urlscan.io logo urlscan.io
SecurityTrails logo

forum.festileaks.com Open in urlscan Pro
5.157.87.144  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tinyurl.com/y9nyb2kb
Effective URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Submission: On May 25 via manual from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 5 countries across 14 domains to perform 61 HTTP transactions. The main IP is 5.157.87.144, located in Netherlands and belongs to CLDIN-NL Total Webhosting Solutions TWS in, NL. The main domain is forum.festileaks.com.
TLS certificate: Issued by R3 on May 20th 2022. Valid for: 3 months.
This is the only time forum.festileaks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
26 5.157.87.144 48635 (CLDIN-NL ...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 91.224.242.15 42093 (INTERRACK...)
1 91.224.242.17 42093 (INTERRACK...)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
2 142.250.185.226 15169 (GOOGLE)
1 65.9.63.49 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 108.157.4.86 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 108.157.4.53 16509 (AMAZON-02)
1 34.250.211.64 16509 (AMAZON-02)
61 18
1    2606:4700:10::6814:8a41 (United States)

ASN13335 (CLOUDFLARENET, US)
tinyurl.com
26    5.157.87.144 (Netherlands)

ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL)
PTR: vps-b5231.firstfind.nl
forum.festileaks.com
festileaks.com
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    91.224.242.15 (Netherlands)

ASN42093 (INTERRACKS-AS, NL)
resources.adrequest.net
1    91.224.242.17 (Netherlands)

ASN42093 (INTERRACKS-AS, NL)
feeds.adrequest.net
8    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
www.google-analytics.com
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
2    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
securepubads.g.doubleclick.net
1    65.9.63.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-49.fra56.r.cloudfront.net
static.hotjar.com
2    2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    108.157.4.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-86.dus51.r.cloudfront.net
script.hotjar.com
3    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.nl
1    108.157.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-53.dus51.r.cloudfront.net
vars.hotjar.com
1    34.250.211.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-211-64.eu-west-1.compute.amazonaws.com
in.hotjar.com
Apex Domain
Subdomains		 Transfer
26 festileaks.com
forum.festileaks.com
festileaks.com
747 KB
6 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2279
www.google.com — Cisco Umbrella Rank: 7
88 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 645
script.hotjar.com — Cisco Umbrella Rank: 896
vars.hotjar.com — Cisco Umbrella Rank: 989
in.hotjar.com — Cisco Umbrella Rank: 1730
67 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187
stats.g.doubleclick.net — Cisco Umbrella Rank: 92
126 KB
4 adrequest.net
resources.adrequest.net — Cisco Umbrella Rank: 523001
feeds.adrequest.net — Cisco Umbrella Rank: 732719
173 KB
3 gstatic.com
fonts.gstatic.com
184 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
168 KB
2 google.nl
www.google.nl — Cisco Umbrella Rank: 8284
608 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
4 KB
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 1727
36 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 175
29 KB
1 tinyurl.com
tinyurl.com — Cisco Umbrella Rank: 18346
448 B
0 nextday.media Failed
cmp.nextday.media Failed
61 14
Domain Requested by
22 forum.festileaks.com forum.festileaks.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 fundingchoicesmessages.google.com forum.festileaks.com
4 festileaks.com forum.festileaks.com
3 fonts.gstatic.com fonts.googleapis.com
3 resources.adrequest.net forum.festileaks.com
resources.adrequest.net
3 www.googletagmanager.com forum.festileaks.com
www.googletagmanager.com
2 www.google.nl forum.festileaks.com
2 www.google.com forum.festileaks.com
2 stats.g.doubleclick.net www.google-analytics.com
2 securepubads.g.doubleclick.net www.googletagservices.com
2 fonts.googleapis.com forum.festileaks.com
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.googletagmanager.com
1 secure.gravatar.com forum.festileaks.com
1 feeds.adrequest.net resources.adrequest.net
1 www.googletagservices.com forum.festileaks.com
1 tinyurl.com 1 redirects
0 cmp.nextday.media Failed forum.festileaks.com
61 21
Subject Issuer Validity Valid
forum.festileaks.com
R3		 2022-05-20 -
2022-08-18		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
festileaks.com
R3		 2022-05-20 -
2022-08-18		 3 months crt.sh
resources.adrequest.net
R3		 2022-04-18 -
2022-07-17		 3 months crt.sh
feeds.adrequest.net
R3		 2022-04-17 -
2022-07-16		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://forum.festileaks.com/members/online-casino-nederland.41364/
Frame ID: B54B1C6012A7B6DBE49448EC9C58DD1F
Requests: 60 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html
Frame ID: BCE41F6CD5D7CC046E15590A42478CAD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online Casino Nederland | Festileaks Festival Forum

Page URL History Show full URLs

  1. https://tinyurl.com/y9nyb2kb HTTP 301
    https://forum.festileaks.com/members/online-casino-nederland.41364/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <[^>]+gravatar\.com/avatar/
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

