urlscan.io logo urlscan.io
SecurityTrails logo

www.ballets.com Open in urlscan Pro
81.95.119.61  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mailings.confidus.be/t/j-l-ghjhdil-nlrtrtjtk-t/
Effective URL: https://www.ballets.com/all/black-swan-brussels?ts=tickets
Submission: On October 24 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 22 HTTP transactions. The main IP is 81.95.119.61, located in Kapellen, Belgium and belongs to LCPDCO LCP AS dc oostkamp, BE. The main domain is www.ballets.com.
TLS certificate: Issued by R10 on October 13th 2024. Valid for: 3 months.
This is the only time www.ballets.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.183.0.47 16509 (AMAZON-02)
13 81.95.119.61 42160 (LCPDCO LC...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2a03:2880:f17... 32934 (FACEBOOK)
22 7
1    54.183.0.47 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-183-0-47.us-west-1.compute.amazonaws.com
mailings.confidus.be
13    81.95.119.61 (Kapellen, Belgium)

ASN42160 (LCPDCO LCP AS dc oostkamp, BE)
PTR: s01.confidus.be
www.ballets.com
1    2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
13 ballets.com
www.ballets.com
807 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
72 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
33 KB
1 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 445
fonts.googleapis.com Failed
26 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1222
12 KB
1 confidus.be
mailings.confidus.be
419 B
22 7
Domain Requested by
13 www.ballets.com www.ballets.com
2 www.facebook.com www.ballets.com
2 connect.facebook.net www.ballets.com
connect.facebook.net
2 cdnjs.cloudflare.com www.ballets.com
1 maps.googleapis.com www.ballets.com
1 use.fontawesome.com www.ballets.com
1 mailings.confidus.be 1 redirects
0 fonts.googleapis.com Failed www.ballets.com
22 8

This site contains links to these domains. Also see Links.

Domain
www.ticketmaster.be
www.facebook.com
www.instagram.com
www.youtube.com
Subject Issuer Validity Valid
ballets.be
R10		 2024-10-13 -
2025-01-11		 3 months crt.sh
use.fontawesome.com
WE1		 2024-09-09 -
2024-12-09		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-02 -
2024-10-31		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.ballets.com/all/black-swan-brussels?ts=tickets
Frame ID: BC733647066C572F07C5A834B4C6265A
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Black Swan - Ballets.com

Page URL History Show full URLs

  1. https://mailings.confidus.be/t/j-l-ghjhdil-nlrtrtjtk-t/ HTTP 302
    https://www.ballets.com/all/black-swan-brussels?ts=tickets Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

22
Requests

95 %
HTTPS

71 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

953 kB
Transfer

1321 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mailings.confidus.be/t/j-l-ghjhdil-nlrtrtjtk-t/ HTTP 302
    https://www.ballets.com/all/black-swan-brussels?ts=tickets Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request black-swan-brussels
www.ballets.com/all/
Redirect Chain
  • https://mailings.confidus.be/t/j-l-ghjhdil-nlrtrtjtk-t/
  • https://www.ballets.com/all/black-swan-brussels?ts=tickets
27 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ballets.com/all/black-swan-brussels?ts=tickets
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.95.119.61 Kapellen, Belgium, ASN42160 (LCPDCO LCP AS dc oostkamp, BE),
Reverse DNS
s01.confidus.be
Software
Apache/2 / PHP/7.3.33
Resource Hash
93520eefddd8d55afef649b94584b88377be54ca06194c90d3d934c7b06834c0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
7313
content-type
text/html; charset=UTF-8
date
Thu, 24 Oct 2024 14:43:05 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache/2
vary
Accept-Encoding,User-Agent
x-powered-by
PHP/7.3.33

Redirect headers

content-length
167
content-type
text/html
date
Thu, 24 Oct 2024 14:43:05 GMT
location
https://www.ballets.com/all/black-swan-brussels?ts=tickets
referrer-policy
no-referrer-when-downgrade
server
csw
x-content-type-options
nosniff
x-xss-protection
1; mode=block
style.css
www.ballets.com/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ballets.com/css/style.css
Requested by
Host: www.ballets.com
URL: https://www.ballets.com/all/black-swan-brussels?ts=tickets
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.95.119.61 Kapellen, Belgium, ASN42160 (LCPDCO LCP AS dc oostkamp, BE),
Reverse DNS
s01.confidus.be
Software
Apache/2 /
Resource Hash
e0a99a970153b45cd5eebba5c34221073455e5ce0ce06a44c60505578286e90e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.ballets.com/all/black-swan-brussels?ts=tickets

