA:C9:5B:1A:FC:8B:1D:B0:76:50:FE:2F:8A:44:59:F3 ValidityWed, 06 Sep 2023 00:00:00 GMT - Sun, 06 Oct 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash97c72fe2dbb6bec08bd84acbbaa4cfcf 1991bd596d656c2d7feb8bac18da6b7bb803a5c1 30760ba5ec1169343ff3a2a1433973ab93870e317dc6535ec867f82a76abe42d
POST /api/adserver/tracking/e?data=ZXZlbnQ9V2F0ZXJmYWxsQ29tcGxldGUmZm9ybWF0PTEmaWQ9JmRvbWFpbj0xMTJhc3Nlbi5ubCZ1PTE2ZjRkZWIwLWRjN2MtNGU1OS04NTlmLTc1MDkxMDZhNWE2MiZ6b25lSWQ9MjIyODUmZXhlY3V0aW9uPSZkdXJhdGlvbj0mcmVxdWVzdFN0YXR1cz0mcmVxdWVzdFNpemU9JmNTdHJpbmdTdGF0dXM9bm90LWZvdW5kJnZpZXdhYmlsaXR5TWV0aG9kPUlOVEVSU0VDVElPTk9CU0VSVkVSJnI9Jmxvb3A9MCZwdmVyc2lvbj0zLjE0LjMmZGF0YVNvdXJjZT1hZGdldCZ0cz0xNzE0MDQ2MTE5ODQ2JmNvdW50cnk9Tk8mc2RrPSZjaXR5PTMxNDMyNDQmcmVnaW9uPTMxNDMyNDImdGltZUVsYXBzZWQ9MC0xLjk5JnRpbWVzQ2FsbGVkPSZwYWdlVXJsPWh0dHBzJTNBJTJGJTJGMTEyYXNzZW4ubmwlMkZkb2RlbmhlcmRlbmtpbmctNC1tZWktaW4tYXNzZW4lMkY= HTTP/1.1
Host: ad.vidoomy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Transfer-Encoding: base64
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 11:55:20 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 28
Connection: keep-alive
Access-Control-Allow-Origin: https://112assen.nl
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Transfer-Encoding: base64
|
|
| pagead2.googlesyndication.com/pagead/js/adsbygoogle.js | 216.58.207.194 | 200 OK | 52 kB |
URL GET HTTP/3pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP216.58.207.194:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject*.g.doubleclick.net Fingerprint1B:FA:17:60:E2:34:D4:FA:D1:13:08:09:6E:8F:ED:E7:A8:8C:6E:7A ValidityMon, 18 Mar 2024 19:37:13 GMT - Mon, 10 Jun 2024 19:37:12 GMT
File typeJavaScript source, ASCII text, with very long lines (3920) Hashb4cb2049538d882ac1bcc6e28688eaee d6721a30295a4af68e46d0deb073ec3f7dcf3892 1fc899812cc723291255d160980b2f3007cb24095a041de693dca3b53ea14273
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Thu, 25 Apr 2024 11:55:20 GMT
expires: Thu, 25 Apr 2024 11:55:20 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 5196516167045862250
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51868
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| pagead2.googlesyndication.com/pagead/js/adsbygoogle.js | 216.58.207.194 | 200 OK | 52 kB |
URL GET HTTP/3pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP216.58.207.194:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject*.g.doubleclick.net Fingerprint1B:FA:17:60:E2:34:D4:FA:D1:13:08:09:6E:8F:ED:E7:A8:8C:6E:7A ValidityMon, 18 Mar 2024 19:37:13 GMT - Mon, 10 Jun 2024 19:37:12 GMT
File typeJavaScript source, ASCII text, with very long lines (3920) Hash1ec60a7ff1aec427b64fe435213f7b81 60b7eac176bb23a8fc8d3c69d6c0d62c8aae6062 2b08c53d1f5367bd5932a9efdd1640b0f95d1b622c75b55b7ba7fd5640162189
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Thu, 25 Apr 2024 11:55:21 GMT
expires: Thu, 25 Apr 2024 11:55:21 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 4737487894684450545
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51870
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| pagead2.googlesyndication.com/pagead/js/adsbygoogle.js | 216.58.207.194 | 200 OK | 52 kB |
URL GET HTTP/3pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP216.58.207.194:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject*.g.doubleclick.net Fingerprint1B:FA:17:60:E2:34:D4:FA:D1:13:08:09:6E:8F:ED:E7:A8:8C:6E:7A ValidityMon, 18 Mar 2024 19:37:13 GMT - Mon, 10 Jun 2024 19:37:12 GMT
File typeJavaScript source, ASCII text, with very long lines (3920) Hash184dbcd2e4117f4c3a14e13adcd7e1b6 08d1699d9223a1a248c2a8db0be1690a84cf1736 d31d3ee6871797a204807f5b9d0e192fee5e035304a5363b8dfe1b17d730e937
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Thu, 25 Apr 2024 11:55:22 GMT
expires: Thu, 25 Apr 2024 11:55:22 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 15109951506967021785
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51867
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| pagead2.googlesyndication.com/pagead/js/adsbygoogle.js | 216.58.207.194 | 200 OK | 52 kB |
URL GET HTTP/3pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP216.58.207.194:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject*.g.doubleclick.net Fingerprint1B:FA:17:60:E2:34:D4:FA:D1:13:08:09:6E:8F:ED:E7:A8:8C:6E:7A ValidityMon, 18 Mar 2024 19:37:13 GMT - Mon, 10 Jun 2024 19:37:12 GMT
File typeJavaScript source, ASCII text, with very long lines (3920) Hash650b7231814d51d24195d5a55d9199c9 b954854c59c1dc5df157667d5b7bdecd69b07ca3 3895ff846ebf867c30f04ce442aabfc0bebedf2a267c4845b39d14fd7197f2db
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Thu, 25 Apr 2024 11:55:23 GMT
expires: Thu, 25 Apr 2024 11:55:23 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 14877089597404696610
