birminghameventcenter.be Open in urlscan Pro
95.85.28.145 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://francehomedep.blogspot.be/2021/01/blog-post.html?m=1
Effective URL:
https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
Submission: On January 28 via api (January 28th 2021, 10:25:57 pm UTC) from IE

Summary HTTP 57 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 18 domains to perform 57 HTTP transactions. The main IP is 95.85.28.145, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is birminghameventcenter.be.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 30th 2020. Valid for: 3 months.

This is the only time birminghameventcenter.be was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Credit Agricole (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 4	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
1 8	2a00:1450:400... 2a00:1450:4001:81a::2009	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::6815:4ed1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.68.36.8 51.68.36.8	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:829::2009	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:827::200d	15169 (GOOGLE) (GOOGLE)
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 7	95.85.28.145 95.85.28.145	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
11	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	158.191.172.47 158.191.172.47	9159 (Credit Ag...) (Credit Agricole)
1	2a00:1450:400... 2a00:1450:4001:813::2016	15169 (GOOGLE) (GOOGLE)
1	158.191.172.78 158.191.172.78	9159 (Credit Ag...) (Credit Agricole)
1	161.35.253.229 161.35.253.229	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::6816:1883	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE)
5	2606:4700:10:... 2606:4700:10::6816:1983	13335 (CLOUDFLAR...) (CLOUDFLARENET)
57	18

4 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

francehomedep.blogspot.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
francehomedep.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81a::2009 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:4ed1 (United States)

ASN13335 (CLOUDFLARENET, US)

www.coover.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.68.36.8 (France)

ASN16276 (OVH, FR)
PTR: ns3121917.ip-51-68-36.eu

i.gifer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200d (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 95.85.28.145 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

birminghameventcenter.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.191.172.47 (France)

ASN9159 (Credit Agricole, FR)
PTR: www.credit-agricole.fr

www.credit-agricole.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.191.172.78 (France)

ASN9159 (Credit Agricole, FR)

www.ca-atlantique-vendee.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 161.35.253.229 (New York, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

keys0.openode.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-v.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)

va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vsb38.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	cloudflare.com cdnjs.cloudflare.com	602 KB
8	tawk.to embed.tawk.to static-v.tawk.to va.tawk.to vsb38.tawk.to	118 KB
7	birminghameventcenter.be 1 redirects birminghameventcenter.be	283 KB
7	blogger.com 1 redirects www.blogger.com	152 KB
5	jsdelivr.net cdn.jsdelivr.net	90 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	53 KB
4	googleapis.com fonts.googleapis.com	3 KB
4	blogspot.com francehomedep.blogspot.com 3.bp.blogspot.com	777 KB
2	blogblog.com resources.blogblog.com www.blogblog.com	48 KB
1	openode.io keys0.openode.io	733 B
1	ca-atlantique-vendee.fr www.ca-atlantique-vendee.fr	154 KB
1	ytimg.com i.ytimg.com	93 KB
1	credit-agricole.fr www.credit-agricole.fr	9 KB
1	bit.ly 1 redirects bit.ly	266 B
1	google.com 1 redirects accounts.google.com	731 B
1	gifer.com i.gifer.com	35 KB
1	coover.fr www.coover.fr	64 KB
1	blogspot.be 1 redirects francehomedep.blogspot.be	409 B
57	18

	Domain	Requested by
11	cdnjs.cloudflare.com	birminghameventcenter.be cdnjs.cloudflare.com
7	birminghameventcenter.be	1 redirects birminghameventcenter.be
7	www.blogger.com	1 redirects francehomedep.blogspot.com www.blogger.com
5	cdn.jsdelivr.net	birminghameventcenter.be static-v.tawk.to
4	fonts.googleapis.com	cdnjs.cloudflare.com static-v.tawk.to
4	fonts.gstatic.com	francehomedep.blogspot.com fonts.googleapis.com
3	vsb38.tawk.to	static-v.tawk.to
3	va.tawk.to	static-v.tawk.to
3	francehomedep.blogspot.com	francehomedep.blogspot.com
1	static-v.tawk.to	embed.tawk.to
1	embed.tawk.to	birminghameventcenter.be
1	keys0.openode.io	birminghameventcenter.be
1	www.ca-atlantique-vendee.fr	birminghameventcenter.be
1	i.ytimg.com	birminghameventcenter.be
1	www.credit-agricole.fr	birminghameventcenter.be
1	bit.ly	1 redirects
1	www.blogblog.com	francehomedep.blogspot.com
1	accounts.google.com	1 redirects
1	resources.blogblog.com	francehomedep.blogspot.com
1	i.gifer.com	francehomedep.blogspot.com
1	www.coover.fr	francehomedep.blogspot.com
1	3.bp.blogspot.com	francehomedep.blogspot.com
1	www.gstatic.com	francehomedep.blogspot.com
1	francehomedep.blogspot.be	1 redirects
57	24

This site contains no links.

Subject Issuer	Validity	Valid
misc-sni.blogspot.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.blogger.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-29` - `2021-07-29`	a year	crt.sh
gifer.com R3	`2021-01-08` - `2021-04-08`	3 months	crt.sh
birminghameventcenter.be Let's Encrypt Authority X3	`2020-11-30` - `2021-02-28`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
www.credit-agricole.fr Sectigo RSA Organization Validation Secure Server CA	`2020-09-28` - `2021-09-28`	a year	crt.sh
edgestatic.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
www.ca-atlantique-vendee.fr Sectigo RSA Organization Validation Secure Server CA	`2020-02-24` - `2021-02-23`	a year	crt.sh
*.openode.io AlphaSSL CA - SHA256 - G2	`2020-03-05` - `2022-04-11`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
Frame ID: CE8A21311912DAE030A3014DABAA4232
Requests: 50 HTTP requests in this frame

Frame: https://www.blogger.com/comment-iframe.g?blogID=8327885292646011368&postID=1870971315535914716&m=1&skin=contempo&blogspotRpcToken=6073975&bpli=1
Frame ID: 21FD017B7DDF562841F954611B532785
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: B8A42799908C4C6B80B2487A031FE6A5
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: A399A135289FC8480C5911DA69531B49
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 17C3930C6DAC586AE77FF53C620B38B7
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://francehomedep.blogspot.be/2021/01/blog-post.html?m=1 HTTP 302
https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1 Page URL
https://bit.ly/3a2erxx?zebi= HTTP 301
https://birminghameventcenter.be/-/home/sca/CA/ Page URL
https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e HTTP 301
https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/ Page URL

