urlscan.io logo urlscan.io
SecurityTrails logo

ambition.plugandpay.nl Open in urlscan Pro
2606:4700::6812:1788  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://masteryourtiktok.be/
Effective URL: https://ambition.plugandpay.nl/master-your-tiktok
Submission: On October 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 23 HTTP transactions. The main IP is 2606:4700::6812:1788, located in United States and belongs to CLOUDFLARENET, US. The main domain is ambition.plugandpay.nl.
TLS certificate: Issued by WE1 on September 15th 2024. Valid for: 3 months.
This is the only time ambition.plugandpay.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 217.19.237.54 34762 (COMBELL-AS)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700::68... 13335 (CLOUDFLAR...)
2 157.240.253.1 32934 (FACEBOOK)
6 142.250.186.163 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
23 7
1    217.19.237.54 (Belgium)

ASN34762 (COMBELL-AS, BE)
PTR: 217.19.237.54.static.hosted.by.combell.com
masteryourtiktok.be
5    2606:4700::6812:1788 (United States)

ASN13335 (CLOUDFLARENET, US)
ambition.plugandpay.nl
api.plugandpay.nl
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2606:4700::6812:125a (United States)

ASN13335 (CLOUDFLARENET, US)
aws.cdn-plugandpay.com
2    157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net
connect.facebook.net
6    142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
fonts.gstatic.com
1    2606:4700::6812:1688 (United States)

ASN13335 (CLOUDFLARENET, US)
api.plugandpay.nl
Apex Domain
Subdomains		 Transfer
8 cdn-plugandpay.com
aws.cdn-plugandpay.com
7 MB
6 gstatic.com
fonts.gstatic.com
122 KB
6 plugandpay.nl
ambition.plugandpay.nl
api.plugandpay.nl
42 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
71 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
2 KB
1 masteryourtiktok.be
masteryourtiktok.be
107 B
23 6
Domain Requested by
8 aws.cdn-plugandpay.com ambition.plugandpay.nl
6 fonts.gstatic.com fonts.googleapis.com
4 ambition.plugandpay.nl ambition.plugandpay.nl
2 api.plugandpay.nl ambition.plugandpay.nl
2 connect.facebook.net ambition.plugandpay.nl
connect.facebook.net
1 fonts.googleapis.com ambition.plugandpay.nl
1 masteryourtiktok.be 1 redirects
23 7

This site contains links to these domains. Also see Links.

Domain
plusdebeauthe.webinargeek.com
www.tiktok.com
calendly.com
Subject Issuer Validity Valid
plugandpay.nl
WE1		 2024-09-15 -
2024-12-14		 3 months crt.sh
upload.video.google.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
cdn-plugandpay.com
WE1		 2024-09-27 -
2024-12-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-07-13 -
2024-10-11		 3 months crt.sh
*.gstatic.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ambition.plugandpay.nl/master-your-tiktok
Frame ID: EFA47BC9915F5BC1F484A66EAB451F62
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ambition.plugandpay.nl

Page URL History Show full URLs

  1. https://masteryourtiktok.be/ HTTP 301
    https://ambition.plugandpay.nl/master-your-tiktok Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

23
Requests

100 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

7281 kB
Transfer

7737 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://masteryourtiktok.be/ HTTP 301
    https://ambition.plugandpay.nl/master-your-tiktok Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request master-your-tiktok
ambition.plugandpay.nl/
Redirect Chain
  • https://masteryourtiktok.be/
  • https://ambition.plugandpay.nl/master-your-tiktok
193 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ambition.plugandpay.nl/master-your-tiktok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1788 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.30
Resource Hash
c373cb7162335e9c38b1403440e51b6b9ba5e98c80aee33eda12d32a03e7eeac
Security Headers
Name Value
Content-Security-Policy frame-ancestors admin.plugandpay.com