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51865
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| pagead2.googlesyndication.com/pagead/js/adsbygoogle.js | 216.58.207.194 | 200 OK | 52 kB |
URL GET HTTP/3pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP216.58.207.194:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject*.g.doubleclick.net Fingerprint1B:FA:17:60:E2:34:D4:FA:D1:13:08:09:6E:8F:ED:E7:A8:8C:6E:7A ValidityMon, 18 Mar 2024 19:37:13 GMT - Mon, 10 Jun 2024 19:37:12 GMT
File typeJavaScript source, ASCII text, with very long lines (3920) Hashe322719de0a70affa6f08cf77d024df1 7767f7182d79f19e6ff61b0b4c2d871039a55688 cb9265042f370bc013bc7666f229e4811769cae45c6b43027f3f5cdacfcf5ad8
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Thu, 25 Apr 2024 11:55:24 GMT
expires: Thu, 25 Apr 2024 11:55:24 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 9174622266429392311
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51873
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| ad.vidoomy.com/api/adserver/tracking/e?data=ZXZlbnQ9QWRUYWdSZXF1ZXN0JmZvcm1hdD0xJmlkPSZkb21haW49MTEyYXNzZW4ubmwmdT0xNmY0ZGViMC1kYzdjLTRlNTktODU5Zi03NTA5MTA2YTVhNjImem9uZUlkPTIyMjg1JmV4ZWN1dGlvbj0mZHVyYXRpb249JnJlcXVlc3RTdGF0dXM9JnJlcXVlc3RTaXplPSZjU3RyaW5nU3RhdHVzPW5vdC1mb3VuZCZ2aWV3YWJpbGl0eU1ldGhvZD1JTlRFUlNFQ1RJT05PQlNFUlZFUiZyPSZsb29wPSZwdmVyc2lvbj0zLjE0LjMmZGF0YVNvdXJjZT1hZGdldCZ0cz0xNzE0MDQ2MTE5ODQ2JmNvdW50cnk9Tk8mc2RrPSZjaXR5PTMxNDMyNDQmcmVnaW9uPTMxNDMyNDImdGltZUVsYXBzZWQ9JnRpbWVzQ2FsbGVkPSZwYWdlVXJsPWh0dHBzJTNBJTJGJTJGMTEyYXNzZW4ubmwlMkZkb2RlbmhlcmRlbmtpbmctNC1tZWktaW4tYXNzZW4lMkY= | 212.36.83.216 | | 0 B |
URL ad.vidoomy.com/api/adserver/tracking/e?data=ZXZlbnQ9QWRUYWdSZXF1ZXN0JmZvcm1hdD0xJmlkPSZkb21haW49MTEyYXNzZW4ubmwmdT0xNmY0ZGViMC1kYzdjLTRlNTktODU5Zi03NTA5MTA2YTVhNjImem9uZUlkPTIyMjg1JmV4ZWN1dGlvbj0mZHVyYXRpb249JnJlcXVlc3RTdGF0dXM9JnJlcXVlc3RTaXplPSZjU3RyaW5nU3RhdHVzPW5vdC1mb3VuZCZ2aWV3YWJpbGl0eU1ldGhvZD1JTlRFUlNFQ1RJT05PQlNFUlZFUiZyPSZsb29wPSZwdmVyc2lvbj0zLjE0LjMmZGF0YVNvdXJjZT1hZGdldCZ0cz0xNzE0MDQ2MTE5ODQ2JmNvdW50cnk9Tk8mc2RrPSZjaXR5PTMxNDMyNDQmcmVnaW9uPTMxNDMyNDImdGltZUVsYXBzZWQ9JnRpbWVzQ2FsbGVkPSZwYWdlVXJsPWh0dHBzJTNBJTJGJTJGMTEyYXNzZW4ubmwlMkZkb2RlbmhlcmRlbmtpbmctNC1tZWktaW4tYXNzZW4lMkY= IP212.36.83.216:0 ASN#15699 OGIC Informatica S.L.
CertificateIssuerSectigo Limited Subject*.vidoomy.com Fingerprint18:AF:A3:4C:BA:C9:5B:1A:FC:8B:1D:B0:76:50:FE:2F:8A:44:59:F3 ValidityWed, 06 Sep 2023 00:00:00 GMT - Sun, 06 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/adserver/tracking/e?data=ZXZlbnQ9QWRUYWdSZXF1ZXN0JmZvcm1hdD0xJmlkPSZkb21haW49MTEyYXNzZW4ubmwmdT0xNmY0ZGViMC1kYzdjLTRlNTktODU5Zi03NTA5MTA2YTVhNjImem9uZUlkPTIyMjg1JmV4ZWN1dGlvbj0mZHVyYXRpb249JnJlcXVlc3RTdGF0dXM9JnJlcXVlc3RTaXplPSZjU3RyaW5nU3RhdHVzPW5vdC1mb3VuZCZ2aWV3YWJpbGl0eU1ldGhvZD1JTlRFUlNFQ1RJT05PQlNFUlZFUiZyPSZsb29wPSZwdmVyc2lvbj0zLjE0LjMmZGF0YVNvdXJjZT1hZGdldCZ0cz0xNzE0MDQ2MTE5ODQ2JmNvdW50cnk9Tk8mc2RrPSZjaXR5PTMxNDMyNDQmcmVnaW9uPTMxNDMyNDImdGltZUVsYXBzZWQ9JnRpbWVzQ2FsbGVkPSZwYWdlVXJsPWh0dHBzJTNBJTJGJTJGMTEyYXNzZW4ubmwlMkZkb2RlbmhlcmRlbmtpbmctNC1tZWktaW4tYXNzZW4lMkY= HTTP/1.1
Host: ad.vidoomy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-transfer-encoding,content-type
Referer: https://112assen.nl/
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 11:55:25 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://112assen.nl
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-transfer-encoding,content-type
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
|
|
| ad.vidoomy.com/api/adserver/tracking/e?data=ZXZlbnQ9QWRUYWdSZXF1ZXN0JmZvcm1hdD0xJmlkPSZkb21haW49MTEyYXNzZW4ubmwmdT0xNmY0ZGViMC1kYzdjLTRlNTktODU5Zi03NTA5MTA2YTVhNjImem9uZUlkPTIyMjg1JmV4ZWN1dGlvbj0mZHVyYXRpb249JnJlcXVlc3RTdGF0dXM9JnJlcXVlc3RTaXplPSZjU3RyaW5nU3RhdHVzPW5vdC1mb3VuZCZ2aWV3YWJpbGl0eU1ldGhvZD1JTlRFUlNFQ1RJT05PQlNFUlZFUiZyPSZsb29wPSZwdmVyc2lvbj0zLjE0LjMmZGF0YVNvdXJjZT1hZGdldCZ0cz0xNzE0MDQ2MTE5ODQ2JmNvdW50cnk9Tk8mc2RrPSZjaXR5PTMxNDMyNDQmcmVnaW9uPTMxNDMyNDImdGltZUVsYXBzZWQ9JnRpbWVzQ2FsbGVkPSZwYWdlVXJsPWh0dHBzJTNBJTJGJTJGMTEyYXNzZW4ubmwlMkZkb2RlbmhlcmRlbmtpbmctNC1tZWktaW4tYXNzZW4lMkY= | 212.36.83.216 | | 28 B |
URL ad.vidoomy.com/api/adserver/tracking/e?data=ZXZlbnQ9QWRUYWdSZXF1ZXN0JmZvcm1hdD0xJmlkPSZkb21haW49MTEyYXNzZW4ubmwmdT0xNmY0ZGViMC1kYzdjLTRlNTktODU5Zi03NTA5MTA2YTVhNjImem9uZUlkPTIyMjg1JmV4ZWN1dGlvbj0mZHVyYXRpb249JnJlcXVlc3RTdGF0dXM9JnJlcXVlc3RTaXplPSZjU3RyaW5nU3RhdHVzPW5vdC1mb3VuZCZ2aWV3YWJpbGl0eU1ldGhvZD1JTlRFUlNFQ1RJT05PQlNFUlZFUiZyPSZsb29wPSZwdmVyc2lvbj0zLjE0LjMmZGF0YVNvdXJjZT1hZGdldCZ0cz0xNzE0MDQ2MTE5ODQ2JmNvdW50cnk9Tk8mc2RrPSZjaXR5PTMxNDMyNDQmcmVnaW9uPTMxNDMyNDImdGltZUVsYXBzZWQ9JnRpbWVzQ2FsbGVkPSZwYWdlVXJsPWh0dHBzJTNBJTJGJTJGMTEyYXNzZW4ubmwlMkZkb2RlbmhlcmRlbmtpbmctNC1tZWktaW4tYXNzZW4lMkY= IP212.36.83.216:0 ASN#15699 OGIC Informatica S.L.
