urlscan.io logo urlscan.io
SecurityTrails logo

tickets.forum.nl Open in urlscan Pro
5.22.253.104  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tickets.forum.nl/
Effective URL: https://tickets.forum.nl/login/auth
Submission: On August 30 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 10 domains to perform 44 HTTP transactions. The main IP is 5.22.253.104, located in Netherlands and belongs to CJ2-AS, NL. The main domain is tickets.forum.nl.
TLS certificate: Issued by R10 on August 28th 2024. Valid for: 3 months.
This is the only time tickets.forum.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    5.22.253.104 (Netherlands)

ASN39704 (CJ2-AS, NL)
PTR: cj2-cust-gentleware.cust.cj2.nl
tickets.forum.nl
3    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
2    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    2a02:ac40:0:1:0:fe08:c206:b005 (Netherlands)

ASN25459 (NEDZONE-AS, NL)
navigatie.forum.nl
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    172.67.137.189 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookiecode.nl
api.cookiecode.nl
5    2600:9000:2190:2800:d:c8b9:46c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
deploy.mopinion.com
1    172.217.16.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f8.1e100.net
www.googletagmanager.com
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
16 forum.nl
tickets.forum.nl
navigatie.forum.nl
360 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
region1.google-analytics.com — Cisco Umbrella Rank: 3123
21 KB
5 mopinion.com
deploy.mopinion.com — Cisco Umbrella Rank: 41464
14 KB
4 cookiecode.nl
cdn.cookiecode.nl — Cisco Umbrella Rank: 350605
api.cookiecode.nl — Cisco Umbrella Rank: 340691
101 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
279 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
3 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 gstatic.com
fonts.gstatic.com
59 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
70 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1832
83 KB
44 10
Domain Requested by
10 tickets.forum.nl 1 redirects tickets.forum.nl
6 navigatie.forum.nl tickets.forum.nl
5 deploy.mopinion.com tickets.forum.nl
deploy.mopinion.com
3 region1.google-analytics.com www.googletagmanager.com
3 www.google-analytics.com tickets.forum.nl
www.google-analytics.com
3 www.googletagmanager.com tickets.forum.nl
www.googletagmanager.com
www.google-analytics.com
3 fonts.googleapis.com tickets.forum.nl
2 api.cookiecode.nl cdn.cookiecode.nl
2 cdn.cookiecode.nl www.googletagmanager.com
cdn.cookiecode.nl
2 www.facebook.com tickets.forum.nl
2 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net tickets.forum.nl
connect.facebook.net
2 maxcdn.bootstrapcdn.com tickets.forum.nl
maxcdn.bootstrapcdn.com
44 13
Subject Issuer Validity Valid
tickets.forum.nl
R10		 2024-08-28 -
2024-11-26		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
bootstrapcdn.com
WE1		 2024-07-23 -
2024-10-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-09 -
2024-09-07		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
navigatie.forum.nl
R11		 2024-08-05 -
2024-11-03		 3 months crt.sh
cookiecode.nl
WE1		 2024-07-04 -
2024-10-02		 3 months crt.sh
*.mopinion.com
Amazon ECDSA 256 M02		 2024-08-05 -
2025-09-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://tickets.forum.nl/login/auth
Frame ID: 0CB451927F365B9B7B86972759C41611
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Inloggen | Kaartverkoop Forum

Page URL History Show full URLs

  1. https://tickets.forum.nl/ HTTP 302
    https://tickets.forum.nl/login/auth Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

44
Requests

100 %
HTTPS

62 %
IPv6

10
Domains

13
Subdomains

13
IPs

4
Countries

994 kB
Transfer

2782 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tickets.forum.nl/ HTTP 302
    https://tickets.forum.nl/login/auth Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request auth
tickets.forum.nl/login/
Redirect Chain
  • https://tickets.forum.nl/
  • https://tickets.forum.nl/login/auth
13 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tickets.forum.nl/login/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.22.253.104 , Netherlands, ASN39704 (CJ2-AS, NL),
Reverse DNS
cj2-cust-gentleware.cust.cj2.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7679699f4cd592230346aab38272bd3dc482128a245eac74ae4591504f53a452

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Language
nl-NL
Content-Type
text/html;charset=UTF-8
Date
Fri, 30 Aug 2024 23:31:10 GMT
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Fri, 30 Aug 2024 23:31:10 GMT
Location
https://tickets.forum.nl/login/auth
Server
nginx/1.14.0 (Ubuntu)
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
application-public-60bb09a95e1a535c88bb590defae08f2.css
tickets.forum.nl/assets/ 		201 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tickets.forum.nl/assets/application-public-60bb09a95e1a535c88bb590defae08f2.css
Requested by
Host: tickets.forum.nl
URL: https://tickets.forum.nl/login/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.22.253.104 , Netherlands, ASN39704 (CJ2-AS, NL),
Reverse DNS
cj2-cust-gentleware.cust.cj2.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a901eaf311cb3047e3daa253bd30797040845ae4fa60aaccffe14a77c9cb4f03

Request headers

Referer
https://tickets.forum.nl/login/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 30 Aug 2024 23:31:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Aug 2024 06:07:29 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"application-public-60bb09a95e1a535c88bb590defae08f2.css"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=31536000
Connection
keep-alive
Content-Length
30027
css
fonts.googleapis.com/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: tickets.forum.nl
URL: https://tickets.forum.nl/login/auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5cccc465f4c8cdcec789a0b28846823f18646206351bc9ff794f1aec7f58f5b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Aug 2024 23:31:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 30 Aug 2024 22:17:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Aug 2024 23:31:10 GMT
css
fonts.googleapis.com/ 		1 KB
925 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Inconsolata&display=swap
Requested by
Host: tickets.forum.nl
URL: https://tickets.forum.nl/login/auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a86f72c1cff933d18b8b5f4c0af9a25e630ed17db548ee89c67601fd4c33f1dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Aug 2024 23:31:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 30 Aug 2024 23:31:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Aug 2024 23:31:10 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: tickets.forum.nl
URL: https://tickets.forum.nl/login/auth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 23:31:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1078
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
10193407
cdn-cachedat
03/18/2024 12:28:12
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
7a1c9dbc32c16186eedda7c8c11c4540
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8bb892a92e86381b-FRA
cdn-requestpullsuccess
True
gf.css
tickets.forum.nl/stlt-resources/gf/css/ 		134 KB
134 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tickets.forum.nl/stlt-resources/gf/css/gf.css?v=23
Requested by
Host: tickets.forum.nl
URL: https://tickets.forum.nl/login/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.22.253.104 , Netherlands, ASN39704 (CJ2-AS, NL),
Reverse DNS
cj2-cust-gentleware.cust.cj2.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5fdbd7809fd5dba373aabf25798e75ace378935bf1d8dc19c5964ed348eb3d96