61
Requests

98 %
HTTPS

56 %
IPv6

14
Domains

21
Subdomains

18
IPs

5
Countries

1644 kB
Transfer

3953 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tinyurl.com/y9nyb2kb HTTP 301
    https://forum.festileaks.com/members/online-casino-nederland.41364/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
forum.festileaks.com/members/online-casino-nederland.41364/
Redirect Chain
  • https://tinyurl.com/y9nyb2kb
  • https://forum.festileaks.com/members/online-casino-nederland.41364/
73 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS
vps-b5231.firstfind.nl
Software
nginx /
Resource Hash
ccbc9114f0936679a5cd479c160113532ab0fcaa4d1e9cd8b298a6c6f15ba014
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
private, no-cache, max-age=0
content-encoding
gzip
content-length
23122
content-type
text/html; charset=utf-8
date
Wed, 25 May 2022 16:31:50 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
last-modified
Wed, 25 May 2022 16:31:50 GMT
server
nginx
vary
Accept-Encoding
x-cache
not cached
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, public, s-max-age=900, stale-if-error: 86400
cf-cache-status
DYNAMIC
cf-ray
710fa9e16edd5b7a-FRA
content-type
text/html; charset=UTF-8
date
Wed, 25 May 2022 16:31:50 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://forum.festileaks.com/members/online-casino-nederland.41364/#about
referrer-policy
unsafe-url
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-powered-by
PHP/7.4.28
x-xss-protection
1; mode=block
css.php
forum.festileaks.com/ 		308 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forum.festileaks.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=8&l=4&d=1647277084&k=47ad4c783e6ad12ee7fc27159cb4b66abd2a56a1
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS
vps-b5231.firstfind.nl
Software
nginx /
Resource Hash
f985c5f236e82d857e6411718352aa8c4523f747dbb15c1f9f170b91af85c5bc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:50 GMT
content-encoding
gzip
last-modified
Mon, 14 Mar 2022 16:58:04 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
not cached
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
content-length
60343
expires
Thu, 25 May 2023 16:31:50 GMT
materialdesignicons-webfont.woff2
forum.festileaks.com/styles/uix/fonts/icons/material-icons/fonts/ 		312 KB
313 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://forum.festileaks.com/styles/uix/fonts/icons/material-icons/fonts/materialdesignicons-webfont.woff2?v=5.8.55
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS
vps-b5231.firstfind.nl
Software
nginx /
Resource Hash
34845bb6344cdad5b3e15a37bcfee67bde497cdf5805d31c952c35a92b630e67

Request headers

Referer
https://forum.festileaks.com/members/online-casino-nederland.41364/
Origin
https://forum.festileaks.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:50 GMT
last-modified
Tue, 23 Mar 2021 14:08:33 GMT
server
nginx
etag
"6059f661-4e1f0"
content-type
application/octet-stream
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
319984
expires
Thu, 31 Dec 2037 23:55:55 GMT
materialdesignicons.min.css
forum.festileaks.com/styles/uix/fonts/icons/material-icons/css/ 		263 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forum.festileaks.com/styles/uix/fonts/icons/material-icons/css/materialdesignicons.min.css?d=1635174640
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS
vps-b5231.firstfind.nl
Software
nginx /
Resource Hash
1193e835baf1666d6e589dc3bfee84e7482c8a7536c35883d10cc11abd134604

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:50 GMT
content-encoding
gzip
last-modified
Tue, 23 Mar 2021 14:08:33 GMT
server
nginx
etag
W/"6059f661-41c3a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
expires
Thu, 25 May 2023 16:31:50 GMT
css.php
forum.festileaks.com/ 		46 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forum.festileaks.com/css.php?css=public%3Amember.less%2Cpublic%3Auix.less%2Cpublic%3Auix_extendedFooter.less%2Cpublic%3Auix_socialMedia.less%2Cpublic%3Aextra.less&s=8&l=4&d=1647277084&k=12a5adfa8e0dacb7e5804b5234d304fc8da8fa4f
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS
vps-b5231.firstfind.nl
Software
nginx /
Resource Hash
2f274476eadd5bd8c51a3609df13ad472202bbc83398474399adbda6f7e2543a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:50 GMT
content-encoding
gzip
last-modified
Mon, 14 Mar 2022 16:58:04 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
not cached
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
content-length
10916
expires
Thu, 25 May 2023 16:31:50 GMT
css
fonts.googleapis.com/ 		1 KB
920 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Be%20Vietnam
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3b137d3cf2f19f06c81e624265c17910d52ea2c73ed522ed1c08215dbf5249e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 25 May 2022 16:31:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 25 May 2022 16:31:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 25 May 2022 16:31:50 GMT
preamble.min.js
forum.festileaks.com/js/xf/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.festileaks.com/js/xf/preamble.min.js?_v=2e74f03f
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS
vps-b5231.firstfind.nl
Software
nginx /
Resource Hash
b48fc223d524430ef86336e524ca8b95b74927ca840abc04a0407b58e5905823

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:50 GMT
content-encoding
gzip
last-modified
Fri, 19 Mar 2021 15:10:02 GMT
server
nginx
etag
W/"6054beca-c4a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
expires
Thu, 25 May 2023 16:31:50 GMT
js
www.googletagmanager.com/gtag/ 		100 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-24751788-1
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
331cc5fee8a298c3d99afe2d7534d53c4ff6c1e5ce6756e8e84ea40b8500b580
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39537
x-xss-protection
0
last-modified
Wed, 25 May 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 25 May 2022 16:31:51 GMT
gpt.js
www.googletagservices.com/tag/js/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
162ded05f97ed443e05d0b1d74e11c396a242937fd48b3b436f8f6d568f6c49c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28686
x-xss-protection
0
server
sffe
etag
"1225 / 948 of 1000 / last-modified: 1653493294"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 25 May 2022 16:31:51 GMT
ads-forum-page.js
festileaks.com/wp-content/themes/Newspaper-child/planetnine/ 		5 KB
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://festileaks.com/wp-content/themes/Newspaper-child/planetnine/ads-forum-page.js
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS
vps-b5231.firstfind.nl
Software
nginx /
Resource Hash
a3e4a88444af4b36d4346b0d279af5cc7c0cb6e648e13cf71b289b7c25cbcc3a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:50 GMT
content-encoding
gzip
last-modified
Mon, 12 Apr 2021 14:09:51 GMT
server
nginx
etag
W/"607454af-14af"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
expires
Thu, 25 May 2023 16:31:50 GMT
festileaks.com.js
resources.adrequest.net/scripts/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.adrequest.net/scripts/festileaks.com.js
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
91.224.242.15 , Netherlands, ASN42093 (INTERRACKS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
555e7d6143a698dfd9bb91775419f620dbcfb6b44d3a1a23f85d1094ddf84159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 16:31:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 01 Apr 2022 12:55:31 GMT
Server
nginx
ETag
W/"6246f643-3f38"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
Wed, 25 May 2022 16:31:49 GMT
cmp.ndmtag.bundle.js
cmp.nextday.media/ 		0
0
lazy-load.min.js
forum.festileaks.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.festileaks.com/lazy-load.min.js
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS
vps-b5231.firstfind.nl
Software
nginx /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:50 GMT
server
nginx
content-length
564
content-type
text/html; charset=utf-8
FESTILEAKS-LOGO-2017-FULL.png
forum.festileaks.com/data/assets/logo/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.festileaks.com/data/assets/logo/FESTILEAKS-LOGO-2017-FULL.png
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS
vps-b5231.firstfind.nl
Software
nginx /
Resource Hash
07bc57e035505f4e21fbca448d989e90d8945eeda2bf78d921492c729a709a71