CertificateIssuerSectigo Limited Subject*.vidoomy.com Fingerprint18:AF:A3:4C:BA:C9:5B:1A:FC:8B:1D:B0:76:50:FE:2F:8A:44:59:F3 ValidityWed, 06 Sep 2023 00:00:00 GMT - Sun, 06 Oct 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash97c72fe2dbb6bec08bd84acbbaa4cfcf 1991bd596d656c2d7feb8bac18da6b7bb803a5c1 30760ba5ec1169343ff3a2a1433973ab93870e317dc6535ec867f82a76abe42d
POST /api/adserver/tracking/e?data=ZXZlbnQ9QWRUYWdSZXF1ZXN0JmZvcm1hdD0xJmlkPSZkb21haW49MTEyYXNzZW4ubmwmdT0xNmY0ZGViMC1kYzdjLTRlNTktODU5Zi03NTA5MTA2YTVhNjImem9uZUlkPTIyMjg1JmV4ZWN1dGlvbj0mZHVyYXRpb249JnJlcXVlc3RTdGF0dXM9JnJlcXVlc3RTaXplPSZjU3RyaW5nU3RhdHVzPW5vdC1mb3VuZCZ2aWV3YWJpbGl0eU1ldGhvZD1JTlRFUlNFQ1RJT05PQlNFUlZFUiZyPSZsb29wPSZwdmVyc2lvbj0zLjE0LjMmZGF0YVNvdXJjZT1hZGdldCZ0cz0xNzE0MDQ2MTE5ODQ2JmNvdW50cnk9Tk8mc2RrPSZjaXR5PTMxNDMyNDQmcmVnaW9uPTMxNDMyNDImdGltZUVsYXBzZWQ9JnRpbWVzQ2FsbGVkPSZwYWdlVXJsPWh0dHBzJTNBJTJGJTJGMTEyYXNzZW4ubmwlMkZkb2RlbmhlcmRlbmtpbmctNC1tZWktaW4tYXNzZW4lMkY= HTTP/1.1
Host: ad.vidoomy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Transfer-Encoding: base64
Content-Length: 2180
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 11:55:25 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 28
Connection: keep-alive
Access-Control-Allow-Origin: https://112assen.nl
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Transfer-Encoding: base64
|
|
| pagead2.googlesyndication.com/pagead/js/adsbygoogle.js | 216.58.207.194 | 200 OK | 52 kB |
URL GET HTTP/3pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP216.58.207.194:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject*.g.doubleclick.net Fingerprint1B:FA:17:60:E2:34:D4:FA:D1:13:08:09:6E:8F:ED:E7:A8:8C:6E:7A ValidityMon, 18 Mar 2024 19:37:13 GMT - Mon, 10 Jun 2024 19:37:12 GMT
File typeJavaScript source, ASCII text, with very long lines (3920) Hash7752e9fbe027431c477e82d99c16ff4f 9b598e4584c20d756d4b249cd38825850cf0801f f390237851f5b52d393106cb0546d6a7436c909dffbaff2256a06ff3c2f9a0e5
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Thu, 25 Apr 2024 11:55:25 GMT
expires: Thu, 25 Apr 2024 11:55:25 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 13445550393640187425
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51873
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| pagead2.googlesyndication.com/pagead/js/adsbygoogle.js | 216.58.207.194 | 200 OK | 52 kB |
URL GET HTTP/3pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP216.58.207.194:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject*.g.doubleclick.net Fingerprint1B:FA:17:60:E2:34:D4:FA:D1:13:08:09:6E:8F:ED:E7:A8:8C:6E:7A ValidityMon, 18 Mar 2024 19:37:13 GMT - Mon, 10 Jun 2024 19:37:12 GMT
File typeJavaScript source, ASCII text, with very long lines (3920) Hashd83180b53dca7ac6fb9e699c16da3096 03d7ebae9514b35c6b9dfb5f27e3bd4980cc7c18 3837f6077cd3956579692b5daaf19578e68618f89d34f3eb6f913a09352d96cb
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Thu, 25 Apr 2024 11:55:26 GMT
expires: Thu, 25 Apr 2024 11:55:26 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 10618953563778449645
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51870
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| pagead2.googlesyndication.com/pagead/js/adsbygoogle.js | 216.58.207.194 | 200 OK | 52 kB |
URL GET HTTP/3pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP216.58.207.194:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject*.g.doubleclick.net Fingerprint1B:FA:17:60:E2:34:D4:FA:D1:13:08:09:6E:8F:ED:E7:A8:8C:6E:7A ValidityMon, 18 Mar 2024 19:37:13 GMT - Mon, 10 Jun 2024 19:37:12 GMT
File typeJavaScript source, ASCII text, with very long lines (3920) Hashd1d7b9dc4fa77d325f4cd92dde2d62b2 46a5535231d2ad097ef4c8d45b56e00e25d480ea 84daec5886d2f9308aa17afec3924de3139ae283bebb23a618b1d62fc6f6739e
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Thu, 25 Apr 2024 11:55:27 GMT
expires: Thu, 25 Apr 2024 11:55:27 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 17619708394675160767
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51866
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| pagead2.googlesyndication.com/pagead/js/adsbygoogle.js | 216.58.207.194 | 200 OK | 52 kB |
URL GET HTTP/3pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP216.58.207.194:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject*.g.doubleclick.net Fingerprint1B:FA:17:60:E2:34:D4:FA:D1:13:08:09:6E:8F:ED:E7:A8:8C:6E:7A ValidityMon, 18 Mar 2024 19:37:13 GMT - Mon, 10 Jun 2024 19:37:12 GMT
File typeJavaScript source, ASCII text, with very long lines (3920) Hash93ebfcc1011d26471d74273c3df74ee8 215108d3d016a288c3b18cd3a60381119e9f98c3 e808208d2118438a2c484c2adf27073d3a4efe79196206c74a5ef8415a474337
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Thu, 25 Apr 2024 11:55:28 GMT
expires: Thu, 25 Apr 2024 11:55:28 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 7620134316754106442
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51876
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| pagead2.googlesyndication.com/pagead/js/adsbygoogle.js | 216.58.207.194 | 200 OK | 52 kB |
URL GET HTTP/3pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP216.58.207.194:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject*.g.doubleclick.net Fingerprint1B:FA:17:60:E2:34:D4:FA:D1:13:08:09:6E:8F:ED:E7:A8:8C:6E:7A ValidityMon, 18 Mar 2024 19:37:13 GMT - Mon, 10 Jun 2024 19:37:12 GMT
File typeJavaScript source, ASCII text, with very long lines (3920) Hasha6459e53ec1ebc9f8cf035af06216d89 8f2de4c047390bbc173224c52a6f9885480f890f d4051e33f15c5dea49039b52a2ce95565cba242f0f5ada0a0ce025e2176f2c49
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Thu, 25 Apr 2024 11:55:29 GMT
expires: Thu, 25 Apr 2024 11:55:29 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 9349500627339271031
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51867
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| pagead2.googlesyndication.com/pagead/js/adsbygoogle.js | 216.58.207.194 | 200 OK | 52 kB |
URL GET HTTP/3pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP216.58.207.194:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject*.g.doubleclick.net Fingerprint1B:FA:17:60:E2:34:D4:FA:D1:13:08:09:6E:8F:ED:E7:A8:8C:6E:7A ValidityMon, 18 Mar 2024 19:37:13 GMT - Mon, 10 Jun 2024 19:37:12 GMT