Detected technologies

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

OpenGSE (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

Page Statistics

57
Requests

100 %
HTTPS

70 %
IPv6

18
Domains

24
Subdomains

18
IPs

5
Countries

2483 kB
Transfer

7434 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://francehomedep.blogspot.be/2021/01/blog-post.html?m=1 HTTP 302
https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1 Page URL
https://bit.ly/3a2erxx?zebi= HTTP 301
https://birminghameventcenter.be/-/home/sca/CA/ Page URL
https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e HTTP 301
https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://francehomedep.blogspot.be/2021/01/blog-post.html?m=1 HTTP 302
https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1

Request Chain 13

https://www.blogger.com/comment-iframe.g?blogID=8327885292646011368&postID=1870971315535914716&m=1&skin=contempo&blogspotRpcToken=6073975 HTTP 302
https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/comment-iframe.g?blogID%3D8327885292646011368%26postID%3D1870971315535914716%26m%3D1%26skin%3Dcontempo%26blogspotRpcToken%3D6073975%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D8327885292646011368%26postID%3D1870971315535914716%26m%3D1%26skin%3Dcontempo%26blogspotRpcToken%3D6073975%26bpli%3D1&passive=true&go=true HTTP 302
https://www.blogger.com/comment-iframe.g?blogID=8327885292646011368&postID=1870971315535914716&m=1&skin=contempo&blogspotRpcToken=6073975&bpli=1

Request Chain 17

https://bit.ly/3a2erxx?zebi= HTTP 301
https://birminghameventcenter.be/-/home/sca/CA/

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

blog-post.html Show response
francehomedep.blogspot.com/2021/01/
Redirect Chain

https://francehomedep.blogspot.be/2021/01/blog-post.html?m=1
https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1

83 KB
17 KB

725ms
711ms

Document
text/html

2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

953ed1a3aaeb94b9a37b807bb1525a9d3ec4e39ab909cdd31680aa65758ac168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: francehomedep.blogspot.com
:scheme: https
:path: /2021/01/blog-post.html?m=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
expires: Thu, 28 Jan 2021 22:25:38 GMT
date: Thu, 28 Jan 2021 22:25:38 GMT
cache-control: private, max-age=0
last-modified: Wed, 27 Jan 2021 01:43:09 GMT
etag: W/"934e679eda2f88dc768dc6da51cbc6e3392133eb556d3f8702cfee6962d1723f"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 17565
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

location: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Thu, 28 Jan 2021 22:25:37 GMT
expires: Thu, 28 Jan 2021 22:25:37 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 199
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 clipboard.min.js Show response
www.gstatic.com/external_hosted/clipboardjs/ 12 KB
4 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js

Requested by

Host: francehomedep.blogspot.com
URL: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a00d3cabd4a8dbdbd2e992e238d11ec889fb3cc7751d9bc271f063a17ec8bf7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 22:25:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4096
x-xss-protection: 0
expires: Thu, 28 Jan 2021 22:25:38 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
684 B 126ms
106ms Stylesheet
text/css 2a00:1450:4001:81a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8327885292646011368&zx=8d23db5b-2d27-4b5d-a4aa-61d2d9aa75bc

Requested by

Host: francehomedep.blogspot.com
URL: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:25:38 GMT
server: GSE
date: Thu, 28 Jan 2021 22:25:38 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sprite_v1_6.css.svg
francehomedep.blogspot.com/responsive/ 7 KB
2 KB 36ms
22ms Other
image/svg+xml 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://francehomedep.blogspot.com/responsive/sprite_v1_6.css.svg

Requested by

Host: francehomedep.blogspot.com
URL: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 18:54:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 17:10:03 GMT
server: sffe
age: 12684
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2244
x-xss-protection: 0
expires: Thu, 04 Feb 2021 18:54:14 GMT

GET
H2 200 If.png
3.bp.blogspot.com/-IDm8Hi4CSUo/YBDFDeTvFxI/AAAAAAAAAIQ/vRm9yUPfvxANtg22y4Es5DQCF49eTdsfQCK4BGAYYCw/w1600/ 755 KB
755 KB 920ms
900ms Image
image/png 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-IDm8Hi4CSUo/YBDFDeTvFxI/AAAAAAAAAIQ/vRm9yUPfvxANtg22y4Es5DQCF49eTdsfQCK4BGAYYCw/w1600/If.png

Requested by

Host: francehomedep.blogspot.com
URL: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b1faa5a47a9248cb623d9d0cddf1ddeb017dc449e65890d21ba6af44b39aec6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 22:25:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v85"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="If.png"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 772776
x-xss-protection: 0
expires: Fri, 29 Jan 2021 22:25:39 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: francehomedep.blogspot.com
URL: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://francehomedep.blogspot.com
Referer: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 22 Jan 2021 19:56:35 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 527343
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 22 Jan 2022 19:56:35 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: francehomedep.blogspot.com
URL: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://francehomedep.blogspot.com
Referer: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 09:18:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 47246
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Fri, 28 Jan 2022 09:18:12 GMT

GET
H2 200 logo-credit-agricole.png
www.coover.fr/wp-content/uploads/2019/06/ 63 KB
64 KB 88ms
30ms Image
image/png 2606:4700:3037::6815:4ed1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.coover.fr/wp-content/uploads/2019/06/logo-credit-agricole.png
Requested by: Host: francehomedep.blogspot.com
URL: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4ed1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71129a5a18b4da7e06bb8239a26eac8b21ce3d40f374d5729852717baa56e0da

Request headers

Referer: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 22:25:38 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6107
cf-ray: 618e216a1c93974e-FRA
content-length: 64446
x-amz-id-2: yo0O+bse1PpAjyWPmPyDYzmAz1/EiS09o3xXY2TYM1OSuVv19E12MqSP3CTNib3r5tc5RViJA/c=
last-modified: Fri, 14 Jun 2019 10:36:55 GMT
server: cloudflare
etag: "2cad85756092369b658da1460343b85b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zEJo%2B5Hh6RWCotUTosf5gaSf6kuJN3FOwzlpOTBFXZhwtHfjYjPFGB0mkllUMLxvpZ7GkSlkPmHz11HStRVpdxYbfcZsmBjntPORlBFiZ46YHX5kI4veVMuj"}],"max_age":604800}
x-amz-request-id: 0989020F2BFF0F56
cache-control: max-age=2678400
cf-request-id: 07ecb3364d0000974e0d030000000001
accept-ranges: bytes
content-type: image/png