Request headers

Referer
https://tickets.forum.nl/login/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 30 Aug 2024 23:31:10 GMT
Last-Modified
Mon, 12 Aug 2024 12:53:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"66ba05af-2178a"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
137098
application-public-7443da5e2ba064a72b6436ae702bda85.js
tickets.forum.nl/assets/ 		236 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tickets.forum.nl/assets/application-public-7443da5e2ba064a72b6436ae702bda85.js
Requested by
Host: tickets.forum.nl
URL: https://tickets.forum.nl/login/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.22.253.104 , Netherlands, ASN39704 (CJ2-AS, NL),
Reverse DNS
cj2-cust-gentleware.cust.cj2.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5e96e108dbe185034a999a3161d464439c1c7105eb7c5bc2d25458bb42ee4d2e

Request headers

Referer
https://tickets.forum.nl/login/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 30 Aug 2024 23:31:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Aug 2024 06:07:29 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"application-public-7443da5e2ba064a72b6436ae702bda85.js"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=31536000
Connection
keep-alive
Content-Length
74540
gf.js
tickets.forum.nl/stlt-resources/gf/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tickets.forum.nl/stlt-resources/gf/js/gf.js?v=23
Requested by
Host: tickets.forum.nl
URL: https://tickets.forum.nl/login/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.22.253.104 , Netherlands, ASN39704 (CJ2-AS, NL),
Reverse DNS
cj2-cust-gentleware.cust.cj2.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
98577631b44e34e1325ccbe87cfcda803f9ce9b546b33b580757d2bd2f488a02

Request headers

Referer
https://tickets.forum.nl/login/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 30 Aug 2024 23:31:10 GMT
Last-Modified
Thu, 14 Oct 2021 13:09:29 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"61682c09-fa9"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4009
gtm4.js
tickets.forum.nl/stlt-resources/gf/javascript/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tickets.forum.nl/stlt-resources/gf/javascript/gtm4.js
Requested by
Host: tickets.forum.nl
URL: https://tickets.forum.nl/login/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.22.253.104 , Netherlands, ASN39704 (CJ2-AS, NL),
Reverse DNS
cj2-cust-gentleware.cust.cj2.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a8da1fa7f80a5d8ed1756c6031fedd1322f5c3f90f3b2343ca646e86e85e2a42

Request headers

Referer
https://tickets.forum.nl/login/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 30 Aug 2024 23:31:10 GMT
Last-Modified
Wed, 31 Jan 2024 06:58:21 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"65b9ef8d-be3"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3043
getImage
tickets.forum.nl/mtUI/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tickets.forum.nl/mtUI/getImage?image=side&stlt=gf
Requested by
Host: tickets.forum.nl
URL: https://tickets.forum.nl/login/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.22.253.104 , Netherlands, ASN39704 (CJ2-AS, NL),
Reverse DNS
cj2-cust-gentleware.cust.cj2.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
33dd534f65afcbd2ffb2434c1123a53e91d08ffa0159efa44722d036f583e70b