File typeJavaScript source, ASCII text, with very long lines (3920) Hash8a85acbe43dd78a8cc013b70c20f9848 9aae15e30dd921599dca624c374fe108a2dd83bf eeef392bf94a118099c08763794f2731e09aa2d6668e83c1645d7d264929717a
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Thu, 25 Apr 2024 11:55:30 GMT
expires: Thu, 25 Apr 2024 11:55:30 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 3170611193034902125
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51867
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| pagead2.googlesyndication.com/pagead/js/adsbygoogle.js | 216.58.207.194 | 200 OK | 52 kB |
URL GET HTTP/3pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP216.58.207.194:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject*.g.doubleclick.net Fingerprint1B:FA:17:60:E2:34:D4:FA:D1:13:08:09:6E:8F:ED:E7:A8:8C:6E:7A ValidityMon, 18 Mar 2024 19:37:13 GMT - Mon, 10 Jun 2024 19:37:12 GMT
File typeJavaScript source, ASCII text, with very long lines (3920) Hashcd712584bd5636f7700c959616c20082 9b00c9e80a9798fa285532ae14ea9e1619f5d44d cb3b538bf350e1c76f519b3d94af403088b2d6c9c5ae7576b7cc4914d8e22a06
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Thu, 25 Apr 2024 11:55:31 GMT
expires: Thu, 25 Apr 2024 11:55:31 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 7228129441746484331
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51868
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| pagead2.googlesyndication.com/pagead/js/adsbygoogle.js | 216.58.207.194 | 200 OK | 52 kB |
URL GET HTTP/3pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP216.58.207.194:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject*.g.doubleclick.net Fingerprint1B:FA:17:60:E2:34:D4:FA:D1:13:08:09:6E:8F:ED:E7:A8:8C:6E:7A ValidityMon, 18 Mar 2024 19:37:13 GMT - Mon, 10 Jun 2024 19:37:12 GMT
File typeJavaScript source, ASCII text, with very long lines (3920) Hash40530bde179eaf2168a0b97dced03063 3108e620f4631ab8a1919017fe15a8d4348e911f adabd71e5dfc60fbc4d273c3f976a2ec337003c8ac9147c9a97630dc50867619
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Thu, 25 Apr 2024 11:55:32 GMT
expires: Thu, 25 Apr 2024 11:55:32 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 17904826706301969538
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51874
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 112assen.nl/cdn-cgi/challenge-platform/scripts/jsd/main.js | 104.21.30.166 | 302 Found | 7.9 kB |
URL GET HTTP/3112assen.nl/cdn-cgi/challenge-platform/scripts/jsd/main.js IP104.21.30.166:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject112assen.nl Fingerprint87:8B:2B:44:2A:C9:AA:00:BB:0B:DD:58:BD:63:BC:3A:9A:4D:11:4D ValiditySun, 07 Apr 2024 04:23:48 GMT - Sat, 06 Jul 2024 04:23:47 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Thu, 25 Apr 2024 11:55:06 GMT
content-length: 0
cache-control: max-age=300, public
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bh0O6uy6nrRkeIeNQ8sviBaqT8%2FvlA461yH378UQvL%2FDgnAQ%2Bm1nNAMBjdWL3o44CQhC9mApcs8ws5%2FMVIlTAhAlCgspgDdMwDnTNnEQzXIv5gVnFvu%2Fic2%2FUjLjSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e2466284556b9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 112assen.nl/wp-content/plugins/wpdiscuz-widgets/assets/css/style.min.css?ver=7.0.8 | 104.21.30.166 | 200 OK | 16 kB |
URL GET HTTP/3112assen.nl/wp-content/plugins/wpdiscuz-widgets/assets/css/style.min.css?ver=7.0.8 IP104.21.30.166:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject112assen.nl Fingerprint87:8B:2B:44:2A:C9:AA:00:BB:0B:DD:58:BD:63:BC:3A:9A:4D:11:4D ValiditySun, 07 Apr 2024 04:23:48 GMT - Sat, 06 Jul 2024 04:23:47 GMT
File typeASCII text, with very long lines (15630), with no line terminators Hashd4a8bf78c0abaede170395a7c9e72c20 1caff415e163a2e39f1b3136d04531531b144a61 48204e61d2cd180861fafee9fcc3dc3b47640abc7f5abcea165a76bdd825d509
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/wpdiscuz-widgets/assets/css/style.min.css?ver=7.0.8 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Cookie: cf_clearance=YRzukmtU9nwfDHc.PPTQ7ARY0OBv2VWVuY.vdd2EbdQ-1714046106-1.0.1.1-F4mqBAjJbykrWkQ5erK1ysm8M7bE11gp5toRyQEkwvuPeOtGk81A.JkQ39sXbafcqPjGYsRPk5xdQYlaIHx9rw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:17 GMT
content-type: text/css
last-modified: Fri, 13 Aug 2021 12:12:42 GMT
etag: W/"611661ba-3d0e"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 11
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AiLXrEOgOzabkqmjBcpeQZ23SXg8TmEkj60g%2FLPsbJ2CSIb9ZnYKuBfJZvIaX0R1GdK5yzYtFPkLPkra7scxDlngNn02nvnqLKWsyH%2FZK5wd4lDTX1kZd%2BqYkPwSHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24a77c1456b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 112assen.nl/wp-content/plugins/the-events-calendar/common/src/resources/js/utils/query-string.min.js?ver=5.2.5 | 104.21.30.166 | 200 OK | 14 kB |
URL GET HTTP/3112assen.nl/wp-content/plugins/the-events-calendar/common/src/resources/js/utils/query-string.min.js?ver=5.2.5 IP104.21.30.166:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject112assen.nl Fingerprint87:8B:2B:44:2A:C9:AA:00:BB:0B:DD:58:BD:63:BC:3A:9A:4D:11:4D ValiditySun, 07 Apr 2024 04:23:48 GMT - Sat, 06 Jul 2024 04:23:47 GMT
File typeJavaScript source, ASCII text, with very long lines (13809) Hashdd153de81844bd8337a079ab6b2d2ca5 e355296d5d019059600d543367cce6693d2e4a1b 1e6123b956c5b6850a592fb4ac9c4543a9b74398a8cb99e9ea1bcfae2120ea03
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/the-events-calendar/common/src/resources/js/utils/query-string.min.js?ver=5.2.5 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Cookie: cf_clearance=YRzukmtU9nwfDHc.PPTQ7ARY0OBv2VWVuY.vdd2EbdQ-1714046106-1.0.1.1-F4mqBAjJbykrWkQ5erK1ysm8M7bE11gp5toRyQEkwvuPeOtGk81A.JkQ39sXbafcqPjGYsRPk5xdQYlaIHx9rw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:16 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 01:49:43 GMT
etag: W/"6621cdb7-373b"
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zn3IwvPjrydeOd%2B1lAVXgPyhx0TFBjaFI4cnPuTiov2YOl0MJvVDRghwn1UWtQ8NCROs5M%2BR8Nt8zvpulN22ivcTfOp%2Bo9FdE9vof7KfBblyYZQoY0COsqw%2BNCUHvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24a4792b56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| systeem.online-banners.nl/js/bjqs-1.3.min.js | 92.63.172.156 | 200 OK | 7.0 kB |
URL GET HTTP/2systeem.online-banners.nl/js/bjqs-1.3.min.js IP92.63.172.156:443