GET
H2 200 34338d26023e5515f6cc8969aa027bca_w200.gif
i.gifer.com/origin/34/ 35 KB
35 KB 129ms
47ms Image
image/gif 51.68.36.8
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.gifer.com/origin/34/34338d26023e5515f6cc8969aa027bca_w200.gif

Requested by

Host: francehomedep.blogspot.com
URL: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.68.36.8 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3121917.ip-51-68-36.eu

Software

nginx /

Resource Hash

fd969eab7bf38ffda200dcbf707646810df3039138abe643793c20404ecf5900

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 22:25:38 GMT
last-modified: Sun, 17 Sep 2017 15:20:23 GMT
server: nginx
etag: "59be92b7-8ccc"
strict-transport-security: max-age=604800
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 36044
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3858658042-comment_from_post_iframe.js Show response
www.blogger.com/static/v1/jsbin/ 13 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/3858658042-comment_from_post_iframe.js

Requested by

Host: francehomedep.blogspot.com
URL: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a09131f2885086eb3dea6a379c43e58c88e683b99fb7cf9cefde399dfd68d0ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 18:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 08:23:31 GMT
server: sffe
age: 99654
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5121
x-xss-protection: 0
expires: Thu, 27 Jan 2022 18:44:44 GMT

GET
H2 200 2962309134-indie_compiled.js Show response
resources.blogblog.com/blogblog/data/res/ 137 KB
47 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.blogblog.com/blogblog/data/res/2962309134-indie_compiled.js

Requested by

Host: francehomedep.blogspot.com
URL: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0544fbbc8377ba3db764ac56122a20fd0c273a43ccd71a162210b7eac21a552c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 01:15:28 GMT
server: sffe
age: 110763
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47960
x-xss-protection: 0
expires: Wed, 03 Feb 2021 15:39:35 GMT

GET
H3-Q050 200 cookienotice.js Show response
francehomedep.blogspot.com/js/ 6 KB
2 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://francehomedep.blogspot.com/js/cookienotice.js

Requested by

Host: francehomedep.blogspot.com
URL: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 18:54:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 17:10:03 GMT
server: sffe
age: 12684
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2026
x-xss-protection: 0
expires: Thu, 04 Feb 2021 18:54:14 GMT

GET
H2 200 4265963759-widgets.js Show response
www.blogger.com/static/v1/widgets/ 142 KB
142 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/4265963759-widgets.js

Requested by

Host: francehomedep.blogspot.com
URL: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cffbe8c599edfadc133a29f49e05bf431a0ec497ea8888accf0fe6b612a3a375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 03:21:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 26 Jan 2021 13:13:15 GMT
server: sffe
age: 155076
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145382
x-xss-protection: 0
expires: Thu, 27 Jan 2022 03:21:02 GMT

GET
H3-Q050

200

comment-iframe.g
www.blogger.com/ Frame 21FD
Redirect Chain

https://www.blogger.com/comment-iframe.g?blogID=8327885292646011368&postID=1870971315535914716&m=1&skin=contempo&blogspotRpcToken=6073975
https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/comment-iframe.g?blogID%3D8327885292646011368%26postID%3D1870971315535914716%26m%3D1%26skin%3Dcontempo%26blogspotRpcToken%3...
https://www.blogger.com/comment-iframe.g?blogID=8327885292646011368&postID=1870971315535914716&m=1&skin=contempo&blogspotRpcToken=6073975&bpli=1

0
0

521ms
521ms

Document
text/html

2a00:1450:4001:81a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/comment-iframe.g?blogID=8327885292646011368&postID=1870971315535914716&m=1&skin=contempo&blogspotRpcToken=6073975&bpli=1

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/jsbin/3858658042-comment_from_post_iframe.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /comment-iframe.g?blogID=8327885292646011368&postID=1870971315535914716&m=1&skin=contempo&blogspotRpcToken=6073975&bpli=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 28 Jan 2021 22:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 4696
server: GSE
set-cookie: S=blogger=jlTuIFu7TCGVEbSXxdMRig28kHC6DiKxGNWCtfPssEM; Domain=.blogger.com; Path=/; Secure; HttpOnly; Priority=LOW; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 28 Jan 2021 22:25:39 GMT
location: https://www.blogger.com/comment-iframe.g?blogID=8327885292646011368&postID=1870971315535914716&m=1&skin=contempo&blogspotRpcToken=6073975&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'report-sample' 'nonce-VS14f3G1jh/KamwVP+/dJw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 272
server: GSE
set-cookie: __Host-GAPS=1:tpDSLvHF0YZ8hgn2qWAVofoCbIrasA:U9TWA6ffpIny13K8;Path=/;Expires=Sat, 28-Jan-2023 22:25:39 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 mspin_black_large.svg
www.blogblog.com/indie/ 6 KB
1013 B 7ms
5ms Image
image/svg+xml 2a00:1450:4001:81a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogblog.com/indie/mspin_black_large.svg

Requested by

Host: francehomedep.blogspot.com
URL: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e2c209346d02318a063c7ea2513498881c35f1525114c9b969b573384f54baf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 18:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Jan 2021 17:13:07 GMT
server: sffe
age: 186782
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 870
x-xss-protection: 0
expires: Tue, 02 Feb 2021 18:32:36 GMT

GET
H3-Q050 200 blogger_logo_round_35.png
www.blogger.com/img/ 2 KB
3 KB 6ms
5ms Image
image/png 2a00:1450:4001:81a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/blogger_logo_round_35.png

Requested by

Host: francehomedep.blogspot.com
URL: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 06:30:27 GMT
x-content-type-options: nosniff
last-modified: Fri, 22 Jan 2021 15:19:13 GMT
server: sffe
age: 489311
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2531
x-xss-protection: 0
expires: Sat, 30 Jan 2021 06:30:27 GMT