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Tenant-Id, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Requested-With, Portal, Tenant, X-CSRF-TOKEN, x-socket-id, X-Dry-Run, Precognition, X-Accept-Language, x-tenant-id, x-page-builder-cache-token, X-IMU-AUTH, Precognitive
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
cache-control
max-age=31536000, public
cache-location
P&P
cf-cache-status
DYNAMIC
cf-ray
8cd57686cc3971ac-FRA
content-encoding
gzip
content-security-policy
frame-ancestors admin.plugandpay.com
content-type
text/html; charset=UTF-8
date
Fri, 04 Oct 2024 13:19:20 GMT
server
cloudflare
x-powered-by
PHP/8.1.30

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 04 Oct 2024 13:19:19 GMT
location
https://ambition.plugandpay.nl/master-your-tiktok
server
Apache
3f777ce4-b0a9-4f6a-8a30-c75709ef903b.css
ambition.plugandpay.nl/styling/ 		47 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ambition.plugandpay.nl/styling/3f777ce4-b0a9-4f6a-8a30-c75709ef903b.css?v=1721933672
Requested by
Host: ambition.plugandpay.nl
URL: https://ambition.plugandpay.nl/master-your-tiktok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1788 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.30
Resource Hash
b148ec8323e75fbfc4d0f43f88e52e24c9aebdca515379320faa024f30e67aca
Security Headers
Name Value
Content-Security-Policy frame-ancestors admin.plugandpay.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ambition.plugandpay.nl/master-your-tiktok

Response headers

cache-location
P&P
content-security-policy
frame-ancestors admin.plugandpay.com
cache-control
max-age=31536000, public
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
cf-ray
8cd576892e7b71ac-FRA
date
Fri, 04 Oct 2024 13:19:20 GMT
content-type
text/css; charset=UTF-8
x-powered-by
PHP/8.1.30
server
cloudflare
access-control-allow-headers
Accept, Tenant-Id, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Requested-With, Portal, Tenant, X-CSRF-TOKEN, x-socket-id, X-Dry-Run, Precognition, X-Accept-Language, x-tenant-id, x-page-builder-cache-token, X-IMU-AUTH, Precognitive
css2
fonts.googleapis.com/ 		31 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800;900&family=Poppins:wght@400;500;600;700;800;900&family=Inter+Tight:wght@400;500;600;700;800;900
Requested by
Host: ambition.plugandpay.nl
URL: https://ambition.plugandpay.nl/master-your-tiktok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7919273e171bfd578d1d7e225a472e3db92f1fd23da22fdd68a0c0e1bd4309a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ambition.plugandpay.nl/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 04 Oct 2024 13:19:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 04 Oct 2024 13:19:20 GMT
content-type
text/css; charset=utf-8
last-modified
Fri, 04 Oct 2024 13:19:20 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
705b969ca489ac38623e196d7b3b7c6f-pink-neon-frame-professional-twitter-profile-picture.png
aws.cdn-plugandpay.com/media/tenants/13236/202404/ 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aws.cdn-plugandpay.com/media/tenants/13236/202404/705b969ca489ac38623e196d7b3b7c6f-pink-neon-frame-professional-twitter-profile-picture.png?trim=0,0,0,0
Requested by
Host: ambition.plugandpay.nl
URL: https://ambition.plugandpay.nl/master-your-tiktok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:125a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2648be0f03f241dfc528241d9c5026fd087abc21d5c010024b8edc17ecacfc9b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ambition.plugandpay.nl/

