forum.festileaks.com Open in urlscan Pro
5.157.87.144 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://forum.festileaks.com/members/online-casino-nederland.41364/#about
Effective URL:
https://forum.festileaks.com/members/online-casino-nederland.41364/
Submission: On May 25 via manual (May 25th 2022, 4:31:16 pm UTC) from NL — Scanned from NL

Summary HTTP 63 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 14 domains to perform 63 HTTP transactions. The main IP is 5.157.87.144, located in Netherlands and belongs to CLDIN-NL Total Webhosting Solutions TWS in, NL. The main domain is forum.festileaks.com.
TLS certificate: Issued by R3 on May 20th 2022. Valid for: 3 months.

This is the only time forum.festileaks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	5.157.87.144 5.157.87.144	48635 (CLDIN-NL ...) (CLDIN-NL Total Webhosting Solutions TWS in)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	91.224.242.15 91.224.242.15	42093 (INTERRACK...) (INTERRACKS-AS)
1	91.224.242.17 91.224.242.17	42093 (INTERRACK...) (INTERRACKS-AS)
9	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	108.157.4.21 108.157.4.21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	108.157.4.122 108.157.4.122	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	108.157.4.102 108.157.4.102	16509 (AMAZON-02) (AMAZON-02)
1	54.76.37.156 54.76.37.156	16509 (AMAZON-02) (AMAZON-02)
1	52.85.247.60 52.85.247.60	16509 (AMAZON-02) (AMAZON-02)
63	19

26 5.157.87.144 (Netherlands)

ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL)
PTR: vps-b5231.firstfind.nl

forum.festileaks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
festileaks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.224.242.15 (Netherlands)

ASN42093 (INTERRACKS-AS, NL)

resources.adrequest.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.224.242.17 (Netherlands)

ASN42093 (INTERRACKS-AS, NL)

feeds.adrequest.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-21.dus51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-122.dus51.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-102.dus51.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.37.156 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-37-156.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.247.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-247-60.ord51.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	festileaks.com forum.festileaks.com festileaks.com	747 KB
6	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2279 www.google.com — Cisco Umbrella Rank: 7	88 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	39 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 645 script.hotjar.com — Cisco Umbrella Rank: 896 vars.hotjar.com — Cisco Umbrella Rank: 989 in.hotjar.com — Cisco Umbrella Rank: 1730	67 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187 stats.g.doubleclick.net — Cisco Umbrella Rank: 92	125 KB
4	adrequest.net resources.adrequest.net — Cisco Umbrella Rank: 523001 feeds.adrequest.net — Cisco Umbrella Rank: 732719	173 KB
3	gstatic.com fonts.gstatic.com	184 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	168 KB
2	google.nl www.google.nl — Cisco Umbrella Rank: 8284	608 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	4 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2320	255 B
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 1727	36 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	28 KB
0	nextday.media Failed cmp.nextday.media Failed
63	14

	Domain	Requested by
22	forum.festileaks.com	forum.festileaks.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	fundingchoicesmessages.google.com	forum.festileaks.com
4	festileaks.com	forum.festileaks.com
3	fonts.gstatic.com	fonts.googleapis.com
3	resources.adrequest.net	forum.festileaks.com resources.adrequest.net
3	www.googletagmanager.com	forum.festileaks.com www.googletagmanager.com
2	www.google.nl	forum.festileaks.com
2	www.google.com	forum.festileaks.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	securepubads.g.doubleclick.net	www.googletagservices.com
2	fonts.googleapis.com	forum.festileaks.com
1	vc.hotjar.io	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.googletagmanager.com
1	secure.gravatar.com	forum.festileaks.com
1	feeds.adrequest.net	resources.adrequest.net
1	www.googletagservices.com	forum.festileaks.com
0	cmp.nextday.media Failed	forum.festileaks.com
63	21

This site contains links to these domains. Also see Links.