Response headers

content-encoding
gzip
etag
"45ad-5bb8504f89e00-gzip"
accept-ranges
bytes
content-length
3385
date
Thu, 24 Oct 2024 14:43:05 GMT
last-modified
Wed, 17 Feb 2021 09:41:12 GMT
vary
Accept-Encoding,User-Agent
server
Apache/2
content-type
text/css
all.css
use.fontawesome.com/releases/v5.6.3/css/ 		52 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by
Host: www.ballets.com
URL: https://www.ballets.com/all/black-swan-brussels?ts=tickets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.ballets.com
Referer
https://www.ballets.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"dc93d584e41f8417f6b7163320d34329"
age
850083
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FbEs3AkihEwjcoBOvVP4lwSBcUf%2FXSTHgIUxDtk7LM0Imzb3q%2BaF4u2oHoinahsVXrmf9fB45j5Ig9D1XM%2BnX1WLCM%2B7ZciYxNM85WALXnIP9sY88DxZWIoFEVpjFZ7Fjj7FlZaIaxdj0qFZ1GzQ78o1"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=20195&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3983&recv_bytes=2199&delivery_rate=195389&cwnd=252&unsent_bytes=0&cid=2e56a6c6c9ec767c&ts=36&x=0"
date
Thu, 24 Oct 2024 14:43:05 GMT
content-type
text/css
last-modified
Fri, 22 Sep 2023 01:45:44 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7abcba6dfbd39d-FRA
access-control-allow-origin
*
server
cloudflare
logo.png
www.ballets.com/images/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ballets.com/images/logo.png
Requested by
Host: www.ballets.com
URL: https://www.ballets.com/all/black-swan-brussels?ts=tickets
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.95.119.61 Kapellen, Belgium, ASN42160 (LCPDCO LCP AS dc oostkamp, BE),
Reverse DNS
s01.confidus.be
Software
Apache/2 /
Resource Hash
ba952dea16234ffe6ab1c0e7c4bf88a0b894051d7b7100479eebb9212dec9017

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.ballets.com/all/black-swan-brussels?ts=tickets

Response headers

accept-ranges
bytes
content-length
13777
etag
"35d1-5f5739f0c9780"
date
Thu, 24 Oct 2024 14:43:05 GMT
last-modified
Fri, 24 Feb 2023 15:17:02 GMT
content-type
image/png
server
Apache/2
88EU4vUpCdxIc4zsJHe1kGJwGzwICYU2426x1365.jpg
www.ballets.com/upload/ 		762 KB
762 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ballets.com/upload/88EU4vUpCdxIc4zsJHe1kGJwGzwICYU2426x1365.jpg
Requested by
Host: www.ballets.com
URL: https://www.ballets.com/all/black-swan-brussels?ts=tickets
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.95.119.61 Kapellen, Belgium, ASN42160 (LCPDCO LCP AS dc oostkamp, BE),
Reverse DNS
s01.confidus.be
Software
Apache/2 /
Resource Hash
236f19f7ee14706a48895ad77cfc041bc79ef794911edd8a577b70385b382c7b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.ballets.com/all/black-swan-brussels?ts=tickets

Response headers

accept-ranges
bytes
content-length
780186
etag
"be79a-6067a5dd0b680"
date
Thu, 24 Oct 2024 14:43:05 GMT
last-modified
Fri, 29 Sep 2023 07:28:10 GMT
content-type
image/jpeg
server
Apache/2
staticmap
maps.googleapis.com/maps/api/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/api/staticmap?center=Rue%20de%20l%27Enseignement%2081,%201000%20Bruxelles,%20Belgium&zoom=14&size=420x180&maptype=roadmap&markers=size:big%7Ccolor:green%7CRue%20de%20l%27Enseignement%2081,%201000%20Bruxelles,%20Belgium&sensor=false&key=AIzaSyB1rYHrOkOzy_mbaF7Veazj7Zx2RjrE_kQ
Requested by
Host: www.ballets.com
URL: https://www.ballets.com/all/black-swan-brussels?ts=tickets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
88b44415e918bd3dd50f59b5a3267a72cf3b00c26c2ec4fbfad352a0aa7e8f6d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.ballets.com/