GET
H3-Q050 200 authorization.css
www.blogger.com/dyn-css/ 1 B
515 B 511ms
511ms Stylesheet
text/css 2a00:1450:4001:81a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8327885292646011368&zx=8d23db5b-2d27-4b5d-a4aa-61d2d9aa75bc

Requested by

Host: francehomedep.blogspot.com
URL: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:25:39 GMT
server: GSE
date: Thu, 28 Jan 2021 22:25:39 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
birminghameventcenter.be/-/home/sca/CA/
Redirect Chain

https://bit.ly/3a2erxx?zebi=
https://birminghameventcenter.be/-/home/sca/CA/

79 B
255 B

115ms
38ms

Document
text/html

95.85.28.145
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://birminghameventcenter.be/-/home/sca/CA/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.85.28.145 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.11.3 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: birminghameventcenter.be
:scheme: https
:path: /-/home/sca/CA/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://francehomedep.blogspot.com/2021/01/blog-post.html?m=1

Response headers

server: nginx/1.11.3
date: Thu, 28 Jan 2021 22:25:40 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip

Redirect headers

server: nginx
date: Thu, 28 Jan 2021 22:25:39 GMT
content-type: text/html; charset=utf-8
content-length: 134
cache-control: private, max-age=90
content-security-policy: referrer always;
location: https://birminghameventcenter.be/-/home/sca/CA/
referrer-policy: unsafe-url
set-cookie: _bit=l0smpD-09309f7a430179e0d0-00A; Domain=bit.ly; Expires=Tue, 27 Jul 2021 22:25:39 GMT
via: 1.1 google
alt-svc: clear

GET
H2

200

Primary Request / Show response
birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
Redirect Chain

https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e
https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/

30 KB
8 KB

43ms
42ms

Document
text/html

95.85.28.145
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/

Requested by

Host: birminghameventcenter.be
URL: https://birminghameventcenter.be/-/home/sca/CA/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.85.28.145 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.11.3 /

Resource Hash

b1c5089ecbec08f1b4d11aaef84084ddb3f3b29f5aa401dc140cab28edd59a74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: birminghameventcenter.be
:scheme: https
:path: /-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://birminghameventcenter.be/-/home/sca/CA/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://birminghameventcenter.be/-/home/sca/CA/##az-AZ-09-{95}##

Response headers

server: nginx/1.11.3
date: Thu, 28 Jan 2021 22:25:40 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip

Redirect headers

server: nginx/1.11.3
date: Thu, 28 Jan 2021 22:25:40 GMT
content-type: text/html
content-length: 185
location: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H2 200 vue Show response
cdn.jsdelivr.net/npm/ 91 KB
34 KB 9ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue

Requested by

Host: birminghameventcenter.be
URL: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

29296ccacaa9ed35ed168fc51e36f54fd6f8db9c7786bbf38cc59a27229ba5c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 29990
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 34100
etag: W/"16de6-5V3x99bCiO5z1Dm6sm3QBv/uevM"
x-served-by: cache-fra19152-FRA, cache-hhn4074-HHN
date: Thu, 28 Jan 2021 22:25:40 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 274 KB
68 KB 23ms
20ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.js

Requested by

Host: birminghameventcenter.be
URL: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://birminghameventcenter.be
Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 22:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2917680
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 69049
cf-request-id: 07ecb33bb10000d70dee14c000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-4472c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yclgEHeA1EUpfYvL1ptvxU1woK9vrR%2FN9A6xhWigfFnJ9X23XH5ICIc4UZICwZBPh8pAxrJ0Y%2B%2BLl%2FSnjQMIxXwApYaxb6YUHEPdjW7xHQuzQ%2BpIRPnkwBlsu3P2cDi5GA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 618e2172b866d70d-FRA
expires: Tue, 18 Jan 2022 22:25:40 GMT

GET
H2 200 iview.js Show response
cdnjs.cloudflare.com/ajax/libs/iview/3.5.1/ 2 MB
177 KB 22ms
19ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iview/3.5.1/iview.js

Requested by

Host: birminghameventcenter.be
URL: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e377ae95a219f11b2597a3ab7b8f2e897696b831aa5b8561a0cd135cb279f36

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://birminghameventcenter.be
Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 22:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 267555
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 180352
cf-request-id: 07ecb33bb10000d70d1b2d6000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ebd-1979d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ry1cx%2FhAkq7sigE2EawA5Knk4uMZXUj7kPaj0Gydw56B4QZnZZ%2FMyDienFjMwDlbQTZnInJ3N%2Bu05B8pdhw9w8eNDuuYRQuxNN3nDapTHrWw2SZyeakD%2Fr%2BkAIZSCZ6m4Q%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 618e2172b868d70d-FRA
expires: Tue, 18 Jan 2022 22:25:40 GMT

GET
H2 200 iview.css
cdnjs.cloudflare.com/ajax/libs/iview/3.5.1/styles/ 308 KB
30 KB 15ms
12ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iview/3.5.1/styles/iview.css

Requested by

Host: birminghameventcenter.be
URL: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2b9b39addf8080409dc28611be64764d8705530eb94b1a12c04bbb656e07d93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://birminghameventcenter.be
Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 22:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 96254
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30269
cf-request-id: 07ecb33bb00000d70dd4ad6000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ebd-4cfd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bVZDXevpMhjn83FR%2BIUouXuRSTsvUPRxsX%2FpoJMCyUWrZjoiMzWSHvde4LbZkCs%2FvwjXZ6u1aXWYJMzdLDMD3P70zFFu8XLDCJnHxHpSUsplMQQMLPPrqRtaJ6b8HMhPjg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 618e2172b862d70d-FRA
expires: Tue, 18 Jan 2022 22:25:40 GMT

GET
H2 200 v-mask.min.js Show response
cdn.jsdelivr.net/npm/v-mask/dist/ 6 KB
3 KB 11ms
8ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/v-mask/dist/v-mask.min.js

Requested by

Host: birminghameventcenter.be
URL: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dedb5d04e2c87b78daff04491209d864d8c87e073a8a651be6d3c2a0024b4e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 19110
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 2550
etag: W/"18d4-52oHeolIpIgTLAYqmNoy6PZJqn4"
x-served-by: cache-fra19154-FRA, cache-hhn4074-HHN
date: Thu, 28 Jan 2021 22:25:40 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 axios.js Show response
cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/ 44 KB
10 KB 27ms
24ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/axios.js