Request headers

Referer
https://tickets.forum.nl/login/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 30 Aug 2024 23:31:10 GMT
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
image/jpg
css
fonts.googleapis.com/ 		19 KB
872 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Libre+Franklin:200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap
Requested by
Host: tickets.forum.nl
URL: https://tickets.forum.nl/stlt-resources/gf/css/gf.css?v=23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b64ea6cf207e7770f86d61f4d9e6b77b17802e884d57d108a883ffc38ea1c2c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Aug 2024 23:31:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 30 Aug 2024 23:31:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Aug 2024 23:31:11 GMT
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tickets.forum.nl
URL: https://tickets.forum.nl/login/auth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 30 Aug 2024 23:31:11 GMT
document-policy
force-load-at-top
x-fb-server-load
40
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58936
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=23, mss=1232, tbw=4290, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
1JqaI8WE+/gtpGNyU34Zzigdc3Csr25oD8gROUGBZxDNJUdVToVJi2xw+xFugSMyen6O4mIJwL9yqok/ZHmWPA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
x-fb-optimizer
0
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		253 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N3DDHHR
Requested by
Host: tickets.forum.nl
URL: https://tickets.forum.nl/login/auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c51722c819d5a22889f25bec48b11bf446902c2e696da9353dde22675048e6e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 23:31:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85154
x-xss-protection
0
last-modified
Fri, 30 Aug 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 30 Aug 2024 23:31:11 GMT
jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v14/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin:200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edbf37f6db3f632faaeeeee4aa127c204d0bcc52e940682bc5d4b0fa48ded96b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tickets.forum.nl
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 12:01:34 GMT
x-content-type-options
nosniff
age
300577
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28224
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:23:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Aug 2025 12:01:34 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://tickets.forum.nl
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 23:31:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
752
age
14716644
cdn-cachedat
10/31/2023 19:08:24
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
f521bd46a85ed72012f143d245d0b336
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8bb892aa9cd29b6e-FRA
cdn-requestpullsuccess
True
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tickets.forum.nl
URL: https://tickets.forum.nl/login/auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 30 Aug 2024 23:20:02 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
669
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 31 Aug 2024 01:20:02 GMT
header
navigatie.forum.nl/nl/mvc/navigation/ 		41 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://navigatie.forum.nl/nl/mvc/navigation/header?_=1725060671068
Requested by
Host: tickets.forum.nl
URL: https://tickets.forum.nl/assets/application-public-7443da5e2ba064a72b6436ae702bda85.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:ac40:0:1:0:fe08:c206:b005 , Netherlands, ASN25459 (NEDZONE-AS, NL),
Reverse DNS
Software
/
Resource Hash
57ec6eaadb2e4353c96d43344188f7daec3b298a51af71939b882f23abcb1b01
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' localhost:* *.google.com *.gstatic.com www.google-analytics.com *.jquery.com *.addtoany.com use.fontawesome.com *.cloudflare.com *.youtube.com *.ytimg.com *.googleapis.com *.googletagmanager.com connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net forum.nl *.forum.nl; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com *.cloudflare.com *.addtoany.com cloud.typography.com www.groningerforum.nl forum.nl *.forum.nl; font-src 'self' *.gstatic.com data:; img-src 'self' data: www.google-analytics.com *.gstatic.com *.googleapis.com *.google.com www.facebook.com www.googletagmanager.com *.doubleclick.net *.google.nl *.googleusercontent.com forum.nl *.forum.nl; frame-src 'self' *.google.com *.addtoany.com *.youtube.com *.vimeo.com youtu.be *.activetickets.com activetickets.groningerforum.nl www.facebook.com *.ticketworks.nl *.afasonline.com groningerforum.podiumnederland.nl forum.podiumnederland.nl open.spotify.com; media-src 'self' *.youtube.com *.vimeo.com *.vimeocdn.com *.akamaized.net; connect-src 'self' localhost:* wss://localhost:* *.projectguide.nl www.google-analytics.com stats.g.doubleclick.net; frame-ancestors ;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
text/html, */*; q=0.01
Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' localhost:* *.google.com *.gstatic.com www.google-analytics.com *.jquery.com *.addtoany.com use.fontawesome.com *.cloudflare.com *.youtube.com *.ytimg.com *.googleapis.com *.googletagmanager.com connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net forum.nl *.forum.nl; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com *.cloudflare.com *.addtoany.com cloud.typography.com www.groningerforum.nl forum.nl *.forum.nl; font-src 'self' *.gstatic.com data:; img-src 'self' data: www.google-analytics.com *.gstatic.com *.googleapis.com *.google.com www.facebook.com www.googletagmanager.com *.doubleclick.net *.google.nl *.googleusercontent.com forum.nl *.forum.nl; frame-src 'self' *.google.com *.addtoany.com *.youtube.com *.vimeo.com youtu.be *.activetickets.com activetickets.groningerforum.nl www.facebook.com *.ticketworks.nl *.afasonline.com groningerforum.podiumnederland.nl forum.podiumnederland.nl open.spotify.com; media-src 'self' *.youtube.com *.vimeo.com *.vimeocdn.com *.akamaized.net; connect-src 'self' localhost:* wss://localhost:* *.projectguide.nl www.google-analytics.com stats.g.doubleclick.net; frame-ancestors ;
x-content-type-options
nosniff
date
Fri, 30 Aug 2024 23:31:11 GMT
x-download-options
noopen
vary
Origin,Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://tickets.forum.nl
access-control-allow-credentials
true
content-length
42029
x-xss-protection
1; mode=block
footer
navigatie.forum.nl/nl/mvc/navigation/ 		6 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://navigatie.forum.nl/nl/mvc/navigation/footer?_=1725060671069
Requested by
Host: tickets.forum.nl
URL: https://tickets.forum.nl/assets/application-public-7443da5e2ba064a72b6436ae702bda85.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:ac40:0:1:0:fe08:c206:b005 , Netherlands, ASN25459 (NEDZONE-AS, NL),
Reverse DNS
Software
/
Resource Hash
95bf8c32672c32ea7249642b826dfc642a997fb5a442719b4c1de3d0e9920719