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/msaispmnec:830:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/msaispmnec:830:0
expires
Fri, 25 Oct 2024 14:43:06 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
26167
server-timing
gfet4t7; dur=176
date
Thu, 24 Oct 2024 14:43:06 GMT
x-xss-protection
0
content-type
image/png
vary
Accept-Language
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
france.png
www.ballets.com/images/flags/ 		414 B
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ballets.com/images/flags/france.png
Requested by
Host: www.ballets.com
URL: https://www.ballets.com/all/black-swan-brussels?ts=tickets
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.95.119.61 Kapellen, Belgium, ASN42160 (LCPDCO LCP AS dc oostkamp, BE),
Reverse DNS
s01.confidus.be
Software
Apache/2 /
Resource Hash
11fbc02330bb6a27c43ca25bb3ecb0aaf9914e2fe5b67ed644e996e81c16a179

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.ballets.com/all/black-swan-brussels?ts=tickets

Response headers

accept-ranges
bytes
content-length
414
etag
"19e-6113fce0f8780"
date
Thu, 24 Oct 2024 14:43:06 GMT
last-modified
Tue, 13 Feb 2024 09:13:18 GMT
content-type
image/png
server
Apache/2
finland.png
www.ballets.com/images/flags/ 		304 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ballets.com/images/flags/finland.png
Requested by
Host: www.ballets.com
URL: https://www.ballets.com/all/black-swan-brussels?ts=tickets
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.95.119.61 Kapellen, Belgium, ASN42160 (LCPDCO LCP AS dc oostkamp, BE),
Reverse DNS
s01.confidus.be
Software
Apache/2 /
Resource Hash
46f39e984cdd95503b84503db9cf31ae9ad42b312035e43723fd0d1f010c1276

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.ballets.com/all/black-swan-brussels?ts=tickets

Response headers

accept-ranges
bytes
content-length
304
etag
"130-5f5c515e14300"
date
Thu, 24 Oct 2024 14:43:06 GMT
last-modified
Tue, 28 Feb 2023 16:28:28 GMT
content-type
image/png
server
Apache/2
belgium.png
www.ballets.com/images/flags/ 		309 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ballets.com/images/flags/belgium.png
Requested by
Host: www.ballets.com
URL: https://www.ballets.com/all/black-swan-brussels?ts=tickets
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.95.119.61 Kapellen, Belgium, ASN42160 (LCPDCO LCP AS dc oostkamp, BE),
Reverse DNS
s01.confidus.be
Software
Apache/2 /
Resource Hash
0970f00488dfc5aabaae43070b5c70bd7e8f7155f2f57aa8ef980b2addb8fff6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.ballets.com/all/black-swan-brussels?ts=tickets

Response headers

accept-ranges
bytes
content-length
309
etag
"135-5f5c5152a2800"
date
Thu, 24 Oct 2024 14:43:06 GMT
last-modified
Tue, 28 Feb 2023 16:28:16 GMT
content-type
image/png
server
Apache/2
switzerland.png
www.ballets.com/images/flags/ 		541 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ballets.com/images/flags/switzerland.png
Requested by
Host: www.ballets.com
URL: https://www.ballets.com/all/black-swan-brussels?ts=tickets
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.95.119.61 Kapellen, Belgium, ASN42160 (LCPDCO LCP AS dc oostkamp, BE),
Reverse DNS
s01.confidus.be
Software
Apache/2 /
Resource Hash
1a38d60068b170da32e587663766fa99188e2c3e26a2da995cd2045d68b78988

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.ballets.com/all/black-swan-brussels?ts=tickets

Response headers

accept-ranges
bytes
content-length
541
etag
"21d-624c0d9395d40"
date
Thu, 24 Oct 2024 14:43:06 GMT
last-modified
Fri, 18 Oct 2024 14:09:17 GMT
content-type
image/png
server
Apache/2
facebook.svg
www.ballets.com/images/ 		928 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ballets.com/images/facebook.svg
Requested by
Host: www.ballets.com
URL: https://www.ballets.com/all/black-swan-brussels?ts=tickets
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.95.119.61 Kapellen, Belgium, ASN42160 (LCPDCO LCP AS dc oostkamp, BE),
Reverse DNS
s01.confidus.be
Software
Apache/2 /
Resource Hash
f29dba1f891132b30a013a3c18bdcb42dcd6e0ca5bd45b6ac5562215175f00f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.ballets.com/all/black-swan-brussels?ts=tickets