Requested by

Host: birminghameventcenter.be
URL: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e67516d3adeff746e961624fdc38150ca5895a029d91a68fece79eaed0e20a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://birminghameventcenter.be
Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 22:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 89184
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9580
cf-request-id: 07ecb33bb20000d70d10914000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d6a-ae3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=z2hK180p3qle0HLAhtG5k7rOMu0rLxYOuIKJvMwlCuY%2FgKGqfeXR9fQBd0xGyXt5Hh5ZRXuQQ3ZCZZivfSa3YbMbbdGM%2FrsUK5cjK%2Bjw4MzSsxXxuPs2bTvWcxfURQFWIw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 618e2172b869d70d-FRA
expires: Tue, 18 Jan 2022 22:25:40 GMT

GET
H2 200 socket.io.js Show response
cdnjs.cloudflare.com/ajax/libs/socket.io/2.3.0/ 67 KB
17 KB 21ms
19ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/socket.io/2.3.0/socket.io.js

Requested by

Host: birminghameventcenter.be
URL: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d09ab65ee323e742b2d363ed6063295f34c06e19f9d3fc72ac0865fef57baaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://birminghameventcenter.be
Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 22:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 92283
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17532
cf-request-id: 07ecb33bb20000d70d453fb000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-10c4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I2zho3qxnK0ca9kdcJMP0ObCaRmyb0qQ9E9wEXqbMavFfGX4SjHYMuOSHJtO%2F8pxMsyCTc7SgaufPmag%2BVHNC0PY0sGNapldQlidKM%2FlEzvzbxO63497D7jqHTmmWNjieg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 618e2172b86bd70d-FRA
expires: Tue, 18 Jan 2022 22:25:40 GMT

GET
H2 200 uikit.js Show response
cdnjs.cloudflare.com/ajax/libs/uikit/3.2.0/js/ 334 KB
53 KB 22ms
20ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/uikit/3.2.0/js/uikit.js

Requested by

Host: birminghameventcenter.be
URL: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03b5861a76d3d1fd0e6075905645aa5fa1907591d90e2f08b1b0ffbbe1506957

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://birminghameventcenter.be
Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 22:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 270026
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53583
cf-request-id: 07ecb33bb20000d70d0c01a000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04015-5372b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tlgmkqpeUBoVlOsZEvyS05NfkcDU0ZG7h81Jk50OPsUhIoPpgS%2FSYjSza2Le3lapvc3FG7DCBu3EsLEATFZO0kganx1bVABjTN4EKGOaE%2FOGRa7QZtnZEqlhQ%2F07nxVqWw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 618e2172b86cd70d-FRA
expires: Tue, 18 Jan 2022 22:25:40 GMT

GET
H2 200 semantic.css
cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.4.1/ 809 KB
90 KB 16ms
14ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.4.1/semantic.css

Requested by

Host: birminghameventcenter.be
URL: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41504dd284fbe148690ad128e0aa3e937b0da3eca4245041b4676ec35dd5f6fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://birminghameventcenter.be
Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 22:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 264316
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 92089
cf-request-id: 07ecb33bb00000d70df8985000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcd-ca5e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k6GZEWtGPz5GxnuQPVeIzeRSdPPJ1BgkOm8nja2Cdcv7QEUBOyDy3Lx0EG3cPfNkyqqqN2iosAIRL%2Bfq%2F%2F8mrc8zHFtqYNmjFKtfYoW2OZM5A93n4%2BFDLCjcJ7%2B%2BvTh37g%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 618e2172b864d70d-FRA
expires: Tue, 18 Jan 2022 22:25:40 GMT

GET
H2 200 semantic.js Show response
cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.4.1/ 719 KB
78 KB 22ms
20ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.4.1/semantic.js

Requested by

Host: birminghameventcenter.be
URL: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aace69d01152a92bebb2d0713ef7b1fb3772af373219d1cd78d9808ab3b6cdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://birminghameventcenter.be
Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 22:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 87651
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79463
cf-request-id: 07ecb33bb30000d70d1eb79000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcd-b3d3e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jOzSZUYWZC1yIPL0yS9PdMJ%2F67eNGWp3Oi5kGY45bdCk%2FIJxt%2Fa1Lm%2Blpd1NSL%2BV9WfhxWat7xPXx2Us5c%2F6KI0xwlPRMBKMDS%2BVhiThHmgYrVQGB6RTCNWtOMtAXmIsfw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 618e2172b86fd70d-FRA
expires: Tue, 18 Jan 2022 22:25:40 GMT

GET
H2 200 uikit.css
cdnjs.cloudflare.com/ajax/libs/uikit/3.2.0/css/ 364 KB
34 KB 25ms
23ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/uikit/3.2.0/css/uikit.css

Requested by

Host: birminghameventcenter.be
URL: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd770fd2df4b00a3268bc0eb69651a149575aaf1a4c3581810705b7fe22c1d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://birminghameventcenter.be
Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 22:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1898377
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34425
cf-request-id: 07ecb33bb10000d70d2e0bf000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04015-5b0d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M7RTplcWCpLarrrT%2B2q6p0%2BWo3%2Bl1IOe%2FyrumtRzXjRJUXI6wywkB4IODk%2B%2BeaBPgUi3acROfF%2Bok6xszNvJSsdL5qHXHh9bDUjgAvveI35%2BykzECXOBsPJ2RB%2FfDpCjkw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 618e2172b865d70d-FRA
expires: Tue, 18 Jan 2022 22:25:40 GMT

GET
H2 200 style.css
birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/ 2 KB
2 KB 33ms
31ms Stylesheet
text/css 95.85.28.145
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/style.css

Requested by

Host: birminghameventcenter.be
URL: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.85.28.145 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.11.3 /

Resource Hash

dd56eafb2c125202826fe397624715916b928f85d2a1cc17e5ab5e14ffacc047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 22:25:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:25:40 GMT
server: nginx/1.11.3
etag: "601339e4-7f9"
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 2041
x-xss-protection: 1; mode=block

GET
H2 200 ilogo.svg
birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/img/ 25 KB
25 KB 39ms
39ms Image
image/svg+xml 95.85.28.145
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/img/ilogo.svg

Requested by

Host: birminghameventcenter.be
URL: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.85.28.145 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.11.3 /