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' localhost:* *.google.com *.gstatic.com www.google-analytics.com *.jquery.com *.addtoany.com use.fontawesome.com *.cloudflare.com *.youtube.com *.ytimg.com *.googleapis.com *.googletagmanager.com connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net forum.nl *.forum.nl; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com *.cloudflare.com *.addtoany.com cloud.typography.com www.groningerforum.nl forum.nl *.forum.nl; font-src 'self' *.gstatic.com data:; img-src 'self' data: www.google-analytics.com *.gstatic.com *.googleapis.com *.google.com www.facebook.com www.googletagmanager.com *.doubleclick.net *.google.nl *.googleusercontent.com forum.nl *.forum.nl; frame-src 'self' *.google.com *.addtoany.com *.youtube.com *.vimeo.com youtu.be *.activetickets.com activetickets.groningerforum.nl www.facebook.com *.ticketworks.nl *.afasonline.com groningerforum.podiumnederland.nl forum.podiumnederland.nl open.spotify.com; media-src 'self' *.youtube.com *.vimeo.com *.vimeocdn.com *.akamaized.net; connect-src 'self' localhost:* wss://localhost:* *.projectguide.nl www.google-analytics.com stats.g.doubleclick.net; frame-ancestors ;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
text/html, */*; q=0.01
Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' localhost:* *.google.com *.gstatic.com www.google-analytics.com *.jquery.com *.addtoany.com use.fontawesome.com *.cloudflare.com *.youtube.com *.ytimg.com *.googleapis.com *.googletagmanager.com connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net forum.nl *.forum.nl; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com *.cloudflare.com *.addtoany.com cloud.typography.com www.groningerforum.nl forum.nl *.forum.nl; font-src 'self' *.gstatic.com data:; img-src 'self' data: www.google-analytics.com *.gstatic.com *.googleapis.com *.google.com www.facebook.com www.googletagmanager.com *.doubleclick.net *.google.nl *.googleusercontent.com forum.nl *.forum.nl; frame-src 'self' *.google.com *.addtoany.com *.youtube.com *.vimeo.com youtu.be *.activetickets.com activetickets.groningerforum.nl www.facebook.com *.ticketworks.nl *.afasonline.com groningerforum.podiumnederland.nl forum.podiumnederland.nl open.spotify.com; media-src 'self' *.youtube.com *.vimeo.com *.vimeocdn.com *.akamaized.net; connect-src 'self' localhost:* wss://localhost:* *.projectguide.nl www.google-analytics.com stats.g.doubleclick.net; frame-ancestors ;
x-content-type-options
nosniff
date
Fri, 30 Aug 2024 23:31:11 GMT
x-download-options
noopen
vary
Origin,Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://tickets.forum.nl
access-control-allow-credentials
true
content-length
6427
x-xss-protection
1; mode=block
291333029881539
connect.facebook.net/signals/config/ 		64 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/291333029881539?v=2.9.166&r=stable&domain=tickets.forum.nl&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
9bb4e6a9cf233cc6be038894eb8b98af62a04acc775fd6c0d1f6d90f3f649667
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 30 Aug 2024 23:31:11 GMT
document-policy
force-load-at-top
x-fb-server-load
44
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=55, rtx=0, c=74, mss=1232, tbw=66930, tp=62, tpl=0, uplat=78, ullat=0
pragma
public
x-fb-debug
bGfXcGaSbf6VwHEgKXjNcSPhvaHLd/gMWrdkhTcjBbt4V4FGF1yLyN4AALO/zRjXzXXj+LTh4FkqoK8KSzoh7w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
icon-facebook.svg
navigatie.forum.nl/images/ 		608 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://navigatie.forum.nl/images/icon-facebook.svg
Requested by
Host: tickets.forum.nl
URL: https://tickets.forum.nl/stlt-resources/gf/css/gf.css?v=23
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:ac40:0:1:0:fe08:c206:b005 , Netherlands, ASN25459 (NEDZONE-AS, NL),
Reverse DNS
Software
/
Resource Hash
379d745d78e0653544e7ea04af546c0afd450a7c642d6c0537423d776a56775b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' localhost:* *.google.com *.gstatic.com www.google-analytics.com *.jquery.com *.addtoany.com use.fontawesome.com *.cloudflare.com *.youtube.com *.ytimg.com *.googleapis.com *.googletagmanager.com connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net forum.nl *.forum.nl; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com *.cloudflare.com *.addtoany.com cloud.typography.com www.groningerforum.nl forum.nl *.forum.nl; font-src 'self' *.gstatic.com data:; img-src 'self' data: www.google-analytics.com *.gstatic.com *.googleapis.com *.google.com www.facebook.com www.googletagmanager.com *.doubleclick.net *.google.nl *.googleusercontent.com forum.nl *.forum.nl; frame-src 'self' *.google.com *.addtoany.com *.youtube.com *.vimeo.com youtu.be *.activetickets.com activetickets.groningerforum.nl www.facebook.com *.ticketworks.nl *.afasonline.com groningerforum.podiumnederland.nl forum.podiumnederland.nl open.spotify.com; media-src 'self' *.youtube.com *.vimeo.com *.vimeocdn.com *.akamaized.net; connect-src 'self' localhost:* wss://localhost:* *.projectguide.nl www.google-analytics.com stats.g.doubleclick.net; frame-ancestors ;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' localhost:* *.google.com *.gstatic.com www.google-analytics.com *.jquery.com *.addtoany.com use.fontawesome.com *.cloudflare.com *.youtube.com *.ytimg.com *.googleapis.com *.googletagmanager.com connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net forum.nl *.forum.nl; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com *.cloudflare.com *.addtoany.com cloud.typography.com www.groningerforum.nl forum.nl *.forum.nl; font-src 'self' *.gstatic.com data:; img-src 'self' data: www.google-analytics.com *.gstatic.com *.googleapis.com *.google.com www.facebook.com www.googletagmanager.com *.doubleclick.net *.google.nl *.googleusercontent.com forum.nl *.forum.nl; frame-src 'self' *.google.com *.addtoany.com *.youtube.com *.vimeo.com youtu.be *.activetickets.com activetickets.groningerforum.nl www.facebook.com *.ticketworks.nl *.afasonline.com groningerforum.podiumnederland.nl forum.podiumnederland.nl open.spotify.com; media-src 'self' *.youtube.com *.vimeo.com *.vimeocdn.com *.akamaized.net; connect-src 'self' localhost:* wss://localhost:* *.projectguide.nl www.google-analytics.com stats.g.doubleclick.net; frame-ancestors ;
x-content-type-options
nosniff
date
Fri, 30 Aug 2024 23:31:11 GMT
last-modified
Mon, 13 Jun 2022 12:56:18 GMT
etag
"1d87f24f8f84760"
x-download-options
noopen
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
608
x-xss-protection
1; mode=block
icon-twitter.svg
navigatie.forum.nl/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://navigatie.forum.nl/images/icon-twitter.svg
Requested by
Host: tickets.forum.nl
URL: https://tickets.forum.nl/stlt-resources/gf/css/gf.css?v=23
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:ac40:0:1:0:fe08:c206:b005 , Netherlands, ASN25459 (NEDZONE-AS, NL),
Reverse DNS
Software
/
Resource Hash