Response headers

cf-cache-status
MISS
etag
"cfdObmCz1xF5aabJX95AO3aLXm0rUSTgnjqyjuv4PHDQ:705b969ca489ac38623e196d7b3b7c6f"
cf-bgj
imgq:0,h2pri
cf-resized
internal=ok/r q=0 n=149+2 c=2+0 v=2024.9.4 l=126695 f=false
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 13:19:20 GMT
content-type
image/png
last-modified
Thu, 04 Apr 2024 20:52:02 GMT
vary
Accept, Accept-Encoding
priority
u=4;i=?0,cf-chb=(37;u=3;i=?0 1447;u=5;i)
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
max-age=31536000
cf-ray
8cd576895dc0d26d-FRA
accept-ranges
bytes
content-length
126695
server
cloudflare
b3ebaa9948d94e570d73458639b24001-afd5e9c9-ce78-4a8f-ad86-345de3a28e14.jpg
aws.cdn-plugandpay.com/media/tenants/13236/202407/ 		195 KB
196 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aws.cdn-plugandpay.com/media/tenants/13236/202407/b3ebaa9948d94e570d73458639b24001-afd5e9c9-ce78-4a8f-ad86-345de3a28e14.jpg
Requested by
Host: ambition.plugandpay.nl
URL: https://ambition.plugandpay.nl/master-your-tiktok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:125a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfb0c3138540eda1505c328a26bbf35766c7815d0b57f0d3c403f18400a73e28

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ambition.plugandpay.nl/

Response headers

x-amz-request-id
MBS1WMGKK9KKES13
x-amz-server-side-encryption
AES256
cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"b3ebaa9948d94e570d73458639b24001"
cf-ray
8cd576896dcdd26d-FRA
expires
Sat, 04 Oct 2025 13:19:20 GMT
accept-ranges
bytes
content-length
199880
date
Fri, 04 Oct 2024 13:19:20 GMT
content-type
image/jpeg
last-modified
Mon, 01 Jul 2024 17:49:54 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-id-2
S3v6dfUs1eyR7XOzdCilLQ9pHt7MMvJyaMSQqlD06F7wOqb5lvODXcsJ3DW2kAN3aPI/bYAoyOI=
95641cedd408cbdef6de8cf3a0725efd-ed09f404-1708-4ff0-aa92-0fadfb69b501.jpg
aws.cdn-plugandpay.com/media/tenants/13236/202407/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aws.cdn-plugandpay.com/media/tenants/13236/202407/95641cedd408cbdef6de8cf3a0725efd-ed09f404-1708-4ff0-aa92-0fadfb69b501.jpg
Requested by
Host: ambition.plugandpay.nl
URL: https://ambition.plugandpay.nl/master-your-tiktok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:125a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57eb951bb524199d595bee5ed3bd7a247522a4077fd0f1f012fe461840fdbd1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ambition.plugandpay.nl/

Response headers

x-amz-request-id
MBSE12R2038FE3RE
x-amz-server-side-encryption
AES256
cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"95641cedd408cbdef6de8cf3a0725efd"
cf-ray
8cd576896dccd26d-FRA
expires
Sat, 04 Oct 2025 13:19:20 GMT
accept-ranges
bytes
content-length
68934
date
Fri, 04 Oct 2024 13:19:20 GMT
content-type
image/jpeg
last-modified
Mon, 01 Jul 2024 17:50:23 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-id-2
87/gFG0rDy1wo21xLWbpQCYvoOh6LccbgEqWsZiPLCzjfNxsw50BUICUd0nuOBJyVP12pYUY5VY=
1e3771933f1ad903bf74e36316054dec-3.png
aws.cdn-plugandpay.com/media/tenants/13236/202406/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aws.cdn-plugandpay.com/media/tenants/13236/202406/1e3771933f1ad903bf74e36316054dec-3.png
Requested by
Host: ambition.plugandpay.nl
URL: https://ambition.plugandpay.nl/master-your-tiktok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:125a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8f394101650da60a0301cf57b68c9096b84cf146124ac92df09789eb00b05b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ambition.plugandpay.nl/