Requested byhttps://systeem.online-banners.nl/stramien.php?id=192 CertificateIssuerLet's Encrypt Subjectwww.jortvdheide.nl Fingerprint4F:CE:2A:E0:EE:C8:1B:25:4E:4D:11:41:26:39:9F:70:CE:C3:C1:94 ValiditySat, 06 Apr 2024 23:42:25 GMT - Fri, 05 Jul 2024 23:42:24 GMT
File typeJavaScript source, ASCII text, with very long lines (7171), with no line terminators Hash8e2c7bf98148f073a4f01af92b465678 91e6289cca9a4c5321178bf017058a6acad5a63d d025d5859b6e1bec4d2f4c75c92070ec6c8a837f4c9e713bc66374c83a555994
GET /js/bjqs-1.3.min.js HTTP/1.1
Host: systeem.online-banners.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://systeem.online-banners.nl/stramien.php?id=192
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Mon, 15 Oct 2018 09:05:37 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2162
content-type: application/javascript
date: Thu, 25 Apr 2024 11:55:06 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| 112assen.nl/wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=5.2.5 | 104.21.30.166 | 200 OK | 14 kB |
URL GET HTTP/3112assen.nl/wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=5.2.5 IP104.21.30.166:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject112assen.nl Fingerprint87:8B:2B:44:2A:C9:AA:00:BB:0B:DD:58:BD:63:BC:3A:9A:4D:11:4D ValiditySun, 07 Apr 2024 04:23:48 GMT - Sat, 06 Jul 2024 04:23:47 GMT
File typeASCII text, with very long lines (13999), with no line terminators Hashab0a1c346a264ccd7edd219a21ae2815 049e2a02c56573ab8670eeeb4fcd5b50ae90e051 8bb67e76c593968c1397d0bf91ba43f1438350d7e79f790f9324937e4d2e97ec
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=5.2.5 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:06 GMT
content-type: text/css
last-modified: Fri, 19 Apr 2024 01:49:43 GMT
etag: W/"6621cdb7-36af"
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ja7VKLJVIty7w9xGKmmJ%2Ft%2Fwp%2FjkXvHk73Gz9dTjvJfwqzBF5tt5uYfWWkRLW1JjTKcPTHUsZpqTReB2kmlq6vXzEy5lLLj3zMK3pbP0Opc75P7FVaupfYWCA9INeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24643dfb56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 112assen.nl/wp-content/plugins/the-events-calendar/common/src/resources/css/variables-full.min.css?ver=5.2.5 | 104.21.30.166 | 200 OK | 1.7 kB |
URL GET HTTP/3112assen.nl/wp-content/plugins/the-events-calendar/common/src/resources/css/variables-full.min.css?ver=5.2.5 IP104.21.30.166:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject112assen.nl Fingerprint87:8B:2B:44:2A:C9:AA:00:BB:0B:DD:58:BD:63:BC:3A:9A:4D:11:4D ValiditySun, 07 Apr 2024 04:23:48 GMT - Sat, 06 Jul 2024 04:23:47 GMT
File typeASCII text, with very long lines (1747), with no line terminators Hash66cd9508acea3642e6d976dd305d5c8c 00a09a355eb1510fa2fffee61011719b035d80fa 47103dda9205ac22a8fffd97e2a84e3bcedfe3c6330a8ef3f80e59d28bd9d2c2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/the-events-calendar/common/src/resources/css/variables-full.min.css?ver=5.2.5 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Cookie: cf_clearance=YRzukmtU9nwfDHc.PPTQ7ARY0OBv2VWVuY.vdd2EbdQ-1714046106-1.0.1.1-F4mqBAjJbykrWkQ5erK1ysm8M7bE11gp5toRyQEkwvuPeOtGk81A.JkQ39sXbafcqPjGYsRPk5xdQYlaIHx9rw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:17 GMT
content-type: text/css
last-modified: Fri, 19 Apr 2024 01:49:43 GMT
etag: W/"6621cdb7-6d1"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 11
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hVzQ4cC8kBTe095%2F3vrrispDjj%2BJ8FYD0ndnMhd0sHT0JDpa6lLJ3wiIvbrtH3x%2Bm8fUM4Y%2FiG0hAHOvjMcJ2bPfRRLWItHPWIFroTCSV5Iodu8mbvRK3e%2B7PoOo%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24a79c2c56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 112assen.nl/wp-content/themes/112press/reset.css | 104.21.30.166 | 200 OK | 2.1 kB |
URL GET HTTP/3112assen.nl/wp-content/themes/112press/reset.css IP104.21.30.166:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject112assen.nl Fingerprint87:8B:2B:44:2A:C9:AA:00:BB:0B:DD:58:BD:63:BC:3A:9A:4D:11:4D ValiditySun, 07 Apr 2024 04:23:48 GMT - Sat, 06 Jul 2024 04:23:47 GMT
File typeASCII text, with very long lines (2072), with no line terminators Hash14c9ba1aa5fbdc3fdbb0ecc1b2cbb191 5a49240413d9cf37be4fcaf8cd04bce8dcd18274 ea0d45d48ed74554b1697d7692a7b4bbd9262b5dacedfeec3e931fa8eb1a2f2a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/112press/reset.css HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:06 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=4354
etag: W/"635f7f0f-1102"
last-modified: Mon, 31 Oct 2022 07:53:51 GMT
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kLlYY%2BrlR9RetoLTvX4aEMzdjzqBXU0y8TdlZBhVb%2BEQfTL3uBss%2Fxt6ey4t9G7ljdHXdM%2FFos28WOe4VpuDTyE9rW8bCxuXECR7xFIB7mAcUJCl0wSDSypNyM%2BGSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24641dce56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 112assen.nl/wp-content/plugins/simplelightbox/dist/simple-lightbox.legacy.min.js?ver=2.14.2 | 104.21.30.166 | 200 OK | 156 kB |
URL GET HTTP/3112assen.nl/wp-content/plugins/simplelightbox/dist/simple-lightbox.legacy.min.js?ver=2.14.2 IP104.21.30.166:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject112assen.nl Fingerprint87:8B:2B:44:2A:C9:AA:00:BB:0B:DD:58:BD:63:BC:3A:9A:4D:11:4D ValiditySun, 07 Apr 2024 04:23:48 GMT - Sat, 06 Jul 2024 04:23:47 GMT
Size156 kB (155537 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/simplelightbox/dist/simple-lightbox.legacy.min.js?ver=2.14.2 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Cookie: cf_clearance=YRzukmtU9nwfDHc.PPTQ7ARY0OBv2VWVuY.vdd2EbdQ-1714046106-1.0.1.1-F4mqBAjJbykrWkQ5erK1ysm8M7bE11gp5toRyQEkwvuPeOtGk81A.JkQ39sXbafcqPjGYsRPk5xdQYlaIHx9rw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:16 GMT
content-type: application/javascript
last-modified: Tue, 17 Oct 2023 10:35:38 GMT
etag: W/"652e637a-25f91"
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vuU%2F4ct3B1cq4L844GPiVYZwYKkYlwbDlIhhbpc8dPM%2FkD9OtVJyTMX0h%2BhC24rFchFc%2FwA0fXZI4ZvvAbtxs%2FGf%2BT3BFrx2TyWWazc6sq%2BvCncxDJUiyU%2Bdg2oBGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24a4590856b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 112assen.nl/wp-content/themes/112press/_/js/modernizr-2.8.0.dev.js | 104.21.30.166 | 200 OK | 17 kB |
URL GET HTTP/3112assen.nl/wp-content/themes/112press/_/js/modernizr-2.8.0.dev.js IP104.21.30.166:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject112assen.nl Fingerprint87:8B:2B:44:2A:C9:AA:00:BB:0B:DD:58:BD:63:BC:3A:9A:4D:11:4D ValiditySun, 07 Apr 2024 04:23:48 GMT - Sat, 06 Jul 2024 04:23:47 GMT