aa639da456e26e1fb2635e101c5d9af74340c10a0fa64f66efa7ecd74c732f8f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' localhost:* *.google.com *.gstatic.com www.google-analytics.com *.jquery.com *.addtoany.com use.fontawesome.com *.cloudflare.com *.youtube.com *.ytimg.com *.googleapis.com *.googletagmanager.com connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net forum.nl *.forum.nl; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com *.cloudflare.com *.addtoany.com cloud.typography.com www.groningerforum.nl forum.nl *.forum.nl; font-src 'self' *.gstatic.com data:; img-src 'self' data: www.google-analytics.com *.gstatic.com *.googleapis.com *.google.com www.facebook.com www.googletagmanager.com *.doubleclick.net *.google.nl *.googleusercontent.com forum.nl *.forum.nl; frame-src 'self' *.google.com *.addtoany.com *.youtube.com *.vimeo.com youtu.be *.activetickets.com activetickets.groningerforum.nl www.facebook.com *.ticketworks.nl *.afasonline.com groningerforum.podiumnederland.nl forum.podiumnederland.nl open.spotify.com; media-src 'self' *.youtube.com *.vimeo.com *.vimeocdn.com *.akamaized.net; connect-src 'self' localhost:* wss://localhost:* *.projectguide.nl www.google-analytics.com stats.g.doubleclick.net; frame-ancestors ;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' localhost:* *.google.com *.gstatic.com www.google-analytics.com *.jquery.com *.addtoany.com use.fontawesome.com *.cloudflare.com *.youtube.com *.ytimg.com *.googleapis.com *.googletagmanager.com connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net forum.nl *.forum.nl; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com *.cloudflare.com *.addtoany.com cloud.typography.com www.groningerforum.nl forum.nl *.forum.nl; font-src 'self' *.gstatic.com data:; img-src 'self' data: www.google-analytics.com *.gstatic.com *.googleapis.com *.google.com www.facebook.com www.googletagmanager.com *.doubleclick.net *.google.nl *.googleusercontent.com forum.nl *.forum.nl; frame-src 'self' *.google.com *.addtoany.com *.youtube.com *.vimeo.com youtu.be *.activetickets.com activetickets.groningerforum.nl www.facebook.com *.ticketworks.nl *.afasonline.com groningerforum.podiumnederland.nl forum.podiumnederland.nl open.spotify.com; media-src 'self' *.youtube.com *.vimeo.com *.vimeocdn.com *.akamaized.net; connect-src 'self' localhost:* wss://localhost:* *.projectguide.nl www.google-analytics.com stats.g.doubleclick.net; frame-ancestors ;
x-content-type-options
nosniff
date
Fri, 30 Aug 2024 23:31:11 GMT
last-modified
Mon, 13 Jun 2022 12:56:40 GMT
etag
"1d87f2506153017"
x-download-options
noopen
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1047
x-xss-protection
1; mode=block
icon-instagram.svg
navigatie.forum.nl/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://navigatie.forum.nl/images/icon-instagram.svg
Requested by
Host: tickets.forum.nl
URL: https://tickets.forum.nl/stlt-resources/gf/css/gf.css?v=23
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:ac40:0:1:0:fe08:c206:b005 , Netherlands, ASN25459 (NEDZONE-AS, NL),
Reverse DNS
Software
/
Resource Hash
b3a3f87489ea0cfa08ca17c64ab2afb4534d178846fd1764c060d0c9738b9cdb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' localhost:* *.google.com *.gstatic.com www.google-analytics.com *.jquery.com *.addtoany.com use.fontawesome.com *.cloudflare.com *.youtube.com *.ytimg.com *.googleapis.com *.googletagmanager.com connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net forum.nl *.forum.nl; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com *.cloudflare.com *.addtoany.com cloud.typography.com www.groningerforum.nl forum.nl *.forum.nl; font-src 'self' *.gstatic.com data:; img-src 'self' data: www.google-analytics.com *.gstatic.com *.googleapis.com *.google.com www.facebook.com www.googletagmanager.com *.doubleclick.net *.google.nl *.googleusercontent.com forum.nl *.forum.nl; frame-src 'self' *.google.com *.addtoany.com *.youtube.com *.vimeo.com youtu.be *.activetickets.com activetickets.groningerforum.nl www.facebook.com *.ticketworks.nl *.afasonline.com groningerforum.podiumnederland.nl forum.podiumnederland.nl open.spotify.com; media-src 'self' *.youtube.com *.vimeo.com *.vimeocdn.com *.akamaized.net; connect-src 'self' localhost:* wss://localhost:* *.projectguide.nl www.google-analytics.com stats.g.doubleclick.net; frame-ancestors ;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' localhost:* *.google.com *.gstatic.com www.google-analytics.com *.jquery.com *.addtoany.com use.fontawesome.com *.cloudflare.com *.youtube.com *.ytimg.com *.googleapis.com *.googletagmanager.com connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net forum.nl *.forum.nl; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com *.cloudflare.com *.addtoany.com cloud.typography.com www.groningerforum.nl forum.nl *.forum.nl; font-src 'self' *.gstatic.com data:; img-src 'self' data: www.google-analytics.com *.gstatic.com *.googleapis.com *.google.com www.facebook.com www.googletagmanager.com *.doubleclick.net *.google.nl *.googleusercontent.com forum.nl *.forum.nl; frame-src 'self' *.google.com *.addtoany.com *.youtube.com *.vimeo.com youtu.be *.activetickets.com activetickets.groningerforum.nl www.facebook.com *.ticketworks.nl *.afasonline.com groningerforum.podiumnederland.nl forum.podiumnederland.nl open.spotify.com; media-src 'self' *.youtube.com *.vimeo.com *.vimeocdn.com *.akamaized.net; connect-src 'self' localhost:* wss://localhost:* *.projectguide.nl www.google-analytics.com stats.g.doubleclick.net; frame-ancestors ;
x-content-type-options
nosniff
date
Fri, 30 Aug 2024 23:31:11 GMT
last-modified
Mon, 13 Jun 2022 12:56:24 GMT
etag
"1d87f24fc8bc9ae"
x-download-options
noopen
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1454
x-xss-protection
1; mode=block
/
www.facebook.com/tr/ 		0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=291333029881539&ev=PageView&dl=https%3A%2F%2Ftickets.forum.nl%2Flogin%2Fauth&rl=&if=false&ts=1725060671384&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=12318&fbp=fb.1.1725060671383.10690547364493269&ler=empty&cdl=API_unavailable&it=1725060671243&coo=false&rqm=GET
Requested by
Host: tickets.forum.nl
URL: https://tickets.forum.nl/login/auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=64, rtx=0, c=10, mss=1297, tbw=2782, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 30 Aug 2024 23:31:11 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=291333029881539&ev=PageView&dl=https%3A%2F%2Ftickets.forum.nl%2Flogin%2Fauth&rl=&if=false&ts=1725060671384&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=12318&fbp=fb.1.1725060671383.10690547364493269&ler=empty&cdl=API_unavailable&it=1725060671243&coo=false&rqm=FGET
Requested by
Host: tickets.forum.nl
URL: https://tickets.forum.nl/login/auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Fri, 30 Aug 2024 23:31:11 GMT
document-policy
force-load-at-top
x-fb-server-load
35
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7409079166488058916", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=69, rtx=0, c=10, mss=1297, tbw=3095, tp=-1, tpl=-1, uplat=115, ullat=0
pragma
no-cache
x-fb-debug
HjBOaT19i+e3+m5zVSpiXpFvyza2hM5Klf8KqXaRAybz/qUAO7xyXueb7Q2lFCGql408pIU52fEyGQ37jYGTjA==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7409079166488058916"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
gf_logo_new.svg
tickets.forum.nl/stlt-resources/gf/images/ 		253 B
503 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tickets.forum.nl/stlt-resources/gf/images/gf_logo_new.svg
Requested by
Host: tickets.forum.nl
URL: https://tickets.forum.nl/stlt-resources/gf/css/gf.css?v=23
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.22.253.104 , Netherlands, ASN39704 (CJ2-AS, NL),
Reverse DNS
cj2-cust-gentleware.cust.cj2.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c7e2fcb17f698d2066af0bf40a4560562ab0a72c40afffbc6a0f8919f6ce0aac