Resource Hash

89711b78ea0ccd075683e15b73d78dad4dc9cfa134f231e801b173a241ad9c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 22:25:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:25:40 GMT
server: nginx/1.11.3
etag: "601339e4-6260"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 25184
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK CA_Toute-une-banque-pour-vous_V.svg
www.credit-agricole.fr/content/dam/assetsca/npc/logos/ 26 KB
9 KB 179ms
46ms Image
image/svg+xml 158.191.172.47
Credit Agricole

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.credit-agricole.fr/content/dam/assetsca/npc/logos/CA_Toute-une-banque-pour-vous_V.svg
Requested by: Host: birminghameventcenter.be
URL: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.191.172.47 , France, ASN9159 (Credit Agricole, FR),
Reverse DNS: www.credit-agricole.fr
Software: Apache /
Resource Hash: 51ae4877f6d16c8f9c99b873edf4f6d2f87f672002371a1deaa9905b11d0fb04

Request headers

Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 15:34:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Jan 2021 15:34:30 GMT
Server: Apache
Age: 1234270
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: image/svg+xml
Expires: Sat, 13 Feb 2021 15:34:30 GMT
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 9240
X-Cache-Hits: 9482

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/vV_tpC9MuP4/ 93 KB
93 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/vV_tpC9MuP4/maxresdefault.jpg

Requested by

Host: birminghameventcenter.be
URL: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbc38063a68dacae3f154fed7a19ba7d9d809b5aab87a6dcd052c34aaf50912a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 21:02:23 GMT
x-content-type-options: nosniff
server: sffe
age: 4997
etag: "1562162961"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95120
x-xss-protection: 0
expires: Thu, 28 Jan 2021 23:02:23 GMT

GET
H/1.1 200
OK Avantage_9443012_tcm_124_518558.png
www.ca-atlantique-vendee.fr/Vitrine/Obj/ 154 KB
154 KB 185ms
48ms Image
image/png 158.191.172.78
Credit Agricole

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ca-atlantique-vendee.fr/Vitrine/Obj/Avantage_9443012_tcm_124_518558.png

Requested by

Host: birminghameventcenter.be
URL: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

158.191.172.78 , France, ASN9159 (Credit Agricole, FR),

Reverse DNS

Software

Apache /

Resource Hash

03da25fe333dd18f2d82ea466b3c0365fc0f93bac59033dcc8756ab547e72e62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 28 Jan 2021 22:25:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 06 Nov 2020 15:08:50 GMT
Server: Apache
Age: 0
ETag: "267a5-5b3719713fd6f"
X-Cache: MISS
P3P: CP="ALL DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=100
Content-Length: 157605
X-XSS-Protection: 1; mode=block
X-Cache-Hits: 0

GET
H2 200 jquery.mask.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/ 23 KB
5 KB 13ms
13ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.js

Requested by

Host: birminghameventcenter.be
URL: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c84e4b2e9e47490ff3fa125e0aa933f617633649358da8861b4b430ab6ae9a70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://birminghameventcenter.be
Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 22:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 95948
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4957
cf-request-id: 07ecb33bfa0000d70de594b000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-5a89"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xGKMTmuKYesOnqorfvt%2F8mlzfEXFZfq34Sk8l90y6XTvzyQtye8HcZX8TXrbVTIukCPZkYVsh9woKxzGzwJCBT5vx%2B5QOjCPzVGwABXj1Jff4Ix3xnBZK880G5yJOGQrfA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 618e21732917d70d-FRA
expires: Tue, 18 Jan 2022 22:25:40 GMT

GET
H2 200 index.js Show response
birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/js/ 8 KB
8 KB 36ms
35ms Script
application/javascript 95.85.28.145
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/js/index.js

Requested by

Host: birminghameventcenter.be
URL: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.85.28.145 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.11.3 /

Resource Hash

f85a13e35382167f1bfbfa67b6d5ac72840fe2164a0075c7c2be66513182a941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 22:25:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:25:40 GMT
server: nginx/1.11.3
etag: "601339e4-20c9"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 8393
x-xss-protection: 1; mode=block

GET
H2 200 ip Show response
keys0.openode.io/ 470 B
733 B 387ms
183ms Fetch
application/json 161.35.253.229
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://keys0.openode.io/ip

Requested by

Host: birminghameventcenter.be
URL: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

161.35.253.229 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.19.2 / Express

Resource Hash

c0eae988fe6ee1e52b79cde20c93815a668fc81df8a069b053aabf2419daa370

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 22:25:40 GMT
content-encoding: gzip
etag: W/"1d6-9anJw6Ad0T3N/bloADmLNSf2hk0"
server: nginx/1.19.2
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 css
fonts.googleapis.com/ 3 KB
577 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.4.1/semantic.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a44bbd41a152df40ae99043e510a51da8ad97dadd3f28d1c21be248a4bd98942

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.4.1/semantic.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 21:42:05 GMT
server: ESF
date: Thu, 28 Jan 2021 22:25:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Jan 2021 22:25:40 GMT

GET
H2 200 default Show response
embed.tawk.to/5dc29b31e4c2fa4b6bda4277/ 13 KB
4 KB 32ms
14ms Script
application/x-javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/5dc29b31e4c2fa4b6bda4277/default

Requested by

Host: birminghameventcenter.be
URL: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfa3abefff75720162dfa74501302c1587adcc31d3e1d0463bbc8537f2134025

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://birminghameventcenter.be
Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 22:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13939
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07ecb33cec000005bf3dac1000000001
server: cloudflare
etag: W/"stable-v3-709-fr"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400, s-maxage=3600
cf-ray: 618e2174adb105bf-FRA

GET
H2 200 icons.woff2
cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.4.1/themes/default/assets/fonts/ 39 KB
40 KB 53ms
52ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.4.1/themes/default/assets/fonts/icons.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.4.1/semantic.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3578d7ffa0db786b21d6986546759976a82764baada977547d38ef918b791f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://birminghameventcenter.be
Referer: https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.4.1/semantic.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 22:25:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 97707
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40148
cf-request-id: 07ecb33d120000d70dc99fd000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcd-9cd4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CNE6qFDT%2FMWCuPFfhgm%2BpLJQ1Db9ySUFg%2FHzGKkXeuLNwPugAfjUnJRB%2BveHYKkw2D0bwokt9IsoUNgly2SlmlZhcTnkCmRxVcAM9V1bLSlZzoX3zuibnpNSzQHi2ilXlA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 618e2174eb7bd70d-FRA
expires: Tue, 18 Jan 2022 22:25:40 GMT