Response headers

content-encoding
gzip
etag
"3a0-5151afae1fa80-gzip"
accept-ranges
bytes
content-length
574
date
Thu, 24 Oct 2024 14:43:06 GMT
last-modified
Sat, 02 May 2015 15:28:26 GMT
vary
Accept-Encoding,User-Agent
server
Apache/2
content-type
image/svg+xml
instagram.svg
www.ballets.com/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ballets.com/images/instagram.svg
Requested by
Host: www.ballets.com
URL: https://www.ballets.com/all/black-swan-brussels?ts=tickets
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.95.119.61 Kapellen, Belgium, ASN42160 (LCPDCO LCP AS dc oostkamp, BE),
Reverse DNS
s01.confidus.be
Software
Apache/2 /
Resource Hash
f8133191e350c34ac1bc227cfa742f25c4ecc4a0d7b6f578e9576d57b590bf53

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.ballets.com/all/black-swan-brussels?ts=tickets

Response headers

content-encoding
gzip
etag
"108e-5465080748080-gzip"
accept-ranges
bytes
content-length
1591
date
Thu, 24 Oct 2024 14:43:06 GMT
last-modified
Tue, 17 Jan 2017 20:54:10 GMT
vary
Accept-Encoding,User-Agent
server
Apache/2
content-type
image/svg+xml
youtube.svg
www.ballets.com/images/ 		785 B
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ballets.com/images/youtube.svg
Requested by
Host: www.ballets.com
URL: https://www.ballets.com/all/black-swan-brussels?ts=tickets
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.95.119.61 Kapellen, Belgium, ASN42160 (LCPDCO LCP AS dc oostkamp, BE),
Reverse DNS
s01.confidus.be
Software
Apache/2 /
Resource Hash
0ab916638d72447815d88b8e7e5023490c567873486f200973eefe222fdb1746

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.ballets.com/all/black-swan-brussels?ts=tickets

Response headers

content-encoding
gzip
etag
"311-5465080748080-gzip"
accept-ranges
bytes
content-length
503
date
Thu, 24 Oct 2024 14:43:06 GMT
last-modified
Tue, 17 Jan 2017 20:54:10 GMT
vary
Accept-Encoding,User-Agent
server
Apache/2
content-type
image/svg+xml
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.11.2/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.2/jquery.min.js
Requested by
Host: www.ballets.com
URL: https://www.ballets.com/all/black-swan-brussels?ts=tickets
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4ec583c7604001f87233d1fe0076cbd909f15a5f8c6b4c3f5dd81b462d79d32
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.ballets.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ec4-176de"
age
79794
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KPFl5azv58brnHnf9N29WuLiqGI%2BjyC9yP9sWFsFKtzGg07BZHwMllgPWxmngnCcqK7wGj7ylgioRVSwFaq8QUyzfVOtxA%2BIy5qubF%2BGfomDbrmbaYomG%2F3P7L6sslUIM3ZmMtGf4gft6pEf2JT5bQrS"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 14 Oct 2025 14:43:06 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 14:43:06 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:48 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d7abcbbaa724dc4-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
29919
server
cloudflare
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.2.1/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.2.1/jquery-migrate.min.js
Requested by
Host: www.ballets.com
URL: https://www.ballets.com/all/black-swan-brussels?ts=tickets
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.ballets.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ec2-1c20"
age
76495
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nzayYZsLSfKAjzEwx66Opv8OidZRJBJuX8ASOqzWp22NZHYOlknQbwXD4gH2El0w5kL1IkYgdQpH311I4fHt541pzV2wTHkILnHJuDGZMmASNRAF36ibi2VWXdf14gFmzLoRJvaMo%2BFpQmKIlD%2F6DCsj"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 14 Oct 2025 14:43:06 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 14:43:06 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:46 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d7abcbbaa704dc4-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2687
server
cloudflare
main.js
www.ballets.com/javascript/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ballets.com/javascript/main.js
Requested by
Host: www.ballets.com
URL: https://www.ballets.com/all/black-swan-brussels?ts=tickets
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.95.119.61 Kapellen, Belgium, ASN42160 (LCPDCO LCP AS dc oostkamp, BE),
Reverse DNS
s01.confidus.be
Software
Apache/2 /
Resource Hash
920ab7a4ccb29914fdba91a5543135d83ee54d78808948c81b6010f738bc19c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.ballets.com/all/black-swan-brussels?ts=tickets