Request headers

Referer
https://tickets.forum.nl/stlt-resources/gf/css/gf.css?v=23
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 30 Aug 2024 23:31:11 GMT
Last-Modified
Wed, 14 Aug 2019 11:11:56 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5d53ec7c-fd"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
253
groningerforum.woff
navigatie.forum.nl/fonts/gf-icon/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://navigatie.forum.nl/fonts/gf-icon/groningerforum.woff
Requested by
Host: tickets.forum.nl
URL: https://tickets.forum.nl/stlt-resources/gf/css/gf.css?v=23
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:ac40:0:1:0:fe08:c206:b005 , Netherlands, ASN25459 (NEDZONE-AS, NL),
Reverse DNS
Software
/
Resource Hash
957823cf06bf8bebb91b6d88d9ece0d79dec6c87d74d74ee1313d9351e1bbdb8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' localhost:* *.google.com *.gstatic.com www.google-analytics.com *.jquery.com *.addtoany.com use.fontawesome.com *.cloudflare.com *.youtube.com *.ytimg.com *.googleapis.com *.googletagmanager.com connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net forum.nl *.forum.nl; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com *.cloudflare.com *.addtoany.com cloud.typography.com www.groningerforum.nl forum.nl *.forum.nl; font-src 'self' *.gstatic.com data:; img-src 'self' data: www.google-analytics.com *.gstatic.com *.googleapis.com *.google.com www.facebook.com www.googletagmanager.com *.doubleclick.net *.google.nl *.googleusercontent.com forum.nl *.forum.nl; frame-src 'self' *.google.com *.addtoany.com *.youtube.com *.vimeo.com youtu.be *.activetickets.com activetickets.groningerforum.nl www.facebook.com *.ticketworks.nl *.afasonline.com groningerforum.podiumnederland.nl forum.podiumnederland.nl open.spotify.com; media-src 'self' *.youtube.com *.vimeo.com *.vimeocdn.com *.akamaized.net; connect-src 'self' localhost:* wss://localhost:* *.projectguide.nl www.google-analytics.com stats.g.doubleclick.net; frame-ancestors ;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tickets.forum.nl/
Origin
https://tickets.forum.nl
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' localhost:* *.google.com *.gstatic.com www.google-analytics.com *.jquery.com *.addtoany.com use.fontawesome.com *.cloudflare.com *.youtube.com *.ytimg.com *.googleapis.com *.googletagmanager.com connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net forum.nl *.forum.nl; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com *.cloudflare.com *.addtoany.com cloud.typography.com www.groningerforum.nl forum.nl *.forum.nl; font-src 'self' *.gstatic.com data:; img-src 'self' data: www.google-analytics.com *.gstatic.com *.googleapis.com *.google.com www.facebook.com www.googletagmanager.com *.doubleclick.net *.google.nl *.googleusercontent.com forum.nl *.forum.nl; frame-src 'self' *.google.com *.addtoany.com *.youtube.com *.vimeo.com youtu.be *.activetickets.com activetickets.groningerforum.nl www.facebook.com *.ticketworks.nl *.afasonline.com groningerforum.podiumnederland.nl forum.podiumnederland.nl open.spotify.com; media-src 'self' *.youtube.com *.vimeo.com *.vimeocdn.com *.akamaized.net; connect-src 'self' localhost:* wss://localhost:* *.projectguide.nl www.google-analytics.com stats.g.doubleclick.net; frame-ancestors ;
x-content-type-options
nosniff
date
Fri, 30 Aug 2024 23:31:11 GMT
last-modified
Tue, 10 May 2022 08:36:53 GMT
etag
"1d8644919765644"
x-download-options
noopen
vary
Origin
content-type
application/font-woff
access-control-allow-origin
https://tickets.forum.nl
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
content-length
5828
x-xss-protection
1; mode=block
jizBREVItHgc8qDIbSTKq4XkRiUa6zUTjg.woff2
fonts.gstatic.com/s/librefranklin/v14/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librefranklin/v14/jizBREVItHgc8qDIbSTKq4XkRiUa6zUTjg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin:200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abe8ed84862fad2302094c2b232dc7784812f6cf819666e27fd049051b7e61f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tickets.forum.nl
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 18:40:34 GMT
x-content-type-options
nosniff
age
103837
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31804
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 18:40:34 GMT
latest.js
cdn.cookiecode.nl/dist/ 		646 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookiecode.nl/dist/latest.js?cc:mode=manual
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3DDHHR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.137.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4beaea34b6e250cf7864e695dd451f4b7804714a4214aba83b48bc8f249b428c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 23:31:11 GMT
strict-transport-security
max-age=0
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4070
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Aug 2024 11:11:25 GMT
server
cloudflare
etag
W/"1daefcd0879fbe2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5aLSqHPHTeBzHM4sbGFrs6UOZXv0Iaj2ubmDLU8C1kQLa%2B782nOgwBr402qqSh3VZXpZ8kqjOJI50SfOPso8CsqmTRJHbh3Qzhlt1RUgOLj5MCW9hXd%2BQNWjAWygCdl8teH2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-ray
8bb892ad0966694f-FRA
js
www.googletagmanager.com/gtag/ 		308 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-J4GZWWPHS5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3DDHHR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e4a60877f8ffd8f7b68eaec9a70a1fe5443c614b2436aa550063a7f40de4d584
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 23:31:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
105031
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 30 Aug 2024 23:31:11 GMT
pastease.js
deploy.mopinion.com/js/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deploy.mopinion.com/js/pastease.js
Requested by
Host: tickets.forum.nl
URL: https://tickets.forum.nl/login/auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:2800:d:c8b9:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Pastea.se
Resource Hash
ae863e07d6f0548acb2681cd03beae5a8638b7faa4d811812e6c2cf6ea62d16a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 30 Aug 2024 23:02:26 GMT
via
1.1 d92debab8d9ca0518390aebaec8733a6.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
age
1726
x-powered-by
Pastea.se
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 26 Aug 2024 12:57:13 GMT
server
nginx
etag
W/"9204-1918ec30c28"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=3600
access-control-allow-headers
Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Origin
x-amz-cf-id
Cy9vae6f2CzNQzDmXeybjuqnlF7pqJR6SgfAvUnTkWB2sZFeM7il1g==
collect
www.google-analytics.com/j/ 		15 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1294747942&t=pageview&_s=1&dl=https%3A%2F%2Ftickets.forum.nl%2Flogin%2Fauth&dp=%2Fmtticket%2Flogin%2Fauth&ul=nl-nl&de=UTF-8&dt=Inloggen%20%7C%20Kaartverkoop%20Forum&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDACEABBAAAACAAI~&jid=1019070754&gjid=1273973108&cid=808072886.1725060672&tid=UA-62617480-1&_gid=1847432227.1725060672&_r=1&_slc=1&z=1964574526
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
59bb0f2e2ca305c34e7864fc59a7b4df5d9b303e59490c1c277cc13b61f06be5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 23:31:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tickets.forum.nl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1294747942&t=pageview&_s=1&dl=https%3A%2F%2Ftickets.forum.nl%2Flogin%2Fauth&dp=%2Fmtticket%2Flogin%2Fauth&ul=nl-nl&de=UTF-8&dt=Inloggen%20%7C%20Kaartverkoop%20Forum&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDACEABBAAAACAAI~&jid=691784187&gjid=1436741711&cid=808072886.1725060672&tid=UA-1909959-1&_gid=1847432227.1725060672&_r=1&_slc=1&z=1304980646
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 23:31:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tickets.forum.nl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		264 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2GQTH240CQ&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
147c46725158c6c32947fc9745c6e79456cfd3aefeec59bae0304f67d390b036
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 23:31:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94957
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 30 Aug 2024 23:31:11 GMT
HQxfJ7M6M5zOHwWTlAfH6m348veXwZasFsrsyqeF
deploy.mopinion.com/config/ 		711 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://deploy.mopinion.com/config/HQxfJ7M6M5zOHwWTlAfH6m348veXwZasFsrsyqeF
Requested by
Host: deploy.mopinion.com
URL: https://deploy.mopinion.com/js/pastease.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:2800:d:c8b9:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Pastea.se
Resource Hash
028acf1577e8c581394b2bbffd0e10266c3cb429acf75cd130ec54c6e20c2827
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 22:47:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 25d46f0dbca17b9a78cca036e17d8ad2.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
age
2610
x-powered-by
Pastea.se
x-cache
Hit from cloudfront
content-length
711
x-xss-protection
1; mode=block
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
access-control-allow-headers
Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Origin
x-amz-cf-id
_7NrAzfQImtTWCJPNSoxOm7wEkHmGQEnZjMSEkUrNy-khU0d2UBcRQ==
HQxfJ7M6M5zOHwWTlAfH6m348veXwZasFsrsyqeF
deploy.mopinion.com/config/ 		711 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://deploy.mopinion.com/config/HQxfJ7M6M5zOHwWTlAfH6m348veXwZasFsrsyqeF
Requested by
Host: deploy.mopinion.com
URL: https://deploy.mopinion.com/js/pastease.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:2800:d:c8b9:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Pastea.se
Resource Hash
028acf1577e8c581394b2bbffd0e10266c3cb429acf75cd130ec54c6e20c2827
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 22:47:41 GMT
via
1.1 25d46f0dbca17b9a78cca036e17d8ad2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
ZRH50-C1
age
2610
x-powered-by
Pastea.se
x-cache
Hit from cloudfront
content-length
711
x-xss-protection
1; mode=block
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
access-control-allow-headers
Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Origin
x-amz-cf-id
_7NrAzfQImtTWCJPNSoxOm7wEkHmGQEnZjMSEkUrNy-khU0d2UBcRQ==
/
api.cookiecode.nl/api/config/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cookiecode.nl/api/config/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.137.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://tickets.forum.nl
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept
access-control-allow-methods
GET,POST,PUT,DELETE,HEAD
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8bb892af3d85d22f-FRA
date
Fri, 30 Aug 2024 23:31:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GCtzngoPUAqs%2BDnAxpebDEWFkYbJrjElfNjgGZRxHx2m7l%2FFiLcsFkuvnED025RSwOLoWa0arN6pEIMXZCprs%2BghEAZRTcYGU1ZEuJkTqHUDSr04Pvpx8exvM7k3aLtIepIhzg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0
/
api.cookiecode.nl/api/config/ 		189 B
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.cookiecode.nl/api/config/
Requested by
Host: cdn.cookiecode.nl
URL: https://cdn.cookiecode.nl/dist/latest.js?cc:mode=manual
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.137.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e2b34803ca0d001af689b204060770a5d5df1ce454f74c4d93af0b1766cb836
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 30 Aug 2024 23:31:11 GMT
strict-transport-security
max-age=0
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zOrgLslhlw6bpwGp418jQJDVsTm0GSSufGWR%2BEyPJTZ1ECPQsr%2BVay8ABzsl3SlXLTg5ZUXAHE5ncZrM%2FwVuFcmIDejliCGX%2Fx0WW%2BvS0pYcS%2FcUUl6ZO4XgbZL%2BQJ3fbQQrqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/problem+json; charset=utf-8
access-control-allow-origin
*
cf-ray
8bb892af8e04d22f-FRA
alt-svc
h3=":443"; ma=86400
content-length
189
pastease.js
deploy.mopinion.com/js/ 		37 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://deploy.mopinion.com/js/pastease.js
Requested by
Host: tickets.forum.nl
URL: https://tickets.forum.nl/login/auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:2800:d:c8b9:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Pastea.se
Resource Hash
ae863e07d6f0548acb2681cd03beae5a8638b7faa4d811812e6c2cf6ea62d16a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 23:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 d92debab8d9ca0518390aebaec8733a6.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
age
1726
x-powered-by
Pastea.se
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 26 Aug 2024 12:57:13 GMT
server
nginx
etag
W/"9204-1918ec30c28"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=3600
access-control-allow-headers
Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Origin
x-amz-cf-id
Cy9vae6f2CzNQzDmXeybjuqnlF7pqJR6SgfAvUnTkWB2sZFeM7il1g==
twt-logo.png
tickets.forum.nl/stlt-resources/gf/images/ 		580 B
744 B 		Other
General
Check archive.org
Download Go to
Full URL
https://tickets.forum.nl/stlt-resources/gf/images/twt-logo.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.22.253.104 , Netherlands, ASN39704 (CJ2-AS, NL),
Reverse DNS
cj2-cust-gentleware.cust.cj2.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cbf1fdfdb7257daf8b0905d94bd04e2829c502c9c01b1d96bb979069e2ebc895