GET
H3-Q050 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://birminghameventcenter.be
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 06:05:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:25 GMT
server: sffe
age: 145186
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
expires: Thu, 27 Jan 2022 06:05:54 GMT

GET
H3-Q050 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://birminghameventcenter.be
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 06:30:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
age: 489315
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Sun, 23 Jan 2022 06:30:25 GMT

GET
H2 200 access.jpg
birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/img/ 238 KB
239 KB 46ms
46ms Image
image/jpeg 95.85.28.145
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/img/access.jpg

Requested by

Host: birminghameventcenter.be
URL: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.85.28.145 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.11.3 /

Resource Hash

c4966ab5e78e2270952b89576c4a0a386e8a7ea673c56f0f396d620abf4f81b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 22:25:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:25:40 GMT
server: nginx/1.11.3
etag: "601339e4-3b8cf"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
accept-ranges: bytes
content-length: 243919
x-xss-protection: 1; mode=block

GET
H2 200 app.js Show response
static-v.tawk.to/709/ 503 KB
110 KB 29ms
28ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static-v.tawk.to/709/app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5dc29b31e4c2fa4b6bda4277/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a64587179f88ce099e304e1aba99e844db374d0b49c6db9fcdb79f18fa72c889

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://birminghameventcenter.be
Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 22:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13937
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07ecb33dd0000005bf378cd000000001
last-modified: Fri, 15 Jan 2021 22:41:20 GMT
server: cloudflare
etag: W/"d4160b3dd3f8809cdee87d79588bd521"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 618e2176182205bf-FRA

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 2 KB
1 KB 15ms
13ms XHR
application/json 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=5dc29b31e4c2fa4b6bda4277&widgetId=default

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6cdfe5e4766aee36352f0c1b31717fea55c74392692ceeb5ac4fc2ec218e1d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 22:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13934
strict-transport-security: max-age=0; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07ecb33e09000005bf8c0be000000001
x-served-by: visitor-application-preemptive-vzll
server: cloudflare
etag: W/"1-17-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400, s-maxage=14400
cf-ray: 618e217678c505bf-FRA

POST
H2 200 1611872740879 Show response
va.tawk.to/register/ 652 B
1 KB 210ms
196ms XHR
application/json 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/register/1611872740879

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dd6e856d91f45d9d1ad3ecd57b605bc25db0849e91543099cedb34e88b18a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 28 Jan 2021 22:25:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07ecb33e2000002c22913d6000000001
x-served-by: visitor-application-preemptive-vzll
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://birminghameventcenter.be
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 618e21769c8c2c22-FRA
access-control-allow-headers: origin, content-type

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame B8A4 7 KB
1 KB 42ms
28ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 21:47:00 GMT
server: ESF
date: Thu, 28 Jan 2021 22:25:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Jan 2021 22:25:41 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame A399 7 KB
620 B 35ms
29ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 21:34:02 GMT
server: ESF
date: Thu, 28 Jan 2021 22:25:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Jan 2021 22:25:41 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 17C3 7 KB
620 B 28ms
27ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 21:46:37 GMT
server: ESF
date: Thu, 28 Jan 2021 22:25:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Jan 2021 22:25:41 GMT

GET
H2 200 emojione.min.css
cdn.jsdelivr.net/emojione/2.2.7/assets/css/ Frame 17C3 192 B
282 B 9ms
9ms Stylesheet
text/css 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/assets/css/emojione.min.css

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 7956733
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 152
etag: W/"c0-akPwBVON2fKdb1Kdc8vjvcdyWY0"
x-served-by: cache-fra19174-FRA, cache-hhn4074-HHN
date: Thu, 28 Jan 2021 22:25:41 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ Frame 17C3 295 KB
53 KB 9ms
9ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 6076789
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 53889
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
x-served-by: cache-fra19125-FRA, cache-hhn4074-HHN
date: Thu, 28 Jan 2021 22:25:41 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 / Show response
vsb38.tawk.to/s/ 101 B
306 B 134ms
122ms XHR
application/octet-stream 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vsb38.tawk.to/s/?k=601339e493e25d6f7c4eaa47&u=wdQSmWkwymlKJuo%2Fe3ANA3pfPpngtEMGpooqqAx0YpoSJ8K5sXCeak7evAmXJdES&uv=2&a=5dc29b31e4c2fa4b6bda4277&cver=0&pop=false&jv=709&asver=44&ust=false&EIO=3&transport=polling&__t=NTB6YSN

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3834a80fc91aa1a17cc21fc6839387c272d4fbcd85715dc1382d755f1b3203e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 22:25:41 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://birminghameventcenter.be
access-control-allow-credentials: true
cf-ray: 618e217838432c22-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 101
cf-request-id: 07ecb33f2500002c2296a7c000000001

GET
H2 200 26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame 17C3 413 B
547 B 6ms
6ms Image
image/png 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/emojione/assets/png/26a1.png?v=2.2.7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 6076786
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 413
etag: W/"19d-NgetWBBUGNU0Su9xItAjaREfnb0"
x-served-by: cache-fra19175-FRA, cache-hhn4074-HHN
date: Thu, 28 Jan 2021 22:25:41 GMT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 / Show response
vsb38.tawk.to/s/ 77 B
162 B 117ms
117ms XHR
application/octet-stream 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2893407089b8a1fa97f1b5a0483e53922754176028bc1f1ba346cac2854c43c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 22:25:41 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://birminghameventcenter.be
access-control-allow-credentials: true
cf-ray: 618e217909e72c22-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77
cf-request-id: 07ecb33fa300002c22fba59000000001

POST
H2 200 v3 Show response
va.tawk.to/log-performance/ 5 B
114 B 212ms
211ms XHR
text/html 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 28 Jan 2021 22:25:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07ecb3401b00002c22a1154000000001
x-served-by: visitor-application-preemptive-vzll
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST
content-type: text/html; charset=utf-8
access-control-allow-origin: https://birminghameventcenter.be
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 618e2179cb5f2c22-FRA
access-control-allow-headers: origin, content-type