File typeJavaScript source, ASCII text, with very long lines (1989) Hash0b7796f820ab9beaedf292d413a05fd1 9832307967c476b65763a33b624dc1588762c3f8 eba0f1de8c7e6ce926381bc8d64718cc83fea0bec2a9402021afa8431803fb4a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/112press/_/js/modernizr-2.8.0.dev.js HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Cookie: cf_clearance=YRzukmtU9nwfDHc.PPTQ7ARY0OBv2VWVuY.vdd2EbdQ-1714046106-1.0.1.1-F4mqBAjJbykrWkQ5erK1ysm8M7bE11gp5toRyQEkwvuPeOtGk81A.JkQ39sXbafcqPjGYsRPk5xdQYlaIHx9rw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:16 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=51350
etag: W/"635f7f1a-c896"
last-modified: Mon, 31 Oct 2022 07:54:02 GMT
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iif8xjqUAJ0djPIO4tjCGgo8JY2XkD5dbv10LqxD55R%2F9u1%2BQx10oVpp2gQpE0YxJ5XFDYdiXY3114y3StAR7zLz2s2DlAqSwHSrUGz4Tia6nYq3IeeF%2F5FOVLJfUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24a408c156b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=5d401dde41 | 172.67.139.119 | 200 OK | 60 kB |
URL GET HTTP/2ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=5d401dde41 IP172.67.139.119:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98 ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT
File typeASCII text, with very long lines (60130) Hasha12ec7ebe75a4d59a5dd6b79e2ba2e16 28f5dcc595ee6d4163481ef64170180502c8629b fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
GET /releases/v5.15.4/css/free.min.css?token=5d401dde41 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://112assen.nl/
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 11:55:17 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WNmMZu_t7wpBSih-LwDJMBP-XfQfo8R55rOB1ycupSJ4IRjiFFDp7Q==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ULP11OmLZzgFdCnW4B7L7TRf0PVplonMQqRYFjU1BSfdGZjEb97Rm91iJe1HzZO5UypZW9hr2lTxs4rpfSHhH5qvxifpkvAfKiyswqkS5kPKOEuMdSDv%2BlhiVg4nak%2FJAMGYkOz3OA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879e24a94e8a712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api2/anchor?ar=1&k=6LdEBRAcAAAAAC1DyQBCamf_PTVEJDX12JEPr1-Q&co=aHR0cHM6Ly8xMTJhc3Nlbi5ubDo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=f91sgw3vn9wj | 142.250.74.164 | 200 OK | 45 kB |
URL GET HTTP/3www.google.com/recaptcha/api2/anchor?ar=1&k=6LdEBRAcAAAAAC1DyQBCamf_PTVEJDX12JEPr1-Q&co=aHR0cHM6Ly8xMTJhc3Nlbi5ubDo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=f91sgw3vn9wj IP142.250.74.164:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File typeHTML document, ASCII text, with very long lines (35935) Hash471a00697d85609447a7eae7dfeee09c 91fba802becb6825c5a4215ddbce2fb2e3b4d757 3ce495cab759940c5b5c3527e071fe8564b4e088a93ebf6b7d5bc917eb441970
GET /recaptcha/api2/anchor?ar=1&k=6LdEBRAcAAAAAC1DyQBCamf_PTVEJDX12JEPr1-Q&co=aHR0cHM6Ly8xMTJhc3Nlbi5ubDo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=f91sgw3vn9wj HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 25 Apr 2024 11:55:18 GMT
content-security-policy: script-src 'nonce-PR7Ntq0ZHcIZgcKcJB_DNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 112assen.nl/wp-content/plugins/the-events-calendar/src/resources/css/widget-events-list-full.min.css?ver=6.3.7 | 104.21.30.166 | 200 OK | 6.1 kB |
URL GET HTTP/3112assen.nl/wp-content/plugins/the-events-calendar/src/resources/css/widget-events-list-full.min.css?ver=6.3.7 IP104.21.30.166:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject112assen.nl Fingerprint87:8B:2B:44:2A:C9:AA:00:BB:0B:DD:58:BD:63:BC:3A:9A:4D:11:4D ValiditySun, 07 Apr 2024 04:23:48 GMT - Sat, 06 Jul 2024 04:23:47 GMT
File typeASCII text, with very long lines (6105), with no line terminators Hash6d427b6592b1c4603fa5d809ec06dfa7 5692243117c8abb7201856e273e34403e96e2342 e38697f1e09e8aab7a2adc7d257587f7c9d19b1d0f1526e802fd8f84d579e3f3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/the-events-calendar/src/resources/css/widget-events-list-full.min.css?ver=6.3.7 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Cookie: cf_clearance=YRzukmtU9nwfDHc.PPTQ7ARY0OBv2VWVuY.vdd2EbdQ-1714046106-1.0.1.1-F4mqBAjJbykrWkQ5erK1ysm8M7bE11gp5toRyQEkwvuPeOtGk81A.JkQ39sXbafcqPjGYsRPk5xdQYlaIHx9rw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:17 GMT
content-type: text/css
last-modified: Fri, 19 Apr 2024 01:49:43 GMT
etag: W/"6621cdb7-17d7"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 11
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3j00zNGj5ZQQlgK%2B8UCDZh7uVm1TCFSfm2Bo2Z2vf0HrKt8FbOzqV3kqPhTPUrWr3FhPHF%2BCoZuDPQGOslZWs9HYYDLkXdG7ROrNgbWUmswQUzpcKaZSzBb4ybC4BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24a79c2e56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.google.com/js/bg/Y9LiaqaJM7rIBAUMTg8Ck_H5fpJ61Keayeag6LMQ-3c.js | 142.250.74.164 | 200 OK | 18 kB |
URL GET HTTP/3www.google.com/js/bg/Y9LiaqaJM7rIBAUMTg8Ck_H5fpJ61Keayeag6LMQ-3c.js IP142.250.74.164:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdEBRAcAAAAAC1DyQBCamf_PTVEJDX12JEPr1-Q&co=aHR0cHM6Ly8xMTJhc3Nlbi5ubDo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=f91sgw3vn9wj CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File typeJavaScript source, ASCII text, with very long lines (17602) Hasha881e4c268e13ad20405ae80fca4c36b dee477906e2c92b4c7747029a2409069b9b676ad 63d2e26aa68933bac804050c4e0f0293f1f97e927ad4a79ac9e6a0e8b310fb77
GET /js/bg/Y9LiaqaJM7rIBAUMTg8Ck_H5fpJ61Keayeag6LMQ-3c.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdEBRAcAAAAAC1DyQBCamf_PTVEJDX12JEPr1-Q&co=aHR0cHM6Ly8xMTJhc3Nlbi5ubDo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=f91sgw3vn9wj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7447
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 05:05:57 GMT
expires: Thu, 24 Apr 2025 05:05:57 GMT
cache-control: public, max-age=31536000
age: 110961
last-modified: Tue, 16 Apr 2024 13:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 112assen.nl/wp-content/plugins/wpdiscuz-widgets/assets/js/script.min.js?ver=7.0.8 | 104.21.30.166 | 200 OK | 2.2 kB |
URL GET HTTP/3112assen.nl/wp-content/plugins/wpdiscuz-widgets/assets/js/script.min.js?ver=7.0.8 IP104.21.30.166:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject112assen.nl Fingerprint87:8B:2B:44:2A:C9:AA:00:BB:0B:DD:58:BD:63:BC:3A:9A:4D:11:4D ValiditySun, 07 Apr 2024 04:23:48 GMT - Sat, 06 Jul 2024 04:23:47 GMT