Response headers

x-amz-request-id
MBS3B710XJG2H7NX
x-amz-server-side-encryption
AES256
cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"1e3771933f1ad903bf74e36316054dec"
cf-ray
8cd576895dc6d26d-FRA
expires
Sat, 04 Oct 2025 13:19:20 GMT
accept-ranges
bytes
content-length
1576409
date
Fri, 04 Oct 2024 13:19:20 GMT
content-type
image/png
last-modified
Thu, 13 Jun 2024 10:16:32 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-id-2
27Dy1Nuw6tBz4nvT/fEBr5NC/D2oKu67mQbXmB4iSktt5tRXWyCYVxOWfqSnS8vdI2mmJVa0BlQ=
analytics.js
ambition.plugandpay.nl/analytics/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ambition.plugandpay.nl/analytics/analytics.js
Requested by
Host: ambition.plugandpay.nl
URL: https://ambition.plugandpay.nl/master-your-tiktok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1788 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15011a7ed4b02fae4e03a8130ebcaaf2749a8b3231edadc9f658845801e093d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ambition.plugandpay.nl/master-your-tiktok

Response headers

cache-control
public, max-age=14400
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"66fbab6c-2463"
cf-ray
8cd576892e7c71ac-FRA
expires
Fri, 04 Oct 2024 17:19:20 GMT
date
Fri, 04 Oct 2024 13:19:20 GMT
content-type
application/javascript
last-modified
Tue, 01 Oct 2024 07:57:32 GMT
vary
Accept-Encoding
server
cloudflare
fbevents.js
connect.facebook.net/en_US/ 		226 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ambition.plugandpay.nl
URL: https://ambition.plugandpay.nl/master-your-tiktok
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ambition.plugandpay.nl/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Fri, 04 Oct 2024 13:19:20 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4427, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
dKFiEcviNIUd31iCbxxg+EGNxfRvDZEiqfc4zhisJG2BA6eqIfeuPOywHO6bxowpucqc4qbiC3x1UnQ+OWXDLg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-fb-optimizer
0
document-policy
force-load-at-top
content-length
59131
x-xss-protection
0
origin-agent-cluster
?1
134b24f211a704d1f8aac72e60b4d5c2-master-your-tiktok-gratiswebinar.png
aws.cdn-plugandpay.com/media/tenants/13236/202404/ 		5 MB
5 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aws.cdn-plugandpay.com/media/tenants/13236/202404/134b24f211a704d1f8aac72e60b4d5c2-master-your-tiktok-gratiswebinar.png
Requested by
Host: ambition.plugandpay.nl
URL: https://ambition.plugandpay.nl/master-your-tiktok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:125a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60dad8d215f00e49982b709dd219932042748813a4882eb6670350f2ee59674b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ambition.plugandpay.nl/

Response headers

x-amz-request-id
MBS21QHZT7SNJ9VA
x-amz-server-side-encryption
AES256
cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"134b24f211a704d1f8aac72e60b4d5c2"
cf-ray
8cd576896dd0d26d-FRA
expires
Sat, 04 Oct 2025 13:19:20 GMT
accept-ranges
bytes
content-length
4773344
date
Fri, 04 Oct 2024 13:19:20 GMT
content-type
image/png
last-modified
Thu, 04 Apr 2024 22:37:59 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-id-2
VGXxE/chayACY2O62jX+wGQpV2b08nPkl0IZyemyLHfYEQTaTy1xErX5eZS8cMnCHuz+0cQndmY=
truncated
/ 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a3c37310aa051bb25b7f3a70f87cf8df6aceecaf66eda38f6088d1068441133

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf8
1532509520675369
connect.facebook.net/signals/config/ 		68 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1532509520675369?v=2.9.170&r=stable&domain=ambition.plugandpay.nl&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
47346ffb19171e123695d1bd5ec12b8b73c36e7bfd4ec49269299533432437b0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ambition.plugandpay.nl/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Fri, 04 Oct 2024 13:19:20 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=74, mss=1232, tbw=67289, tp=63, tpl=0, uplat=180, ullat=0
pragma
public
x-fb-debug
zgk/kQi++1h5p6F2YkKiXHUVCCoSrWOdI2jkxSX+LTTa0yRSV5W9tLRhfgHAuEGgEGHDHFLgF2u26QexcOJZTg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800;900&family=Poppins:wght@400;500;600;700;800;900&family=Inter+Tight:wght@400;500;600;700;800;900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ambition.plugandpay.nl
Referer
https://fonts.googleapis.com/