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:50 GMT
last-modified
Tue, 23 Mar 2021 14:32:05 GMT
server
nginx
etag
"6059fbe5-104b3"
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
66739
expires
Thu, 31 Dec 2037 23:55:55 GMT
uix_logoSmall.png
forum.festileaks.com/styles/uix/basic/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.festileaks.com/styles/uix/basic/uix_logoSmall.png
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS
vps-b5231.firstfind.nl
Software
nginx /
Resource Hash
590cc18e3930c115690a4324b121b446a28761f33cc508f4ec900963963960a2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:50 GMT
last-modified
Tue, 23 Mar 2021 14:18:00 GMT
server
nginx
etag
"6059f898-de86"
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
56966
expires
Thu, 31 Dec 2037 23:55:55 GMT
FESTILEAKS-LOGO-2017-FULL-324x160-1.png
festileaks.com/wp-content/uploads/2017/10/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://festileaks.com/wp-content/uploads/2017/10/FESTILEAKS-LOGO-2017-FULL-324x160-1.png
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS
vps-b5231.firstfind.nl
Software
nginx /
Resource Hash
76f43d1677e854d0a99af07594a5e7646263159f320b078d18c914f77531958a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:50 GMT
last-modified
Tue, 14 May 2019 00:47:56 GMT
server
nginx
etag
"5cda103c-6076"
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
24694
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo_woty_nl_100x100.png
festileaks.com/wp-content/uploads/2019/06/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://festileaks.com/wp-content/uploads/2019/06/logo_woty_nl_100x100.png
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS
vps-b5231.firstfind.nl
Software
nginx /
Resource Hash
4b7fb9af94daa4c004cca7dcdc0142d75c7924c88b3b9249c3fa846bb8937eef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:50 GMT
last-modified
Fri, 28 Jun 2019 17:34:53 GMT
server
nginx
etag
"5d164fbd-26a4"
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
9892
expires
Thu, 31 Dec 2037 23:55:55 GMT
MagMedia_logo_web-2.jpg
festileaks.com/wp-content/uploads/2020/12/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://festileaks.com/wp-content/uploads/2020/12/MagMedia_logo_web-2.jpg
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS
vps-b5231.firstfind.nl
Software
nginx /
Resource Hash
abaa372b94de7240fc0834dbe48ab3f3b9613d901230ef32c3e69153dbc002f8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:50 GMT
last-modified
Tue, 01 Dec 2020 22:27:54 GMT
server
nginx
etag
"5fc6c36a-1361"
content-type
image/jpeg
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
4961
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-3.5.1.min.js
forum.festileaks.com/js/vendor/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.festileaks.com/js/vendor/jquery/jquery-3.5.1.min.js?_v=2e74f03f
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS
vps-b5231.firstfind.nl
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:50 GMT
content-encoding
gzip
last-modified
Fri, 19 Mar 2021 15:14:30 GMT
server
nginx
etag
W/"6054bfd6-15d84"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
expires
Thu, 25 May 2023 16:31:50 GMT
vendor-compiled.js
forum.festileaks.com/js/vendor/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.festileaks.com/js/vendor/vendor-compiled.js?_v=2e74f03f
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS
vps-b5231.firstfind.nl
Software
nginx /
Resource Hash
a97392a02775136f7fcda1786540414e4a6595f79c49dc1bc9c790f472a9a9f3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:50 GMT
content-encoding
gzip
last-modified
Fri, 19 Mar 2021 15:09:58 GMT
server
nginx
etag
W/"6054bec6-113ab"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
expires
Thu, 25 May 2023 16:31:50 GMT
core-compiled.js
forum.festileaks.com/js/xf/ 		218 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.festileaks.com/js/xf/core-compiled.js?_v=2e74f03f
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS
vps-b5231.firstfind.nl
Software
nginx /
Resource Hash
cd5051d15ab5051e0cbd9414ebd4327bf42bcbe0ba0b528b27835c14bb43c7cf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:50 GMT
content-encoding
gzip
last-modified
Wed, 04 Aug 2021 11:51:41 GMT
server
nginx
etag
W/"610a7f4d-3693c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
expires
Thu, 25 May 2023 16:31:50 GMT
inline_mod.min.js
forum.festileaks.com/js/xf/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.festileaks.com/js/xf/inline_mod.min.js?_v=2e74f03f
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS
vps-b5231.firstfind.nl
Software
nginx /
Resource Hash
0682e25804d75ee67c4be9254e80883e3ee2df63c57dac331fc3e38c255c83eb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:50 GMT
content-encoding
gzip
last-modified
Wed, 04 Aug 2021 11:51:41 GMT
server
nginx
etag
W/"610a7f4d-1cbd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
expires
Thu, 25 May 2023 16:31:50 GMT
ripple.min.js
forum.festileaks.com/js/themehouse/uix/ 		1 KB
914 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.festileaks.com/js/themehouse/uix/ripple.min.js?_v=2e74f03f
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS
vps-b5231.firstfind.nl
Software
nginx /
Resource Hash
d4e14fe027197ebdbd6e9ab1f0d963379e4851fdbe85225acf84ef2f1f67558d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:50 GMT
content-encoding
gzip
last-modified
Tue, 23 Mar 2021 14:08:33 GMT
server
nginx
etag
W/"6059f661-58c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
expires
Thu, 25 May 2023 16:31:50 GMT
20210125.min.js
forum.festileaks.com/js/themehouse/global/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.festileaks.com/js/themehouse/global/20210125.min.js?_v=2e74f03f
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS
vps-b5231.firstfind.nl
Software
nginx /
Resource Hash
7e5c23918762997e2851f5ca38481431503c5a7036e19a128035804a935c0e4e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:50 GMT
content-encoding
gzip
last-modified
Tue, 23 Mar 2021 14:08:33 GMT
server
nginx
etag
W/"6059f661-2b29"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
expires
Thu, 25 May 2023 16:31:50 GMT
index.min.js
forum.festileaks.com/js/themehouse/uix/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.festileaks.com/js/themehouse/uix/index.min.js?_v=2e74f03f
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS
vps-b5231.firstfind.nl
Software
nginx /
Resource Hash
03e9903204561f2a2bdc85b768de9cebb2a59d97513c8e41fe32f250dc144294