Domain
festileaks.com
shop.festileaks.com
secure.gravatar.com
www.onlinecasino2go.com
magmedia.nl
xenforo.com
xenmade.com
www.themehouse.com

Subject Issuer	Validity	Valid
forum.festileaks.com R3	`2022-05-20` - `2022-08-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
festileaks.com R3	`2022-05-20` - `2022-08-18`	3 months	crt.sh
resources.adrequest.net R3	`2022-04-18` - `2022-07-17`	3 months	crt.sh
feeds.adrequest.net R3	`2022-04-17` - `2022-07-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://forum.festileaks.com/members/online-casino-nederland.41364/
Frame ID: E58A7C2BB69A7114402590650ED48FCF
Requests: 62 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html
Frame ID: 17C84BF45E1AE64FBF94E63A6D7AA342
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Casino Nederland | Festileaks Festival Forum

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Gravatar (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<[^>]+gravatar\.com/avatar/

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

63
Requests

98 %
HTTPS

50 %
IPv6

14
Domains

21
Subdomains

19
IPs

5
Countries

1662 kB
Transfer

3999 kB
Size

12
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://festileaks.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://festileaks.com/festivalnieuws/
Title: Festivalnieuws

Search URL Search Domain Scan URL

URL: https://festileaks.com/festival/pinkpop/2021/
Title: Pinkpop 2021

Search URL Search Domain Scan URL

URL: https://festileaks.com/festival/best-kept-secret/2021/
Title: Best Kept Secret 2021

Search URL Search Domain Scan URL

URL: https://festileaks.com/festival/down-the-rabbit-hole/2021/
Title: DTRH 2021

Search URL Search Domain Scan URL

URL: https://festileaks.com/festival/graspop/2021/
Title: Graspop 2021

Search URL Search Domain Scan URL

URL: https://festileaks.com/festival/rock-werchter/2021/
Title: Rock Werchter 2021

Search URL Search Domain Scan URL

URL: https://festileaks.com/festival/lowlands/2021/
Title: Lowlands 2021

Search URL Search Domain Scan URL

URL: https://festileaks.com/verslagen/
Title: Verslagen

Search URL Search Domain Scan URL

URL: https://shop.festileaks.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://secure.gravatar.com/avatar/47a225948528c2c017b73af26e0f7137?s=384

Search URL Search Domain Scan URL

URL: https://www.onlinecasino2go.com/
Title: Online Casinos Nederland

Search URL Search Domain Scan URL

URL: https://festileaks.com/contact
Title: Contact

Search URL Search Domain Scan URL

URL: https://festileaks.com/team
Title: Team

Search URL Search Domain Scan URL

URL: https://festileaks.com/disclaimer
Title: Disclaimer

Search URL Search Domain Scan URL

URL: https://festileaks.com/cookies
Title: Cookies

Search URL Search Domain Scan URL

URL: https://festileaks.com/2018/11/bedankt-festileaks-is-verkozen-tot-website-van-het-jaar-2018/

Search URL Search Domain Scan URL

URL: https://magmedia.nl/

Search URL Search Domain Scan URL

URL: https://xenforo.com/
Title: Community platform by XenForo® © 2010-2021 XenForo Ltd.

Search URL Search Domain Scan URL

URL: https://xenmade.com/
Title: Add-Ons

Search URL Search Domain Scan URL

URL: https://www.themehouse.com/?utm_source=forum.festileaks.com&utm_medium=xf2product&utm_campaign=product_branding
Title: Style and add-ons by ThemeHouse

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
forum.festileaks.com/members/online-casino-nederland.41364/ 73 KB
23 KB 205ms
60ms Document
text/html 5.157.87.144
CLDIN-NL Total We...