Response headers

age
276259
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 01 Oct 2025 08:35:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 08:35:01 GMT
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7816
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800;900&family=Poppins:wght@400;500;600;700;800;900&family=Inter+Tight:wght@400;500;600;700;800;900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ambition.plugandpay.nl
Referer
https://fonts.googleapis.com/

Response headers

age
276605
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 01 Oct 2025 08:29:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 08:29:15 GMT
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
8000
x-xss-protection
0
server
sffe
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800;900&family=Poppins:wght@400;500;600;700;800;900&family=Inter+Tight:wght@400;500;600;700;800;900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ambition.plugandpay.nl
Referer
https://fonts.googleapis.com/

Response headers

age
278088
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 01 Oct 2025 08:04:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 08:04:32 GMT
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48444
x-xss-protection
0
server
sffe
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800;900&family=Poppins:wght@400;500;600;700;800;900&family=Inter+Tight:wght@400;500;600;700;800;900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ambition.plugandpay.nl
Referer
https://fonts.googleapis.com/

Response headers

age
275261
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 01 Oct 2025 08:51:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 08:51:39 GMT
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
activities
api.plugandpay.nl/v2/statistics/ 		0
108 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.plugandpay.nl/v2/statistics/activities
Requested by
Host: ambition.plugandpay.nl
URL: https://ambition.plugandpay.nl/analytics/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1788 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors admin.plugandpay.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://ambition.plugandpay.nl/

Response headers

content-security-policy
frame-ancestors admin.plugandpay.com
cache-control
no-cache, private
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
cf-ray
8cd5768b386a71ac-FRA
access-control-allow-origin
https://ambition.plugandpay.nl
date
Fri, 04 Oct 2024 13:19:21 GMT
x-powered-by
PHP/8.1.30
vary
Precognition
server
cloudflare
access-control-allow-headers
Accept, Tenant-Id, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Requested-With, Portal, Tenant, X-CSRF-TOKEN, x-socket-id, X-Dry-Run, Precognition, X-Accept-Language, x-tenant-id, x-page-builder-cache-token, X-IMU-AUTH, Precognitive
activities
api.plugandpay.nl/v2/statistics/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.plugandpay.nl/v2/statistics/activities
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1688 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ambition.plugandpay.nl
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Tenant-Id,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Portal,Tenant,X-CSRF-TOKEN,x-socket-id, X-Dry-Run, X-Accept-Language, X-Tenant-Id, x-page-builder-cache-token, Precognition, Precognitive
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://ambition.plugandpay.nl
access-control-max-age
1728000
cf-cache-status
DYNAMIC
cf-ray
8cd5768b0a36dcb1-FRA
date
Fri, 04 Oct 2024 13:19:20 GMT
server
cloudflare
677663ac22f4b74c957b381c2ab6c998-pink-neon-frame-professional-twitter-profile-picture-1.png
aws.cdn-plugandpay.com/media/tenants/13236/202404/ 		246 KB
247 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aws.cdn-plugandpay.com/media/tenants/13236/202404/677663ac22f4b74c957b381c2ab6c998-pink-neon-frame-professional-twitter-profile-picture-1.png?trim=0,0,0,0
Requested by
Host: ambition.plugandpay.nl
URL: https://ambition.plugandpay.nl/styling/3f777ce4-b0a9-4f6a-8a30-c75709ef903b.css?v=1721933672
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:125a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e53af8bc73af0d1117f955a8eb160c2a3bdac6673065eeb2bdbf54aeeefc72d3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ambition.plugandpay.nl/