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:50 GMT
content-encoding
gzip
last-modified
Tue, 23 Mar 2021 14:08:33 GMT
server
nginx
etag
W/"6059f661-2026"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
expires
Thu, 25 May 2023 16:31:50 GMT
jquery.hoverIntent.min.js
forum.festileaks.com/js/themehouse/uix/vendor/hover-intent/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.festileaks.com/js/themehouse/uix/vendor/hover-intent/jquery.hoverIntent.min.js?_v=2e74f03f
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS
vps-b5231.firstfind.nl
Software
nginx /
Resource Hash
844723d288a84c14a3f75ff2db1463fca5b4c4c710e3cc3a111624ed959665d9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:50 GMT
content-encoding
gzip
last-modified
Tue, 23 Mar 2021 14:08:33 GMT
server
nginx
etag
W/"6059f661-8c4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
expires
Thu, 25 May 2023 16:31:50 GMT
defer.min.js
forum.festileaks.com/js/themehouse/uix/ 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.festileaks.com/js/themehouse/uix/defer.min.js?_v=2e74f03f
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS
vps-b5231.firstfind.nl
Software
nginx /
Resource Hash
4ca5c394b025a327b799f80fb140f4702eac4838bbcbf6d19c1c3c27dcfa26a0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:50 GMT
content-encoding
gzip
last-modified
Tue, 23 Mar 2021 14:08:33 GMT
server
nginx
etag
W/"6059f661-4625"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
expires
Thu, 25 May 2023 16:31:50 GMT
deferFab.min.js
forum.festileaks.com/js/themehouse/uix/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.festileaks.com/js/themehouse/uix/deferFab.min.js?_v=2e74f03f
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS
vps-b5231.firstfind.nl
Software
nginx /
Resource Hash
3bb0e231fc7fd3a5401b3159990a4718a2257c594cdba910d15b47a80f27ead3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:50 GMT
content-encoding
gzip
last-modified
Tue, 23 Mar 2021 14:08:33 GMT
server
nginx
etag
W/"6059f661-cec"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
expires
Thu, 25 May 2023 16:31:50 GMT
deferNodesCollapse.min.js
forum.festileaks.com/js/themehouse/uix/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.festileaks.com/js/themehouse/uix/deferNodesCollapse.min.js?_v=2e74f03f
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS
vps-b5231.firstfind.nl
Software
nginx /
Resource Hash
0740cfa18f7a531068226a5942c41a8f0624789cd2cb46597a7ca0259752295a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:50 GMT
content-encoding
gzip
last-modified
Tue, 23 Mar 2021 14:08:33 GMT
server
nginx
etag
W/"6059f661-b62"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
expires
Thu, 25 May 2023 16:31:50 GMT
deferWidthToggle.min.js
forum.festileaks.com/js/themehouse/uix/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.festileaks.com/js/themehouse/uix/deferWidthToggle.min.js?_v=2e74f03f
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS
vps-b5231.firstfind.nl
Software
nginx /
Resource Hash
12a4495dcf4f799da379ec9caf3cfd5fbc675b6228d9ce5dc00eed49bfb5128c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:50 GMT
content-encoding
gzip
last-modified
Tue, 23 Mar 2021 14:08:33 GMT
server
nginx
etag
W/"6059f661-94c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
expires
Thu, 25 May 2023 16:31:50 GMT
sspp.js
resources.adrequest.net/player/latest/ 		253 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.adrequest.net/player/latest/sspp.js
Requested by
Host: resources.adrequest.net
URL: https://resources.adrequest.net/scripts/festileaks.com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
91.224.242.15 , Netherlands, ASN42093 (INTERRACKS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
eeedfd9404ebf11862c1c06b21162cbbb8a1c40b2ad18a76137a47fee0814349
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 16:31:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 Jan 2022 09:28:37 GMT
Server
nginx
ETag
W/"61ee7145-3f2c8"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
Wed, 25 May 2022 16:31:49 GMT
sspp.prebid6.10.0.js
resources.adrequest.net/prebid/ 		220 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.adrequest.net/prebid/sspp.prebid6.10.0.js
Requested by
Host: resources.adrequest.net
URL: https://resources.adrequest.net/scripts/festileaks.com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
91.224.242.15 , Netherlands, ASN42093 (INTERRACKS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
10af9b7e04c1c83b6d8bf2b00d0cfa2a5cd7c0ad7d02fb449fac19a38a8b12d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 16:31:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 09 Feb 2022 11:30:09 GMT
Server
nginx
ETag
W/"6203a5c1-36feb"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
Wed, 25 May 2022 16:31:50 GMT
sm-6022606566e96
feeds.adrequest.net/api/prebid/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://feeds.adrequest.net/api/prebid/sm-6022606566e96
Requested by
Host: resources.adrequest.net
URL: https://resources.adrequest.net/scripts/festileaks.com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
91.224.242.17 , Netherlands, ASN42093 (INTERRACKS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
1315511a86bd53cb54131134f50a5b410df46cdd29084cb7403a0c5a6d04a7ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 16:31:51 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, Origin
Transfer-Encoding
chunked
X-RateLimit-Remaining
59
Connection
keep-alive
X-XSS-Protection
1; mode=block
Server
nginx
X-Frame-Options
SAMEORIGIN
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://forum.festileaks.com
Cache-Control
no-cache, private
Access-Control-Allow-Credentials
true
X-RateLimit-Limit
60
Access-Control-Allow-Headers
Content-Type, Authorization, X-Requested-With
X-Content-Type-Options
nosniff
AGSKWxX3kHH-EhgLXqy8Gnpw7LM2w1r5sQ8q0lImVir0_5qVF9kbrYdplJKusY_O27qpPfcNSCmJM2M24osXOO7YwoQ=
fundingchoicesmessages.google.com/f/ 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX3kHH-EhgLXqy8Gnpw7LM2w1r5sQ8q0lImVir0_5qVF9kbrYdplJKusY_O27qpPfcNSCmJM2M24osXOO7YwoQ=
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b0f14923999bf5764e94d9242396f5f774cde17ecf5fc0f0ba3638215718162f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-we1kudx6jihVtL8wFqJF1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-we1kudx6jihVtL8wFqJF1A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-we1kudx6jihVtL8wFqJF1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-we1kudx6jihVtL8wFqJF1A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		176 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TH5RJSX
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ad3c275735870026563e2df3e1c609b11cb993c053cda3a7d5d0204afa320bd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62215
x-xss-protection
0
last-modified
Wed, 25 May 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 25 May 2022 16:31:51 GMT
47a225948528c2c017b73af26e0f7137
secure.gravatar.com/avatar/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/47a225948528c2c017b73af26e0f7137?s=192
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
460037b31250d5410c909ac7bb553b4de2dcbcbc52a9f7699a7fcf2afc2e6461