General

Check archive.org

Show headers Download Go to

Full URL

https://forum.festileaks.com/members/online-casino-nederland.41364/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),

Reverse DNS

vps-b5231.firstfind.nl

Software

nginx /

Resource Hash

57048bbc62b788fb4f1b68f8db933924e061d6b3b5dd445c3c9e88a8e8882096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, no-cache, max-age=0
content-encoding: gzip
content-length: 23126
content-type: text/html; charset=utf-8
date: Wed, 25 May 2022 16:31:09 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Wed, 25 May 2022 16:31:09 GMT
server: nginx
vary: Accept-Encoding
x-cache: not cached
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 css.php
forum.festileaks.com/ 308 KB
59 KB 180ms
91ms Stylesheet
text/css 5.157.87.144
CLDIN-NL Total We...

General

Check archive.org

Show headers Download Go to

Full URL

https://forum.festileaks.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=8&l=4&d=1647277084&k=47ad4c783e6ad12ee7fc27159cb4b66abd2a56a1

Requested by

Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),

Reverse DNS

vps-b5231.firstfind.nl

Software

nginx /

Resource Hash

f985c5f236e82d857e6411718352aa8c4523f747dbb15c1f9f170b91af85c5bc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:09 GMT
content-encoding: gzip
last-modified: Mon, 14 Mar 2022 16:58:04 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
x-cache: not cached
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
content-length: 60343
expires: Thu, 25 May 2023 16:31:09 GMT

GET
H2 200 materialdesignicons-webfont.woff2
forum.festileaks.com/styles/uix/fonts/icons/material-icons/fonts/ 312 KB
313 KB 141ms
57ms Font
application/octet-stream 5.157.87.144
CLDIN-NL Total We...

General

Check archive.org

Show headers Download Go to

Full URL: https://forum.festileaks.com/styles/uix/fonts/icons/material-icons/fonts/materialdesignicons-webfont.woff2?v=5.8.55
Requested by: Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS: vps-b5231.firstfind.nl
Software: nginx /
Resource Hash: 34845bb6344cdad5b3e15a37bcfee67bde497cdf5805d31c952c35a92b630e67

Request headers

Referer: https://forum.festileaks.com/members/online-casino-nederland.41364/
Origin: https://forum.festileaks.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:09 GMT
last-modified: Tue, 23 Mar 2021 14:08:33 GMT
server: nginx
etag: "6059f661-4e1f0"
content-type: application/octet-stream
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 319984
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 materialdesignicons.min.css
forum.festileaks.com/styles/uix/fonts/icons/material-icons/css/ 263 KB
43 KB 119ms
36ms Stylesheet
text/css 5.157.87.144
CLDIN-NL Total We...

General

Check archive.org

Show headers Download Go to

Full URL: https://forum.festileaks.com/styles/uix/fonts/icons/material-icons/css/materialdesignicons.min.css?d=1635174640
Requested by: Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS: vps-b5231.firstfind.nl
Software: nginx /
Resource Hash: 1193e835baf1666d6e589dc3bfee84e7482c8a7536c35883d10cc11abd134604

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:09 GMT
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 14:08:33 GMT
server: nginx
etag: W/"6059f661-41c3a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
expires: Thu, 25 May 2023 16:31:09 GMT

GET
H2 200 css.php
forum.festileaks.com/ 46 KB
11 KB 163ms
80ms Stylesheet
text/css 5.157.87.144
CLDIN-NL Total We...

General

Check archive.org

Show headers Download Go to

Full URL

https://forum.festileaks.com/css.php?css=public%3Amember.less%2Cpublic%3Auix.less%2Cpublic%3Auix_extendedFooter.less%2Cpublic%3Auix_socialMedia.less%2Cpublic%3Aextra.less&s=8&l=4&d=1647277084&k=12a5adfa8e0dacb7e5804b5234d304fc8da8fa4f

Requested by

Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),

Reverse DNS

vps-b5231.firstfind.nl

Software

nginx /

Resource Hash

2f274476eadd5bd8c51a3609df13ad472202bbc83398474399adbda6f7e2543a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:09 GMT
content-encoding: gzip
last-modified: Mon, 14 Mar 2022 16:58:04 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
x-cache: not cached
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
content-length: 10916
expires: Thu, 25 May 2023 16:31:09 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
920 B 268ms
55ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Be%20Vietnam

Requested by

Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b137d3cf2f19f06c81e624265c17910d52ea2c73ed522ed1c08215dbf5249e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 25 May 2022 16:31:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 25 May 2022 16:31:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 May 2022 16:31:09 GMT

GET
H2 200 preamble.min.js Show response
forum.festileaks.com/js/xf/ 3 KB
2 KB 162ms
79ms Script
application/javascript 5.157.87.144
CLDIN-NL Total We...