Response headers

content-encoding
gzip
etag
"1313-51559b0eabe00-gzip"
accept-ranges
bytes
content-length
1405
date
Thu, 24 Oct 2024 14:43:06 GMT
last-modified
Tue, 05 May 2015 18:17:28 GMT
vary
Accept-Encoding,User-Agent
server
Apache/2
content-type
application/javascript
css
fonts.googleapis.com/ 		0
0
fbevents.js
connect.facebook.net/en_US/ 		228 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.ballets.com
URL: https://www.ballets.com/all/black-swan-brussels?ts=tickets
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-R9JGWbzN' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.ballets.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 14:43:06 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-R9JGWbzN' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=23, mss=1232, tbw=4547, tp=11, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
CMay5Ooo5epXhiOCVil3anI7XFSnjgLD/imTfMURj3e2DX0PNBwLW5AMFrNtpTvZhl50gYkFTwCJoIECpKvhdQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59508
x-xss-protection
0
origin-agent-cluster
?1
455893513343799
connect.facebook.net/signals/config/ 		68 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/455893513343799?v=2.9.173&r=stable&domain=www.ballets.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1d94ffbd3ae4174566033138db4d0cd503abe730bfaf3faf519b621257aebf01
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.ballets.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 14:43:06 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=68, mss=1232, tbw=67747, tp=65, tpl=0, uplat=154, ullat=0
pragma
public
x-fb-debug
rorDqERaMsJOl7W2Kj2ULr9a26bpEB1bgCe29MOaHf2i+WXxLygDekzpM+QGAQtbXEVUU3z+ysqitnX/FBEIAg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=455893513343799&ev=PageView&dl=https%3A%2F%2Fwww.ballets.com%2Fall%2Fblack-swan-brussels%3Fts%3Dtickets&rl=&if=false&ts=1729780986470&sw=1600&sh=1200&v=2.9.173&r=stable&ec=0&o=4126&fbp=fb.1.1729780986469.687525611305828248&ler=empty&cdl=API_unavailable&it=1729780986269&coo=false&rqm=GET
Requested by
Host: www.ballets.com
URL: https://www.ballets.com/all/black-swan-brussels?ts=tickets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.ballets.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1328, tbw=2902, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 24 Oct 2024 14:43:06 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=455893513343799&ev=PageView&dl=https%3A%2F%2Fwww.ballets.com%2Fall%2Fblack-swan-brussels%3Fts%3Dtickets&rl=&if=false&ts=1729780986470&sw=1600&sh=1200&v=2.9.173&r=stable&ec=0&o=4126&fbp=fb.1.1729780986469.687525611305828248&ler=empty&cdl=API_unavailable&it=1729780986269&coo=false&rqm=FGET
Requested by
Host: www.ballets.com
URL: https://www.ballets.com/all/black-swan-brussels?ts=tickets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.ballets.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429352764720458534"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 14:43:06 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
V8NnbyBi0yPsdoMrh8D0YRf9BAe2j8CoEwUo3piyX9QnO560aj5FMt0ToSBDvbIx13/slVBiLs0qn9UEyE9MWg==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429352764720458534", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1328, tbw=3220, tp=-1, tpl=-1, uplat=258, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
favicon.png
www.ballets.com/images/ 		14 KB
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.ballets.com/images/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.95.119.61 Kapellen, Belgium, ASN42160 (LCPDCO LCP AS dc oostkamp, BE),
Reverse DNS
s01.confidus.be
Software
Apache/2 /
Resource Hash
90524907afbef98d0e7b4f34462ef53d42200a573b939debc29e238a36edf8ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.ballets.com/all/black-swan-brussels?ts=tickets

Response headers

accept-ranges
bytes
content-length
14564
etag
"38e4-5151afb1f0380"
date
Thu, 24 Oct 2024 14:43:06 GMT
last-modified
Sat, 02 May 2015 15:28:30 GMT
content-type
image/png
server
Apache/2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Open+Sans:300italic,400,600,700,300

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq function| $ function| jQuery

2 Cookies

Domain/Path Name / Value
www.ballets.com/ Name: PHPSESSID
Value: i91kjf0jnedjen5fs4p118n58e
.ballets.com/ Name: _fbp
Value: fb.1.1729780986469.687525611305828248