Response headers

cf-cache-status
HIT
etag
"cfvZWsj-M8L2MAXJ1OtmepOORo0rUSTgnjqyjuv4PHDQ:677663ac22f4b74c957b381c2ab6c998"
cf-bgj
imgq:0,h2pri
cf-resized
internal=ok/m q=0 n=142+11 c=10+0 v=2024.9.4 l=252268 f=false
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 13:19:20 GMT
content-type
image/png
last-modified
Thu, 04 Apr 2024 20:56:44 GMT
vary
Accept, Accept-Encoding
priority
u=4;i=?0,cf-chb=(37;u=3;i=?0 1448;u=5;i)
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
max-age=31536000
cf-ray
8cd5768bcd90d26d-FRA
accept-ranges
bytes
content-length
252268
server
cloudflare
pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800;900&family=Poppins:wght@400;500;600;700;800;900&family=Inter+Tight:wght@400;500;600;700;800;900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ambition.plugandpay.nl
Referer
https://fonts.googleapis.com/

Response headers

age
278138
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 01 Oct 2025 08:03:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 08:03:42 GMT
last-modified
Fri, 22 Mar 2024 00:00:35 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7632
x-xss-protection
0
server
sffe
NGSwv5HMAFg6IuGlBNMjxLsH8ag.woff2
fonts.gstatic.com/s/intertight/v7/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/intertight/v7/NGSwv5HMAFg6IuGlBNMjxLsH8ag.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800;900&family=Poppins:wght@400;500;600;700;800;900&family=Inter+Tight:wght@400;500;600;700;800;900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
ca34455f82a5c81d8111c6a641771c011e95767e64efc8a52f82299896028c57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ambition.plugandpay.nl
Referer
https://fonts.googleapis.com/

Response headers

age
312827
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 30 Sep 2025 22:25:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 22:25:33 GMT
last-modified
Thu, 24 Aug 2023 20:57:44 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
45072
x-xss-protection
0
server
sffe
c9a6e08739d430d3d7c14447a32b2051-img-0605.jpg
aws.cdn-plugandpay.com/media/tenants/13236/202404/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aws.cdn-plugandpay.com/media/tenants/13236/202404/c9a6e08739d430d3d7c14447a32b2051-img-0605.jpg?trim=640,0,640,0
Requested by
Host: ambition.plugandpay.nl
URL: https://ambition.plugandpay.nl/styling/3f777ce4-b0a9-4f6a-8a30-c75709ef903b.css?v=1721933672
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:125a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11b6380f1afa84e5783ff464da29e0b71d9ebe6ac4bb6830dde7a4e9e4e4e41b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ambition.plugandpay.nl/

Response headers

cf-cache-status
MISS
etag
"cf0rsFWHgothuwE9kcfetgATHJDj6FDhI-SfVvngh8DQ:c9a6e08739d430d3d7c14447a32b2051"
cf-bgj
imgq:85,h2pri
cf-resized
internal=ok/r q=0 n=49+83 c=26+56 v=2024.9.4 l=127811 f=false
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 13:19:21 GMT
content-type
image/jpeg
last-modified
Thu, 04 Apr 2024 21:44:18 GMT
vary
Accept, Accept-Encoding
priority
u=1;i=?0,cf-chb=(319;u=3;i=?0 10963;u=5;i=?0 70803;u=6;i=?0)
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
max-age=31536000
cf-ray
8cd5768bddaed26d-FRA
accept-ranges
bytes
content-length
127811
server
cloudflare
677663ac22f4b74c957b381c2ab6c998-pink-neon-frame-professional-twitter-profile-picture-1.png
aws.cdn-plugandpay.com/media/tenants/13236/202404/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aws.cdn-plugandpay.com/media/tenants/13236/202404/677663ac22f4b74c957b381c2ab6c998-pink-neon-frame-professional-twitter-profile-picture-1.png?trim=197,0,197,0
Requested by
Host: ambition.plugandpay.nl
URL: https://ambition.plugandpay.nl/styling/3f777ce4-b0a9-4f6a-8a30-c75709ef903b.css?v=1721933672
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:125a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0406e97a7d0dee6ea842538b3e8a7cdb6e419fa83aafddf85bfaf2c4677fd704
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ambition.plugandpay.nl/