File typeJavaScript source, ASCII text, with very long lines (2278), with no line terminators Hashb6af4546ef5deb7af176c205308f381d e2190c5d9b94bfc7ff72c6c45709dfa067c038ad f5dbb58bf61b6b1d0c2223e442451c870497b65dcc776777cc2ff7a2c103034b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/wpdiscuz-widgets/assets/js/script.min.js?ver=7.0.8 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Cookie: cf_clearance=YRzukmtU9nwfDHc.PPTQ7ARY0OBv2VWVuY.vdd2EbdQ-1714046106-1.0.1.1-F4mqBAjJbykrWkQ5erK1ysm8M7bE11gp5toRyQEkwvuPeOtGk81A.JkQ39sXbafcqPjGYsRPk5xdQYlaIHx9rw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:16 GMT
content-type: application/javascript
last-modified: Fri, 13 Aug 2021 12:12:43 GMT
etag: W/"611661bb-868"
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=47ch%2FwuLxWpTKboCDRE%2BOIf2HOUJOxdZVXYQhFKXL6qPEZ83RItJf3mSY1q4zGAWDPwDgNbgQ0tM8gan24ykzP2NDwx7FotVSipUZPSUaItm8XSpa4vRm14rB%2Fh66g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24a4792856b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 112assen.nl/wp-content/plugins/wpdiscuz-widgets/assets/css/style.min.css?ver=7.0.8 | 104.21.30.166 | 200 OK | 16 kB |
URL GET HTTP/3112assen.nl/wp-content/plugins/wpdiscuz-widgets/assets/css/style.min.css?ver=7.0.8 IP104.21.30.166:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject112assen.nl Fingerprint87:8B:2B:44:2A:C9:AA:00:BB:0B:DD:58:BD:63:BC:3A:9A:4D:11:4D ValiditySun, 07 Apr 2024 04:23:48 GMT - Sat, 06 Jul 2024 04:23:47 GMT
File typeASCII text, with very long lines (15630), with no line terminators Hashd4a8bf78c0abaede170395a7c9e72c20 1caff415e163a2e39f1b3136d04531531b144a61 48204e61d2cd180861fafee9fcc3dc3b47640abc7f5abcea165a76bdd825d509
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/wpdiscuz-widgets/assets/css/style.min.css?ver=7.0.8 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:06 GMT
content-type: text/css
last-modified: Fri, 13 Aug 2021 12:12:42 GMT
etag: W/"611661ba-3d0e"
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pYJIdPGzSxXP%2B5bMkRvs%2FxGraXoKWa%2BVba2ora9Lhxg%2B7hyLvBzpAcFWS7XlWB%2BlwLgsQIQmIsVbh3qtdCXNvO%2BVyZlkqPlj0Kj9hLC0r6U3rQl53X2oZoJPty1lpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24642de856b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| static.addtoany.com/menu/svg/icons/email.js | 104.22.71.197 | 200 OK | 415 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/email.js IP104.22.71.197:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (425), with no line terminators Hash4465bfdb8cba21fb7a17422a5f089336 ee98a72a1d681aa77dbb74021a77095c2127bab1 20ff569821a7401cc61a9925bc9d837eff6e1beffbccf1da5da9145c835f54f2
GET /menu/svg/icons/email.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://112assen.nl
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:20 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
etag: W/"eb2119ad4221a9d01abc336e06962867"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ijFhdaVoI86Ju83wSX8Kn7yP37QFPUx6WhEOvNdSxp93DO9LOa8W11mcCod7UgSqEtPA%2BjJ7%2FTF568V7Aty3RKC3Gfq7HB9QPbCV3Qa8WKpkxrRsqXfHsMxsZKroU7OUyAxqvfLk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 879e24ba8a148f61-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 112assen.nl/wp-content/plugins/simplelightbox/dist/simple-lightbox.min.css?ver=6.5.2 | 104.21.30.166 | 200 OK | 3.9 kB |
URL GET HTTP/3112assen.nl/wp-content/plugins/simplelightbox/dist/simple-lightbox.min.css?ver=6.5.2 IP104.21.30.166:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject112assen.nl Fingerprint87:8B:2B:44:2A:C9:AA:00:BB:0B:DD:58:BD:63:BC:3A:9A:4D:11:4D ValiditySun, 07 Apr 2024 04:23:48 GMT - Sat, 06 Jul 2024 04:23:47 GMT
File typeUnicode text, UTF-8 text, with very long lines (3901), with no line terminators Hash8b1f377bd7ea4cdfa11880582d1c94dc d9561356f3dccc06b08e908c480b3275d2b9d77f 8c186501ca885265c9b0e09e137195a4fa3cd8e886bbd7c9e2fa22514e1f18fb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/simplelightbox/dist/simple-lightbox.min.css?ver=6.5.2 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Cookie: cf_clearance=YRzukmtU9nwfDHc.PPTQ7ARY0OBv2VWVuY.vdd2EbdQ-1714046106-1.0.1.1-F4mqBAjJbykrWkQ5erK1ysm8M7bE11gp5toRyQEkwvuPeOtGk81A.JkQ39sXbafcqPjGYsRPk5xdQYlaIHx9rw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:17 GMT
content-type: text/css
last-modified: Tue, 17 Oct 2023 10:35:38 GMT
etag: W/"652e637a-f2f"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 11
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1pfbwXZw9q7nMKqOLtTSZwb23NQlKivcyWM%2B6AS1vbZ7yp9zEyj1dJ5551FTybba5wbso5htSANcyKY9IA3vaoHxVpM%2BZ6XYySJvVLwwM%2BbzI3Lh%2FHXM1u2VsfrTkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24a77c0c56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 112assen.nl/wp-content/plugins/the-events-calendar/common/src/resources/css/variables-skeleton.min.css?ver=5.2.5 | 104.21.30.166 | 200 OK | 4.7 kB |
URL GET HTTP/3112assen.nl/wp-content/plugins/the-events-calendar/common/src/resources/css/variables-skeleton.min.css?ver=5.2.5 IP104.21.30.166:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject112assen.nl Fingerprint87:8B:2B:44:2A:C9:AA:00:BB:0B:DD:58:BD:63:BC:3A:9A:4D:11:4D ValiditySun, 07 Apr 2024 04:23:48 GMT - Sat, 06 Jul 2024 04:23:47 GMT
File typeASCII text, with very long lines (4744), with no line terminators Hashb4f4bf61a851752ba92cbbf692af9177 37905035c82bea672af3f50d67a9e40fd05285a2 8e23f8023485c7cd75bfab4571211d8853189f20d5fd45a520b123961b5bfcac
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/the-events-calendar/common/src/resources/css/variables-skeleton.min.css?ver=5.2.5 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:06 GMT
content-type: text/css
last-modified: Fri, 19 Apr 2024 01:49:43 GMT
etag: W/"6621cdb7-1288"
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=baGtsyHptDlUQlNBuO5xI1K5aFXiQNQzSuv8QzUvSAZkUXE%2F7YUxnjERlgVA2m4k7XBrn98Tn7pyetG9NlUL3%2F9ECYyj9cAfqPifuYySvwA1UfC8MeMlHzxwgEtDAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24642df856b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 112assen.nl/wp-content/plugins/the-events-calendar/common/src/resources/js/tribe-common.min.js?ver=5.2.5 | 104.21.30.166 | 200 OK | 1.2 kB |
URL GET HTTP/3112assen.nl/wp-content/plugins/the-events-calendar/common/src/resources/js/tribe-common.min.js?ver=5.2.5 IP104.21.30.166:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject112assen.nl Fingerprint87:8B:2B:44:2A:C9:AA:00:BB:0B:DD:58:BD:63:BC:3A:9A:4D:11:4D ValiditySun, 07 Apr 2024 04:23:48 GMT - Sat, 06 Jul 2024 04:23:47 GMT