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Wed, 25 May 2022 16:31:51 GMT
last-modified
Mon, 07 Sep 2020 13:46:28 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="47a225948528c2c017b73af26e0f7137.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/47a225948528c2c017b73af26e0f7137?s=192>; rel="canonical"
content-length
36989
expires
Wed, 25 May 2022 16:36:51 GMT
pubads_impl_2022051901.js
securepubads.g.doubleclick.net/gpt/ 		367 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
b2b1dec112659f4ebebe1b62a838d3fb57a67fb0d31baa1371c3fe5420643120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 14:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6304
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127573
x-xss-protection
0
last-modified
Thu, 19 May 2022 08:36:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 25 May 2023 14:46:47 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		125 B
740 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=forum.festileaks.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e80a6b4b666563841ab840a29d19a5ed27166c62c072d1f0df31321e3aed64f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 25 May 2022 16:31:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
expires
Wed, 25 May 2022 16:31:51 GMT
AGSKWxUYeNU_NZLVJuKlzOLHidzHOd6uAXdh4AUHA75CJb5p2Xd9yP_kzem7Ii_yEkbnYqTkElqzIG7QPJ2-hDEyXUw=
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUYeNU_NZLVJuKlzOLHidzHOd6uAXdh4AUHA75CJb5p2Xd9yP_kzem7Ii_yEkbnYqTkElqzIG7QPJ2-hDEyXUw=?pvid=DF2A448F-59A0-4595-B0F3-E13C7B8E154B&anonid=8663CF7A-AACF-4B60-988E-40660494BBDC
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.Eah8cQf-CHo.es5.O/d=1/rs=AJlcJMzqF0iVskCpwsc67lP7h0rjB4gITA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CqDzr68eoYVnavoMFz_rOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-CqDzr68eoYVnavoMFz_rOw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://forum.festileaks.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 May 2022 16:31:51 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://forum.festileaks.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CqDzr68eoYVnavoMFz_rOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-CqDzr68eoYVnavoMFz_rOw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUJW7-TtLFUg4KqIL7d_TvZ0sG19go61DKbQ_Omyzn7R6A9gSTJ60aafi0AsBcsDUrnVqLzn_H48egpHekUqv4=
fundingchoicesmessages.google.com/f/ 		273 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUJW7-TtLFUg4KqIL7d_TvZ0sG19go61DKbQ_Omyzn7R6A9gSTJ60aafi0AsBcsDUrnVqLzn_H48egpHekUqv4=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjUzNDk2MzExLDE0NzAwMDAwMF0sIkRGMkE0NDhGLTU5QTAtNDU5NS1CMEYzLUUxM0M3QjhFMTU0QiIsIjg2NjNDRjdBLUFBQ0YtNEI2MC05ODhFLTQwNjYwNDk0QkJEQyIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2ZvcnVtLmZlc3RpbGVha3MuY29tL21lbWJlcnMvb25saW5lLWNhc2luby1uZWRlcmxhbmQuNDEzNjQvIixudWxsLFtdXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.Eah8cQf-CHo.es5.O/d=1/rs=AJlcJMzqF0iVskCpwsc67lP7h0rjB4gITA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bf487dd7ed5579bad336e44f4abe7e045fe2448a3ed1c117d59b495058511917
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-csPkmPPKYbnqaj2aLw55zA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-csPkmPPKYbnqaj2aLw55zA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-csPkmPPKYbnqaj2aLw55zA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-csPkmPPKYbnqaj2aLw55zA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Wed, 25 May 2022 16:31:51 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-24751788-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
763
date
Wed, 25 May 2022 16:19:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 25 May 2022 18:19:08 GMT
js
www.googletagmanager.com/gtag/ 		188 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H1GQCMWBQ8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-24751788-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
42985f4a8c09da766c5cab961d92a34410aa4573e815e280afac5912a54a767d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:51 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69508
x-xss-protection
0
expires
Wed, 25 May 2022 16:31:51 GMT
hotjar-2908695.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2908695.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TH5RJSX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-49.fra56.r.cloudfront.net
Software
/
Resource Hash
5bf834b967a994e6053529d48691c1aaebae0e5248aa4a31f7ac77e73c22af4f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:28 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
40
etag
W/2d0a31e51be9977baf88fe5f28a16947
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
2kRUZ5lcPGQQ5jznS0TmDv0CysqkzylKZi5e4rw_WT6DcKluzICS2g==
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
about
forum.festileaks.com/members/online-casino-nederland.41364/ 		1 KB
838 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forum.festileaks.com/members/online-casino-nederland.41364/about?_xfRequestUri=%2Fmembers%2Fonline-casino-nederland.41364%2F&_xfWithData=1&_xfToken=1653496310%2C00eb813f21833735c767eba3e3945cbf&_xfResponseType=json
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/js/vendor/jquery/jquery-3.5.1.min.js?_v=2e74f03f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS
vps-b5231.firstfind.nl
Software
nginx /
Resource Hash
5ebd3e09e85bba0efa38f6e93cce1c628184937ba49387def07667f3f4991a3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://forum.festileaks.com/members/online-casino-nederland.41364/
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 16:31:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 25 May 2022 16:31:51 GMT
server
nginx
x-frame-options
SAMEORIGIN
x-cache
not cached
content-type
application/json; charset=utf-8
cache-control
private, no-cache, max-age=0
vary
Accept-Encoding
content-length
566
expires
Thu, 19 Nov 1981 08:52:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1712881253&t=pageview&_s=1&dl=https%3A%2F%2Fforum.festileaks.com%2Fmembers%2Fonline-casino-nederland.41364%2F&ul=en-us&de=UTF-8&dt=Online%20Casino%20Nederland%20%7C%20Festileaks%20Festival%20Forum&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=486962359&gjid=1244989794&cid=2136968715.1653496311&tid=UA-24751788-1&_gid=709759910.1653496311&_r=1&gtm=2ou5n0&z=798306447
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://forum.festileaks.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 May 2022 16:31:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://forum.festileaks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1712881253&t=pageview&_s=1&dl=https%3A%2F%2Fforum.festileaks.com%2Fmembers%2Fonline-casino-nederland.41364%2F&ul=en-us&de=UTF-8&dt=Online%20Casino%20Nederland%20%7C%20Festileaks%20Festival%20Forum&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=409556988&gjid=1067152913&cid=2136968715.1653496311&tid=UA-24751788-1&_gid=709759910.1653496311&_r=1&gtm=2wg5n0TH5RJSX&z=1463602070