General

Check archive.org

Show headers Download Go to

Full URL: https://forum.festileaks.com/js/xf/preamble.min.js?_v=2e74f03f
Requested by: Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS: vps-b5231.firstfind.nl
Software: nginx /
Resource Hash: b48fc223d524430ef86336e524ca8b95b74927ca840abc04a0407b58e5905823

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:09 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 15:10:02 GMT
server: nginx
etag: W/"6054beca-c4a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Thu, 25 May 2023 16:31:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
39 KB 769ms
141ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-24751788-1

Requested by

Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed8b4cd5a74b5679ce93169e6d951698a7c7b8a7aeebf9a3ed071aa9e7b24a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39537
x-xss-protection: 0
last-modified: Wed, 25 May 2022 16:06:54 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 25 May 2022 16:31:10 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
28 KB 679ms
73ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a0221cd6bc510b3b879d264d90aa5f03c88cfb5202b58d5757d6e320a62a3cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27979
x-xss-protection: 0
server: sffe
etag: "1225 / 420 of 1000 / last-modified: 1653493400"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 May 2022 16:31:10 GMT

GET
H2 200 ads-forum-page.js Show response
festileaks.com/wp-content/themes/Newspaper-child/planetnine/ 5 KB
930 B 233ms
38ms Script
application/javascript 5.157.87.144
CLDIN-NL Total We...

General

Check archive.org

Show headers Download Go to

Full URL: https://festileaks.com/wp-content/themes/Newspaper-child/planetnine/ads-forum-page.js
Requested by: Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS: vps-b5231.firstfind.nl
Software: nginx /
Resource Hash: a3e4a88444af4b36d4346b0d279af5cc7c0cb6e648e13cf71b289b7c25cbcc3a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:09 GMT
content-encoding: gzip
last-modified: Mon, 12 Apr 2021 14:09:51 GMT
server: nginx
etag: W/"607454af-14af"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Thu, 25 May 2023 16:31:09 GMT

GET
H/1.1 200
OK festileaks.com.js Show response
resources.adrequest.net/scripts/ 16 KB
5 KB 260ms
41ms Script
application/javascript 91.224.242.15
INTERRACKS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.adrequest.net/scripts/festileaks.com.js

Requested by

Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

91.224.242.15 , Netherlands, ASN42093 (INTERRACKS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

555e7d6143a698dfd9bb91775419f620dbcfb6b44d3a1a23f85d1094ddf84159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:31:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 01 Apr 2022 12:55:31 GMT
Server: nginx
ETag: W/"6246f643-3f38"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Wed, 25 May 2022 16:31:08 GMT

GET cmp.ndmtag.bundle.js
cmp.nextday.media/ 0
0

GET
H2 404 lazy-load.min.js
forum.festileaks.com/ 0
0 111ms
76ms Script
text/html 5.157.87.144
CLDIN-NL Total We...

General

Check archive.org

Show headers Download Go to

Full URL: https://forum.festileaks.com/lazy-load.min.js
Requested by: Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS: vps-b5231.firstfind.nl
Software: nginx /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:09 GMT
server: nginx
content-length: 564
content-type: text/html; charset=utf-8

GET
H2 200 FESTILEAKS-LOGO-2017-FULL.png
forum.festileaks.com/data/assets/logo/ 65 KB
65 KB 111ms
77ms Image
image/png 5.157.87.144
CLDIN-NL Total We...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forum.festileaks.com/data/assets/logo/FESTILEAKS-LOGO-2017-FULL.png
Requested by: Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS: vps-b5231.firstfind.nl
Software: nginx /
Resource Hash: 07bc57e035505f4e21fbca448d989e90d8945eeda2bf78d921492c729a709a71