File typeJavaScript source, ASCII text, with very long lines (1272), with no line terminators Hash8f1e9b1c20dd3ef0068250f56c53b8f0 41829fea2d57ff0f0764d67ed0d9c9d71fbde70f 325be7d2b86bc6f940f42062348f21b795776746927323680a6d4fb0202a5ef2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/the-events-calendar/common/src/resources/js/tribe-common.min.js?ver=5.2.5 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Cookie: cf_clearance=YRzukmtU9nwfDHc.PPTQ7ARY0OBv2VWVuY.vdd2EbdQ-1714046106-1.0.1.1-F4mqBAjJbykrWkQ5erK1ysm8M7bE11gp5toRyQEkwvuPeOtGk81A.JkQ39sXbafcqPjGYsRPk5xdQYlaIHx9rw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:16 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 01:49:43 GMT
etag: W/"6621cdb7-4dc"
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hEN6pXVWT2v3BZHnYBcpfdSbtEJFnTOSBM5uYNSMd1boi83%2BJVwiSkvy5FZF3DVMxufRefEn45rPGTtyMo8pvMJmQhIlhiJPvRTbq%2Fa1UxFSiEDiFrkp8AX7PXGG5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24a4792a56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fundingchoicesmessages.google.com/f/AGSKWxXZuzRFaSbG3HUbjY3Pc7ggfmuN897zrJSA4TRW71x5NAiApzy0OnnAioN0217tYSCGHlyIEQNjxpO1Sh_vyL8= | 216.58.211.14 | 200 OK | 186 kB |
URL GET HTTP/2fundingchoicesmessages.google.com/f/AGSKWxXZuzRFaSbG3HUbjY3Pc7ggfmuN897zrJSA4TRW71x5NAiApzy0OnnAioN0217tYSCGHlyIEQNjxpO1Sh_vyL8= IP216.58.211.14:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File typeJavaScript source, ASCII text, with very long lines (2607) Size186 kB (185501 bytes) Hash32066292248c6e2f88b8372f3a226e27 3b7189ae7b6263eec264f3680d54c0c21997abb5 90e5fe7c28673a9bc081efb24dfe268b7795bb734f21e5f5af75685d214610f0
GET /f/AGSKWxXZuzRFaSbG3HUbjY3Pc7ggfmuN897zrJSA4TRW71x5NAiApzy0OnnAioN0217tYSCGHlyIEQNjxpO1Sh_vyL8= HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
timing-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 25 Apr 2024 11:55:17 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-H5mho9-6xVMoxx9j669wcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cross-origin-opener-policy: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmJw05BiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxYQxzyfzpoCxE7pM1hDgNinfgZrHBC33jzHOh2ITy44z3oRiJP-nWctAWIhHo6lnSs3sgm8OH7lGBMA-yMrQg"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-74R040FQ8P&l=dataLayer&cx=c | 142.250.74.72 | 200 OK | 294 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-74R040FQ8P&l=dataLayer&cx=c IP142.250.74.72:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (5945) Size294 kB (294459 bytes) Hash83cf4fceb54c6bc6ea4d751ee437500d b872996e28967905ffd80a2fdacc753d27cc512a 47b48003770bf6d8fe47f538487f12e802053449eee1cde82d0ebd7dd55de42c
GET /gtag/js?id=G-74R040FQ8P&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 11:55:17 GMT
expires: Thu, 25 Apr 2024 11:55:17 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100192
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 112assen.nl/wp-content/plugins/simplelightbox/dist/simple-lightbox.min.css?ver=6.5.2 | 104.21.30.166 | 200 OK | 3.9 kB |
URL GET HTTP/3112assen.nl/wp-content/plugins/simplelightbox/dist/simple-lightbox.min.css?ver=6.5.2 IP104.21.30.166:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject112assen.nl Fingerprint87:8B:2B:44:2A:C9:AA:00:BB:0B:DD:58:BD:63:BC:3A:9A:4D:11:4D ValiditySun, 07 Apr 2024 04:23:48 GMT - Sat, 06 Jul 2024 04:23:47 GMT
File typeUnicode text, UTF-8 text, with very long lines (3901), with no line terminators Hash8b1f377bd7ea4cdfa11880582d1c94dc d9561356f3dccc06b08e908c480b3275d2b9d77f 8c186501ca885265c9b0e09e137195a4fa3cd8e886bbd7c9e2fa22514e1f18fb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/simplelightbox/dist/simple-lightbox.min.css?ver=6.5.2 HTTP/1.1
Host: 112assen.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/dodenherdenking-4-mei-in-assen/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:55:06 GMT
content-type: text/css
last-modified: Tue, 17 Oct 2023 10:35:38 GMT
etag: W/"652e637a-f2f"
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uttVpIJAvC5n1QCXp5Dd%2BfRG0keZUgkEhSbL3UJvRMXGPcDkp8PGhN6dL5y5C0GzXfc1k4BH2jcPiaO89HVUAxwiWgVjITrYV7uwEfGMMMgP2w8ofe14jl5cA%2FYoEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879e24642de156b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| systeem.online-banners.nl/stramien.php?id=192 | 92.63.172.156 | 200 OK | 2.2 kB |
URL GET HTTP/2systeem.online-banners.nl/stramien.php?id=192 IP92.63.172.156:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerLet's Encrypt Subjectwww.jortvdheide.nl Fingerprint4F:CE:2A:E0:EE:C8:1B:25:4E:4D:11:41:26:39:9F:70:CE:C3:C1:94 ValiditySat, 06 Apr 2024 23:42:25 GMT - Fri, 05 Jul 2024 23:42:24 GMT
File typeHTML document, ASCII text, with very long lines (2415), with no line terminators Hashd8a6eb7f7be8b16283a1172428f59399 380b5983f6cf6d5183539e202e48b97a94299ed5 575ade765de2dfd2b3cccf80861f9847aaa0589d26e7052b7ad905159a48cf88
GET /stramien.php?id=192 HTTP/1.1
Host: systeem.online-banners.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
date: Thu, 25 Apr 2024 11:55:06 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/td?id=GTM-WPTT9J6&v=3&t=t&pid=734998375&cv=7&rv=44o0&tc=5&es=1&e=gtm.init_consent&eid=-1&h=Ag&tr=1html.5html.1html.5html&ti=1html.1html.1html.1html&dl=112assen.nl%2Fdodenherdenking-4-mei-in-assen%2F&tdp=GTM-WPTT9J6;49218336;0;0;0&rtg=49218336&rlo=64&slo=1&z=0 | 142.250.74.72 | 204 No Content | 0 B |
URL GET HTTP/3www.googletagmanager.com/td?id=GTM-WPTT9J6&v=3&t=t&pid=734998375&cv=7&rv=44o0&tc=5&es=1&e=gtm.init_consent&eid=-1&h=Ag&tr=1html.5html.1html.5html&ti=1html.1html.1html.1html&dl=112assen.nl%2Fdodenherdenking-4-mei-in-assen%2F&tdp=GTM-WPTT9J6;49218336;0;0;0&rtg=49218336&rlo=64&slo=1&z=0 IP142.250.74.72:443
Requested byhttps://112assen.nl/dodenherdenking-4-mei-in-assen/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /td?id=GTM-WPTT9J6&v=3&t=t&pid=734998375&cv=7&rv=44o0&tc=5&es=1&e=gtm.init_consent&eid=-1&h=Ag&tr=1html.5html.1html.5html&ti=1html.1html.1html.1html&dl=112assen.nl%2Fdodenherdenking-4-mei-in-assen%2F&tdp=GTM-WPTT9J6;49218336;0;0;0&rtg=49218336&rlo=64&slo=1&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://112assen.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 204 No Content
date: Thu, 25 Apr 2024 11:55:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|