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://forum.festileaks.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 May 2022 16:31:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://forum.festileaks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		60 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.nl.Y1JK6hQ3rEI.es5.O/d=1/rs=AJlcJMzBVW80OyrfaBcLUPRK53v0OUP8aw/m=iabtcfv2wallscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f230a444e08c75e1ef387df50bb23b6cc0a63386bed85918c3d6e5b88d5c09d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 25 May 2022 16:31:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 25 May 2022 16:31:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 25 May 2022 16:31:51 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-H1GQCMWBQ8&gtm=2oe5n0&_p=1712881253&_z=ccd.NNB&cid=2136968715.1653496311&ul=en-us&sr=1600x1200&_s=1&sid=1653496311&sct=1&seg=0&dl=https%3A%2F%2Fforum.festileaks.com%2Fmembers%2Fonline-casino-nederland.41364%2F&dt=Online%20Casino%20Nederland%20%7C%20Festileaks%20Festival%20Forum&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H1GQCMWBQ8&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 16:31:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://forum.festileaks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-24751788-1&cid=2136968715.1653496311&jid=486962359&gjid=1244989794&_gid=709759910.1653496311&_u=YEBAAUAAAAAAAC~&z=1738887520
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://forum.festileaks.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 25 May 2022 16:31:51 GMT
content-type
text/plain
access-control-allow-origin
https://forum.festileaks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-24751788-1&cid=2136968715.1653496311&jid=409556988&gjid=1067152913&_gid=709759910.1653496311&_u=YEDAAUABAAAAAC~&z=36698956
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://forum.festileaks.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 25 May 2022 16:31:51 GMT
content-type
text/plain
access-control-allow-origin
https://forum.festileaks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxUK9OJvSFb23WqlrHAEnNEvcWMi2ZJHb8bjJqpRnIis-461oTlr1fDrmp0-t6d421LCS1E9quah5S9Zo67FZXiAp1rcQJkxXkkMxB-OCY-SLrl9rq7soRrSy2VEff1FiwHcmNmEO7qHHvRuTuiWzd7z5Cz8LdQ-Ro9Hvk0jkyM601c4WO_tzLTxOs_R
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUK9OJvSFb23WqlrHAEnNEvcWMi2ZJHb8bjJqpRnIis-461oTlr1fDrmp0-t6d421LCS1E9quah5S9Zo67FZXiAp1rcQJkxXkkMxB-OCY-SLrl9rq7soRrSy2VEff1FiwHcmNmEO7qHHvRuTuiWzd7z5Cz8LdQ-Ro9Hvk0jkyM601c4WO_tzLTxOs_R?dmid=913dd1d6d7ae46e
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.nl.Y1JK6hQ3rEI.es5.O/d=1/rs=AJlcJMzBVW80OyrfaBcLUPRK53v0OUP8aw/m=iabtcfv2wallscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0q0iiTVgO0LWWUlP10cxSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-0q0iiTVgO0LWWUlP10cxSg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://forum.festileaks.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 May 2022 16:31:51 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://forum.festileaks.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-0q0iiTVgO0LWWUlP10cxSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-0q0iiTVgO0LWWUlP10cxSg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
modules.7a321ecb93fde9f07226.js
script.hotjar.com/ 		243 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.7a321ecb93fde9f07226.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2908695.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-86.dus51.r.cloudfront.net
Software
/
Resource Hash
ee667207ac60603f3c61f3b703583aace2b20211971808fa86f4e4c93619d958
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:46:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
103544
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
63914
access-control-allow-origin
*
last-modified
Tue, 24 May 2022 11:46:00 GMT
etag
"913be037dec49b596e1cf5ff932a2a6e"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
5FsrXlau0fjGZvGkjh_7BWtFRZ7Wcc1Yed2CsmEoJ10VPCn5G01CLQ==
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v129/ 		124 KB
124 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v129/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d8fbe04b63d3e31f3316706bf9ee8ad684beb9e85739d793e49013b99bd9bb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://forum.festileaks.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 20:01:17 GMT
x-content-type-options
nosniff
age
73834
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127244
x-xss-protection
0
last-modified
Tue, 24 May 2022 18:27:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 May 2023 20:01:17 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://forum.festileaks.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 19:07:55 GMT
x-content-type-options
nosniff
age
163436
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 May 2023 19:07:55 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://forum.festileaks.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 12:16:38 GMT
x-content-type-options
nosniff
age
188113
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 May 2023 12:16:38 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-24751788-1&cid=2136968715.1653496311&jid=486962359&_u=YEBAAUAAAAAAAC~&z=789355677
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 16:31:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-24751788-1&cid=2136968715.1653496311&jid=486962359&_u=YEBAAUAAAAAAAC~&z=789355677
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 16:31:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-24751788-1&cid=2136968715.1653496311&jid=409556988&_u=YEDAAUABAAAAAC~&z=332473181
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 16:31:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-24751788-1&cid=2136968715.1653496311&jid=409556988&_u=YEDAAUABAAAAAC~&z=332473181
Requested by
Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.festileaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 16:31:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-4924254a9ce4dc9b959b6e4a9b662d60.html
vars.hotjar.com/ Frame BCE4 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2908695.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-53.dus51.r.cloudfront.net
Software
/
Resource Hash
67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9