Response headers

cf-cache-status
HIT
etag
"cfvZWsj-M8L2MAXJ1OtmepOORonCXtOrTPraz2TVO3DQ:677663ac22f4b74c957b381c2ab6c998"
cf-bgj
imgq:99,h2pri
cf-resized
internal=ok/m q=0 n=181+44 c=10+34 v=2024.9.4 l=78383 f=false
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 13:19:20 GMT
content-type
image/png
last-modified
Thu, 04 Apr 2024 20:56:44 GMT
vary
Accept, Accept-Encoding
priority
u=4;i=?0,cf-chb=(37;u=2;i=?0 825;u=5;i=?0)
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
max-age=31536000
cf-ray
8cd5768bdde7d26d-FRA
accept-ranges
bytes
content-length
78383
server
cloudflare
favicon.ico
ambition.plugandpay.nl/ 		5 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ambition.plugandpay.nl/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1788 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
205b6b6cb81f4a09bdacec93c4edd924a812d2f25268e3e9ca2cd154f0c02128

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ambition.plugandpay.nl/master-your-tiktok

Response headers

cache-control
public, max-age=14400
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"66fe97e0-1536"
cf-ray
8cd5768f7cb371ac-FRA
expires
Fri, 04 Oct 2024 17:19:21 GMT
date
Fri, 04 Oct 2024 13:19:21 GMT
content-type
image/x-icon
last-modified
Thu, 03 Oct 2024 13:10:56 GMT
vary
Accept-Encoding
server
cloudflare

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq object| analyticsData function| __defProp function| __defProps function| __getOwnPropDescs function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __spreadProps function| __publicField function| __accessCheck function| __privateGet function| __privateAdd function| __privateSet function| __privateMethod object| ppAnalytics

1 Cookies

Domain/Path Name / Value
ambition.plugandpay.nl/ Name: ppa_visitor_id
Value: gv5obqyb1nq1728047960771

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors admin.plugandpay.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ambition.plugandpay.nl
api.plugandpay.nl
aws.cdn-plugandpay.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
masteryourtiktok.be
142.250.186.163
157.240.253.1
217.19.237.54
2606:4700::6812:125a
2606:4700::6812:1688
2606:4700::6812:1788
2a00:1450:4001:82f::200a
0406e97a7d0dee6ea842538b3e8a7cdb6e419fa83aafddf85bfaf2c4677fd704
11b6380f1afa84e5783ff464da29e0b71d9ebe6ac4bb6830dde7a4e9e4e4e41b
15011a7ed4b02fae4e03a8130ebcaaf2749a8b3231edadc9f658845801e093d9
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f
205b6b6cb81f4a09bdacec93c4edd924a812d2f25268e3e9ca2cd154f0c02128
2648be0f03f241dfc528241d9c5026fd087abc21d5c010024b8edc17ecacfc9b
3a3c37310aa051bb25b7f3a70f87cf8df6aceecaf66eda38f6088d1068441133
47346ffb19171e123695d1bd5ec12b8b73c36e7bfd4ec49269299533432437b0
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
60dad8d215f00e49982b709dd219932042748813a4882eb6670350f2ee59674b
7919273e171bfd578d1d7e225a472e3db92f1fd23da22fdd68a0c0e1bd4309a3
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
a57eb951bb524199d595bee5ed3bd7a247522a4077fd0f1f012fe461840fdbd1
b148ec8323e75fbfc4d0f43f88e52e24c9aebdca515379320faa024f30e67aca
b8f394101650da60a0301cf57b68c9096b84cf146124ac92df09789eb00b05b1
c373cb7162335e9c38b1403440e51b6b9ba5e98c80aee33eda12d32a03e7eeac
ca34455f82a5c81d8111c6a641771c011e95767e64efc8a52f82299896028c57
dfb0c3138540eda1505c328a26bbf35766c7815d0b57f0d3c403f18400a73e28
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53af8bc73af0d1117f955a8eb160c2a3bdac6673065eeb2bdbf54aeeefc72d3
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149