5 Console Messages

Source Level URL
Text
security warning URL: https://www.ballets.com/all/black-swan-brussels?ts=tickets
Message:
Mixed Content: The page at 'https://www.ballets.com/all/black-swan-brussels?ts=tickets' was loaded over HTTPS, but requested an insecure element 'http://maps.googleapis.com/maps/api/staticmap?center=Rue%20de%20l%27Enseignement%2081,%201000%20Bruxelles,%20Belgium&zoom=14&size=420x180&maptype=roadmap&markers=size:big%7Ccolor:green%7CRue%20de%20l%27Enseignement%2081,%201000%20Bruxelles,%20Belgium&sensor=false&key=AIzaSyB1rYHrOkOzy_mbaF7Veazj7Zx2RjrE_kQ'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://www.ballets.com/all/black-swan-brussels?ts=tickets
Message:
Mixed Content: The page at 'https://www.ballets.com/all/black-swan-brussels?ts=tickets' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Open+Sans:300italic,400,600,700,300'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://www.ballets.com/all/black-swan-brussels?ts=tickets(Line 469)
Message:
Mixed Content: The page at 'https://www.ballets.com/all/black-swan-brussels?ts=tickets' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://mailings.confidus.be/t/j/s/ntuqr/'. This endpoint should be made available over a secure connection.
security warning URL: https://www.ballets.com/all/black-swan-brussels?ts=tickets(Line 508)
Message:
Mixed Content: The page at 'https://www.ballets.com/all/black-swan-brussels?ts=tickets' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://mailings.confidus.be/t/j/s/ntuqr/'. This endpoint should be made available over a secure connection.
security warning URL: https://www.ballets.com/all/black-swan-brussels?ts=tickets(Line 525)
Message:
Mixed Content: The page at 'https://www.ballets.com/all/black-swan-brussels?ts=tickets' was loaded over HTTPS, but requested an insecure element 'http://maps.googleapis.com/maps/api/staticmap?center=Rue%20de%20l%27Enseignement%2081,%201000%20Bruxelles,%20Belgium&zoom=14&size=420x180&maptype=roadmap&markers=size:big%7Ccolor:green%7CRue%20de%20l%27Enseignement%2081,%201000%20Bruxelles,%20Belgium&sensor=false&key=AIzaSyB1rYHrOkOzy_mbaF7Veazj7Zx2RjrE_kQ'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
mailings.confidus.be
maps.googleapis.com
use.fontawesome.com
www.ballets.com
www.facebook.com
fonts.googleapis.com
2606:4700:3037::ac43:8ef5
2606:4700::6811:180e
2a00:1450:4001:809::200a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
54.183.0.47
81.95.119.61
0970f00488dfc5aabaae43070b5c70bd7e8f7155f2f57aa8ef980b2addb8fff6
0ab916638d72447815d88b8e7e5023490c567873486f200973eefe222fdb1746
11fbc02330bb6a27c43ca25bb3ecb0aaf9914e2fe5b67ed644e996e81c16a179
1a38d60068b170da32e587663766fa99188e2c3e26a2da995cd2045d68b78988
1d94ffbd3ae4174566033138db4d0cd503abe730bfaf3faf519b621257aebf01
236f19f7ee14706a48895ad77cfc041bc79ef794911edd8a577b70385b382c7b
46f39e984cdd95503b84503db9cf31ae9ad42b312035e43723fd0d1f010c1276
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
88b44415e918bd3dd50f59b5a3267a72cf3b00c26c2ec4fbfad352a0aa7e8f6d
90524907afbef98d0e7b4f34462ef53d42200a573b939debc29e238a36edf8ea
920ab7a4ccb29914fdba91a5543135d83ee54d78808948c81b6010f738bc19c0
93520eefddd8d55afef649b94584b88377be54ca06194c90d3d934c7b06834c0
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9
ba952dea16234ffe6ab1c0e7c4bf88a0b894051d7b7100479eebb9212dec9017
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
d4ec583c7604001f87233d1fe0076cbd909f15a5f8c6b4c3f5dd81b462d79d32
e0a99a970153b45cd5eebba5c34221073455e5ce0ce06a44c60505578286e90e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f29dba1f891132b30a013a3c18bdcb42dcd6e0ca5bd45b6ac5562215175f00f8
f8133191e350c34ac1bc227cfa742f25c4ecc4a0d7b6f578e9576d57b590bf53