Request headers

Referer
https://forum.festileaks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
3649365
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Apr 2022 10:49:06 GMT
etag
"1635635016e428baa170305e9282c34a"
last-modified
Wed, 13 Apr 2022 10:48:29 GMT
vary
Accept-Encoding
via
1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
x-amz-cf-id
hmH0A2BXAeVigHA4i8Dm-NecOa4y9Nvrs2LVWo2sZT4XRv-xrATEfQ==
x-amz-cf-pop
DUS51-P2
x-cache
Hit from cloudfront
x-robots-tag
none
visit-data
in.hotjar.com/api/v2/client/sites/2908695/ 		147 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/2908695/visit-data?sv=7
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.7a321ecb93fde9f07226.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.211.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-211-64.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3e8e76a70b5ec0a97f60491364274ab39aebd8f949b6a310a174633b015d4738

Request headers

Referer
https://forum.festileaks.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Wed, 25 May 2022 16:31:51 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cmp.nextday.media
URL
https://cmp.nextday.media/cmp.ndmtag.bundle.js

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| XF function| gtag object| dataLayer object| googletag function| ssppIsIncluded object| ssppAdSlot function| ssppDelay number| ssppAdRequestCount function| ssppRunFinish object| ssppParams object| ssppUrlParams object| ssppPrebid object| pbjss function| tcfReady function| ssppInitAd function| ssppPromise function| ssppFkRv function| ssppSetVast function| ssppAllSettled function| ssppRunAd function| __d3lUW8vwsKlB__ object| themehouse object| __core-js_shared__ object| core object| regeneratorRuntime function| Sspp function| SsppPlus string| xmlStr function| $ function| jQuery object| Mustache function| Pikaday function| autosize function| pbjssChunk object| _pbjssGlobals object| ggeac object| google_tag_data object| google_js_reporting_queue object| $jscomp object| google_tag_manager function| $jscomp$lookupPolyfilledValue object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef object| YWNlMGEzNTZkNDJjMzQzZGxvYWRlcl9qcw== string| YWNlMGEzNTZkNDJjMzQzZGNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| gaplugins object| gaGlobal object| gaData object| default_ContributorIabTcfV2ClientJs function| __g78fHfh446__ function| onYouTubeIframeAPIReady undefined| google_measure_js_timing object| gam_desktop_lb_bb_xl_mapping object| gam_desktop_lb_mapping object| gam_tablet_mapping object| gam_mobile_header_mapping object| gam_mobile_mapping object| gam_static_top_alpha_desktop object| gam_static_top_bravo_desktop object| gam_static_bot_alpha_desktop object| gam_static_in_content_desktop object| gam_static_top_alpha_tablet object| gam_static_top_bravo_tablet object| gam_static_bot_bravo_tablet object| gam_static_in_content_tablet object| gam_static_top_alpha_mobile object| gam_static_top_bravo_mobile object| gam_static_bot_alpha_mobile object| gam_static_in_content_mobile object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules

12 Cookies

Domain/Path Name / Value
forum.festileaks.com/ Name: xf2_csrf
Value: 1d_ZWhvzgb5FsjBG
.festileaks.com/ Name: _gid
Value: GA1.2.709759910.1653496311
.festileaks.com/ Name: _gat_gtag_UA_24751788_1
Value: 1
.festileaks.com/ Name: _gat_UA-24751788-1
Value: 1
.festileaks.com/ Name: _ga_H1GQCMWBQ8
Value: GS1.1.1653496311.1.0.1653496311.0
.festileaks.com/ Name: _ga
Value: GA1.1.2136968715.1653496311
.festileaks.com/ Name: _hjSessionUser_2908695
Value: eyJpZCI6ImIwODhkY2NlLTZmYjUtNWMzNC05MzMwLTNmMzVmYmI5NWM2YyIsImNyZWF0ZWQiOjE2NTM0OTYzMTE1OTYsImV4aXN0aW5nIjpmYWxzZX0=
.festileaks.com/ Name: _hjFirstSeen
Value: 1
forum.festileaks.com/ Name: _hjIncludedInSessionSample
Value: 0
.festileaks.com/ Name: _hjSession_2908695
Value: eyJpZCI6IjNlYjg5MjhhLTM0MzMtNGI0Mi1hNjhmLWEwNmY2Y2JmNDY2NSIsImNyZWF0ZWQiOjE2NTM0OTYzMTE2MjQsImluU2FtcGxlIjpmYWxzZX0=
forum.festileaks.com/ Name: _hjIncludedInPageviewSample
Value: 1
.festileaks.com/ Name: _hjAbsoluteSessionInProgress
Value: 0