GET
H2 200 / Show response
vsb38.tawk.to/s/ 4 B
87 B 561ms
561ms XHR
application/octet-stream 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 22:25:41 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://birminghameventcenter.be
access-control-allow-credentials: true
cf-ray: 618e2179cb622c22-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4
cf-request-id: 07ecb3401b00002c22e71cb000000001

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Credit Agricole (Banking)

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/js/index.js(Line 58) Message: Security disabled
console-api	log	URL: https://birminghameventcenter.be/-/home/sca/CA/eee54aa31cd02042936bd1dbedb9bb1e/(Line 25) Message: [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3.bp.blogspot.com
accounts.google.com
birminghameventcenter.be
bit.ly
cdn.jsdelivr.net
cdnjs.cloudflare.com
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
francehomedep.blogspot.be
francehomedep.blogspot.com
i.gifer.com
i.ytimg.com
keys0.openode.io
resources.blogblog.com
static-v.tawk.to
va.tawk.to
vsb38.tawk.to
www.blogblog.com
www.blogger.com
www.ca-atlantique-vendee.fr
www.coover.fr
www.credit-agricole.fr
www.gstatic.com
158.191.172.47
158.191.172.78
161.35.253.229
2606:4700:10::6816:1883
2606:4700:10::6816:1983
2606:4700:3037::6815:4ed1
2606:4700::6810:135e
2a00:1450:4001:803::2001
2a00:1450:4001:813::2016
2a00:1450:4001:816::2003
2a00:1450:4001:81a::2009
2a00:1450:4001:821::2001
2a00:1450:4001:825::2003
2a00:1450:4001:827::200d
2a00:1450:4001:829::2009
2a00:1450:4001:829::200a
2a04:4e42:1b::621
51.68.36.8
67.199.248.11
95.85.28.145
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
03b5861a76d3d1fd0e6075905645aa5fa1907591d90e2f08b1b0ffbbe1506957
03da25fe333dd18f2d82ea466b3c0365fc0f93bac59033dcc8756ab547e72e62
0544fbbc8377ba3db764ac56122a20fd0c273a43ccd71a162210b7eac21a552c
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
1e2c209346d02318a063c7ea2513498881c35f1525114c9b969b573384f54baf
2893407089b8a1fa97f1b5a0483e53922754176028bc1f1ba346cac2854c43c8
29296ccacaa9ed35ed168fc51e36f54fd6f8db9c7786bbf38cc59a27229ba5c2
3834a80fc91aa1a17cc21fc6839387c272d4fbcd85715dc1382d755f1b3203e6
41504dd284fbe148690ad128e0aa3e937b0da3eca4245041b4676ec35dd5f6fc
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
51ae4877f6d16c8f9c99b873edf4f6d2f87f672002371a1deaa9905b11d0fb04
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e377ae95a219f11b2597a3ab7b8f2e897696b831aa5b8561a0cd135cb279f36
5e67516d3adeff746e961624fdc38150ca5895a029d91a68fece79eaed0e20a9
6d09ab65ee323e742b2d363ed6063295f34c06e19f9d3fc72ac0865fef57baaa
6dd6e856d91f45d9d1ad3ecd57b605bc25db0849e91543099cedb34e88b18a38
71129a5a18b4da7e06bb8239a26eac8b21ce3d40f374d5729852717baa56e0da
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
89711b78ea0ccd075683e15b73d78dad4dc9cfa134f231e801b173a241ad9c46
8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
953ed1a3aaeb94b9a37b807bb1525a9d3ec4e39ab909cdd31680aa65758ac168
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
a00d3cabd4a8dbdbd2e992e238d11ec889fb3cc7751d9bc271f063a17ec8bf7d
a09131f2885086eb3dea6a379c43e58c88e683b99fb7cf9cefde399dfd68d0ff
a44bbd41a152df40ae99043e510a51da8ad97dadd3f28d1c21be248a4bd98942
a64587179f88ce099e304e1aba99e844db374d0b49c6db9fcdb79f18fa72c889
a6cdfe5e4766aee36352f0c1b31717fea55c74392692ceeb5ac4fc2ec218e1d8
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
aace69d01152a92bebb2d0713ef7b1fb3772af373219d1cd78d9808ab3b6cdcd
b1c5089ecbec08f1b4d11aaef84084ddb3f3b29f5aa401dc140cab28edd59a74
b1faa5a47a9248cb623d9d0cddf1ddeb017dc449e65890d21ba6af44b39aec6c
c0eae988fe6ee1e52b79cde20c93815a668fc81df8a069b053aabf2419daa370
c2b9b39addf8080409dc28611be64764d8705530eb94b1a12c04bbb656e07d93
c4966ab5e78e2270952b89576c4a0a386e8a7ea673c56f0f396d620abf4f81b8
c84e4b2e9e47490ff3fa125e0aa933f617633649358da8861b4b430ab6ae9a70
cd770fd2df4b00a3268bc0eb69651a149575aaf1a4c3581810705b7fe22c1d2a
cffbe8c599edfadc133a29f49e05bf431a0ec497ea8888accf0fe6b612a3a375
dd56eafb2c125202826fe397624715916b928f85d2a1cc17e5ab5e14ffacc047
dedb5d04e2c87b78daff04491209d864d8c87e073a8a651be6d3c2a0024b4e02
dfa3abefff75720162dfa74501302c1587adcc31d3e1d0463bbc8537f2134025
e3578d7ffa0db786b21d6986546759976a82764baada977547d38ef918b791f4
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f85a13e35382167f1bfbfa67b6d5ac72840fe2164a0075c7c2be66513182a941
fbc38063a68dacae3f154fed7a19ba7d9d809b5aab87a6dcd052c34aaf50912a
fd969eab7bf38ffda200dcbf707646810df3039138abe643793c20404ecf5900

birminghameventcenter.be Open in urlscan Pro 95.85.28.145 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

100 %HTTPS

70 %IPv6

18 Domains

24 Subdomains

18 IPs

5 Countries

2483 kBTransfer

7434 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

birminghameventcenter.be Open in urlscan Pro
95.85.28.145 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

100 %
HTTPS

70 %
IPv6

18
Domains

24
Subdomains

18
IPs

5
Countries

2483 kB
Transfer

7434 kB
Size

0
Cookies

57 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!