Request headers

Referer
https://tickets.forum.nl/login/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 30 Aug 2024 23:31:11 GMT
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Content-Length
580
Content-Type
text/html
HQxfJ7M6M5zOHwWTlAfH6m348veXwZasFsrsyqeF
deploy.mopinion.com/config/ 		711 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://deploy.mopinion.com/config/HQxfJ7M6M5zOHwWTlAfH6m348veXwZasFsrsyqeF
Requested by
Host: deploy.mopinion.com
URL: https://deploy.mopinion.com/js/pastease.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:2800:d:c8b9:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Pastea.se
Resource Hash
028acf1577e8c581394b2bbffd0e10266c3cb429acf75cd130ec54c6e20c2827
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 22:47:41 GMT
via
1.1 25d46f0dbca17b9a78cca036e17d8ad2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
ZRH50-C1
age
2610
x-powered-by
Pastea.se
x-cache
Hit from cloudfront
content-length
711
x-xss-protection
1; mode=block
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
access-control-allow-headers
Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Origin
x-amz-cf-id
_7NrAzfQImtTWCJPNSoxOm7wEkHmGQEnZjMSEkUrNy-khU0d2UBcRQ==
950.latest.js
cdn.cookiecode.nl/dist/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookiecode.nl/dist/950.latest.js
Requested by
Host: cdn.cookiecode.nl
URL: https://cdn.cookiecode.nl/dist/latest.js?cc:mode=manual
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.137.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b81c6e779043382899a76561097b5d9fc787283d4dd39b97f9490b457b845ca
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 23:31:12 GMT
strict-transport-security
max-age=0
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 30 Jan 2024 14:35:04 GMT
server
cloudflare
etag
W/"1da538983573626"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OP8ZBk6JJBYClkYXBLbPHJYltTBXbKW0iTbTSzjt3OLd3%2BI%2BwWbEFPL2WOV6sKKfDUrjkpoHZi7XYSyoieVEzMcOr%2BZdaoyzbdxRzTj%2Ff2wSPwHc50UaXgs%2F0GiV2UKqdp7IcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-ray
8bb892b03aee694f-FRA
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2GQTH240CQ&gtm=45je48s0v9124680900za200&_p=1725060671074&gcs=G100&gcd=13p3p3p2p6l1&npa=1&dma_cps=-&dma=1&tcfd=1000h&tag_exp=0&ul=nl-nl&sr=1600x1200&cid=808072886.1725060672&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=ABAI&_s=1&dl=https%3A%2F%2Ftickets.forum.nl%2Flogin%2Fauth&dp=%2Fmtticket%2Flogin%2Fauth&dt=Inloggen%20%7C%20Kaartverkoop%20Forum&sid=1725060671&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3262
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2GQTH240CQ&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 23:31:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tickets.forum.nl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-J4GZWWPHS5&gtm=45je48s0v894023328z8892270830za200zb892270830&_p=1725060671074&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tcfd=1000h&tag_exp=0&gtm_up=1&cid=962289294.1725060674&ecid=1242059515&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&ec_mode=a&_s=1&sid=1725060671&sct=1&seg=0&dl=https%3A%2F%2Ftickets.forum.nl%2Flogin%2Fauth&dt=Inloggen%20%7C%20Kaartverkoop%20Forum&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3264
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J4GZWWPHS5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 23:31:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tickets.forum.nl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-J4GZWWPHS5&gtm=45je48s0v894023328za200zb892270830&_p=1725060671074&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tcfd=1000h&tag_exp=0&gtm_up=1&cid=962289294.1725060674&ecid=1242059515&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&ec_mode=a&_eu=AEA&_s=2&sid=1725060671&sct=1&seg=0&dl=https%3A%2F%2Ftickets.forum.nl%2Flogin%2Fauth&dt=Inloggen%20%7C%20Kaartverkoop%20Forum&en=scroll&_c=1&epn.percent_scrolled=90&tfd=3265
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J4GZWWPHS5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://tickets.forum.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 23:31:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tickets.forum.nl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| process function| $ function| jQuery function| Hammer object| twtGTM function| productMapping function| purchaseActionFieldMapping object| twtGTM4 function| gtm4ProductMapping function| gtm4CartMapping function| gtm4PurchaseMapping string| mtBaseUrl string| lang function| fbq function| _fbq object| dataLayer string| stltGa string| stltGaName object| stltGaLinkedDomain string| pv string| stltPv string| GoogleAnalyticsObject function| ga object| google_tag_manager object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| webpackChunk_mopinion_deploy object| Pastease object| mopinionDeploy object| webpackChunkcc_script function| __tcfapi object| CookieCode object| Praivacy