2 Console Messages

Source Level URL
Text
network error URL: https://cmp.nextday.media/cmp.ndmtag.bundle.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://forum.festileaks.com/lazy-load.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cmp.nextday.media
feeds.adrequest.net
festileaks.com
fonts.googleapis.com
fonts.gstatic.com
forum.festileaks.com
fundingchoicesmessages.google.com
in.hotjar.com
resources.adrequest.net
script.hotjar.com
secure.gravatar.com
securepubads.g.doubleclick.net
static.hotjar.com
stats.g.doubleclick.net
tinyurl.com
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.googletagservices.com
cmp.nextday.media
108.157.4.53
108.157.4.86
142.250.185.226
2606:4700:10::6814:8a41
2a00:1450:4001:801::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2004
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c1b::9a
2a04:fa87:fffe::c000:4902
34.250.211.64
5.157.87.144
65.9.63.49
91.224.242.15
91.224.242.17
03e9903204561f2a2bdc85b768de9cebb2a59d97513c8e41fe32f250dc144294
0682e25804d75ee67c4be9254e80883e3ee2df63c57dac331fc3e38c255c83eb
0740cfa18f7a531068226a5942c41a8f0624789cd2cb46597a7ca0259752295a
07bc57e035505f4e21fbca448d989e90d8945eeda2bf78d921492c729a709a71
10af9b7e04c1c83b6d8bf2b00d0cfa2a5cd7c0ad7d02fb449fac19a38a8b12d1
1193e835baf1666d6e589dc3bfee84e7482c8a7536c35883d10cc11abd134604
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
12a4495dcf4f799da379ec9caf3cfd5fbc675b6228d9ce5dc00eed49bfb5128c
1315511a86bd53cb54131134f50a5b410df46cdd29084cb7403a0c5a6d04a7ac
162ded05f97ed443e05d0b1d74e11c396a242937fd48b3b436f8f6d568f6c49c
2d8fbe04b63d3e31f3316706bf9ee8ad684beb9e85739d793e49013b99bd9bb2
2f274476eadd5bd8c51a3609df13ad472202bbc83398474399adbda6f7e2543a
331cc5fee8a298c3d99afe2d7534d53c4ff6c1e5ce6756e8e84ea40b8500b580
34845bb6344cdad5b3e15a37bcfee67bde497cdf5805d31c952c35a92b630e67
3b137d3cf2f19f06c81e624265c17910d52ea2c73ed522ed1c08215dbf5249e1
3bb0e231fc7fd3a5401b3159990a4718a2257c594cdba910d15b47a80f27ead3
3e8e76a70b5ec0a97f60491364274ab39aebd8f949b6a310a174633b015d4738
42985f4a8c09da766c5cab961d92a34410aa4573e815e280afac5912a54a767d
460037b31250d5410c909ac7bb553b4de2dcbcbc52a9f7699a7fcf2afc2e6461
4b7fb9af94daa4c004cca7dcdc0142d75c7924c88b3b9249c3fa846bb8937eef
4ca5c394b025a327b799f80fb140f4702eac4838bbcbf6d19c1c3c27dcfa26a0
555e7d6143a698dfd9bb91775419f620dbcfb6b44d3a1a23f85d1094ddf84159
590cc18e3930c115690a4324b121b446a28761f33cc508f4ec900963963960a2
5bf834b967a994e6053529d48691c1aaebae0e5248aa4a31f7ac77e73c22af4f
5ebd3e09e85bba0efa38f6e93cce1c628184937ba49387def07667f3f4991a3b
67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9
76f43d1677e854d0a99af07594a5e7646263159f320b078d18c914f77531958a
7e5c23918762997e2851f5ca38481431503c5a7036e19a128035804a935c0e4e
844723d288a84c14a3f75ff2db1463fca5b4c4c710e3cc3a111624ed959665d9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3e4a88444af4b36d4346b0d279af5cc7c0cb6e648e13cf71b289b7c25cbcc3a
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a97392a02775136f7fcda1786540414e4a6595f79c49dc1bc9c790f472a9a9f3
abaa372b94de7240fc0834dbe48ab3f3b9613d901230ef32c3e69153dbc002f8
ad3c275735870026563e2df3e1c609b11cb993c053cda3a7d5d0204afa320bd2
b0f14923999bf5764e94d9242396f5f774cde17ecf5fc0f0ba3638215718162f
b2b1dec112659f4ebebe1b62a838d3fb57a67fb0d31baa1371c3fe5420643120
b48fc223d524430ef86336e524ca8b95b74927ca840abc04a0407b58e5905823
bf487dd7ed5579bad336e44f4abe7e045fe2448a3ed1c117d59b495058511917
ccbc9114f0936679a5cd479c160113532ab0fcaa4d1e9cd8b298a6c6f15ba014
cd5051d15ab5051e0cbd9414ebd4327bf42bcbe0ba0b528b27835c14bb43c7cf
d4e14fe027197ebdbd6e9ab1f0d963379e4851fdbe85225acf84ef2f1f67558d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e80a6b4b666563841ab840a29d19a5ed27166c62c072d1f0df31321e3aed64f9
ee667207ac60603f3c61f3b703583aace2b20211971808fa86f4e4c93619d958
eeedfd9404ebf11862c1c06b21162cbbb8a1c40b2ad18a76137a47fee0814349
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f230a444e08c75e1ef387df50bb23b6cc0a63386bed85918c3d6e5b88d5c09d5
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f985c5f236e82d857e6411718352aa8c4523f747dbb15c1f9f170b91af85c5bc