6 Cookies

Domain/Path Name / Value
tickets.forum.nl/ Name: JSESSIONID
Value: 1F9C1254F719A26BB42D0B758385A431
.forum.nl/ Name: _fbp
Value: fb.1.1725060671383.10690547364493269
.forum.nl/ Name: _ga
Value: GA1.2.808072886.1725060672
.forum.nl/ Name: _gid
Value: GA1.2.1847432227.1725060672
.forum.nl/ Name: _gat
Value: 1
.forum.nl/ Name: _gat_gfTracker
Value: 1

3 Console Messages

Source Level URL
Text
recommendation verbose URL: https://tickets.forum.nl/login/auth
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://tickets.forum.nl/stlt-resources/gf/images/twt-logo.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://api.cookiecode.nl/api/config/
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.cookiecode.nl
cdn.cookiecode.nl
connect.facebook.net
deploy.mopinion.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
navigatie.forum.nl
region1.google-analytics.com
tickets.forum.nl
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
104.18.11.207
157.240.0.6
172.217.16.200
172.67.137.189
2001:4860:4802:34::36
2600:9000:2190:2800:d:c8b9:46c0:93a1
2a00:1450:4001:806::2008
2a00:1450:4001:806::200e
2a00:1450:4001:809::2003
2a00:1450:4001:82b::200a
2a02:ac40:0:1:0:fe08:c206:b005
2a03:2880:f177:185:face:b00c:0:25de
5.22.253.104
028acf1577e8c581394b2bbffd0e10266c3cb429acf75cd130ec54c6e20c2827
147c46725158c6c32947fc9745c6e79456cfd3aefeec59bae0304f67d390b036
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
33dd534f65afcbd2ffb2434c1123a53e91d08ffa0159efa44722d036f583e70b
379d745d78e0653544e7ea04af546c0afd450a7c642d6c0537423d776a56775b
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
4beaea34b6e250cf7864e695dd451f4b7804714a4214aba83b48bc8f249b428c
4e2b34803ca0d001af689b204060770a5d5df1ce454f74c4d93af0b1766cb836
57ec6eaadb2e4353c96d43344188f7daec3b298a51af71939b882f23abcb1b01
59bb0f2e2ca305c34e7864fc59a7b4df5d9b303e59490c1c277cc13b61f06be5
5cccc465f4c8cdcec789a0b28846823f18646206351bc9ff794f1aec7f58f5b0
5e96e108dbe185034a999a3161d464439c1c7105eb7c5bc2d25458bb42ee4d2e
5fdbd7809fd5dba373aabf25798e75ace378935bf1d8dc19c5964ed348eb3d96
6b81c6e779043382899a76561097b5d9fc787283d4dd39b97f9490b457b845ca
7679699f4cd592230346aab38272bd3dc482128a245eac74ae4591504f53a452
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
957823cf06bf8bebb91b6d88d9ece0d79dec6c87d74d74ee1313d9351e1bbdb8
95bf8c32672c32ea7249642b826dfc642a997fb5a442719b4c1de3d0e9920719
98577631b44e34e1325ccbe87cfcda803f9ce9b546b33b580757d2bd2f488a02
9bb4e6a9cf233cc6be038894eb8b98af62a04acc775fd6c0d1f6d90f3f649667
a86f72c1cff933d18b8b5f4c0af9a25e630ed17db548ee89c67601fd4c33f1dc
a8da1fa7f80a5d8ed1756c6031fedd1322f5c3f90f3b2343ca646e86e85e2a42
a901eaf311cb3047e3daa253bd30797040845ae4fa60aaccffe14a77c9cb4f03
aa639da456e26e1fb2635e101c5d9af74340c10a0fa64f66efa7ecd74c732f8f
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abe8ed84862fad2302094c2b232dc7784812f6cf819666e27fd049051b7e61f2
ae863e07d6f0548acb2681cd03beae5a8638b7faa4d811812e6c2cf6ea62d16a
b3a3f87489ea0cfa08ca17c64ab2afb4534d178846fd1764c060d0c9738b9cdb
b64ea6cf207e7770f86d61f4d9e6b77b17802e884d57d108a883ffc38ea1c2c7
c51722c819d5a22889f25bec48b11bf446902c2e696da9353dde22675048e6e7
c7e2fcb17f698d2066af0bf40a4560562ab0a72c40afffbc6a0f8919f6ce0aac
cbf1fdfdb7257daf8b0905d94bd04e2829c502c9c01b1d96bb979069e2ebc895
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a60877f8ffd8f7b68eaec9a70a1fe5443c614b2436aa550063a7f40de4d584
edbf37f6db3f632faaeeeee4aa127c204d0bcc52e940682bc5d4b0fa48ded96b