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:09 GMT
last-modified: Tue, 23 Mar 2021 14:32:05 GMT
server: nginx
etag: "6059fbe5-104b3"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 66739
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 uix_logoSmall.png
forum.festileaks.com/styles/uix/basic/ 56 KB
56 KB 603ms
570ms Image
image/png 5.157.87.144
CLDIN-NL Total We...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forum.festileaks.com/styles/uix/basic/uix_logoSmall.png
Requested by: Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS: vps-b5231.firstfind.nl
Software: nginx /
Resource Hash: 590cc18e3930c115690a4324b121b446a28761f33cc508f4ec900963963960a2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:09 GMT
last-modified: Tue, 23 Mar 2021 14:18:00 GMT
server: nginx
etag: "6059f898-de86"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 56966
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 FESTILEAKS-LOGO-2017-FULL-324x160-1.png
festileaks.com/wp-content/uploads/2017/10/ 24 KB
24 KB 560ms
528ms Image
image/png 5.157.87.144
CLDIN-NL Total We...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://festileaks.com/wp-content/uploads/2017/10/FESTILEAKS-LOGO-2017-FULL-324x160-1.png
Requested by: Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS: vps-b5231.firstfind.nl
Software: nginx /
Resource Hash: 76f43d1677e854d0a99af07594a5e7646263159f320b078d18c914f77531958a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:09 GMT
last-modified: Tue, 14 May 2019 00:47:56 GMT
server: nginx
etag: "5cda103c-6076"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24694
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo_woty_nl_100x100.png
festileaks.com/wp-content/uploads/2019/06/ 10 KB
10 KB 628ms
596ms Image
image/png 5.157.87.144
CLDIN-NL Total We...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://festileaks.com/wp-content/uploads/2019/06/logo_woty_nl_100x100.png
Requested by: Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS: vps-b5231.firstfind.nl
Software: nginx /
Resource Hash: 4b7fb9af94daa4c004cca7dcdc0142d75c7924c88b3b9249c3fa846bb8937eef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:09 GMT
last-modified: Fri, 28 Jun 2019 17:34:53 GMT
server: nginx
etag: "5d164fbd-26a4"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 9892
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 MagMedia_logo_web-2.jpg
festileaks.com/wp-content/uploads/2020/12/ 5 KB
5 KB 682ms
650ms Image
image/jpeg 5.157.87.144
CLDIN-NL Total We...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://festileaks.com/wp-content/uploads/2020/12/MagMedia_logo_web-2.jpg
Requested by: Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS: vps-b5231.firstfind.nl
Software: nginx /
Resource Hash: abaa372b94de7240fc0834dbe48ab3f3b9613d901230ef32c3e69153dbc002f8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:09 GMT
last-modified: Tue, 01 Dec 2020 22:27:54 GMT
server: nginx
etag: "5fc6c36a-1361"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 4961
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
forum.festileaks.com/js/vendor/jquery/ 87 KB
30 KB 143ms
31ms Script
application/javascript 5.157.87.144
CLDIN-NL Total We...

General

Check archive.org

Show headers Download Go to

Full URL: https://forum.festileaks.com/js/vendor/jquery/jquery-3.5.1.min.js?_v=2e74f03f
Requested by: Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS: vps-b5231.firstfind.nl
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:09 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 15:14:30 GMT
server: nginx
etag: W/"6054bfd6-15d84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Thu, 25 May 2023 16:31:09 GMT

GET
H2 200 vendor-compiled.js Show response
forum.festileaks.com/js/vendor/ 69 KB
21 KB 108ms
38ms Script
application/javascript 5.157.87.144
CLDIN-NL Total We...

General

Check archive.org

Show headers Download Go to

Full URL: https://forum.festileaks.com/js/vendor/vendor-compiled.js?_v=2e74f03f
Requested by: Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS: vps-b5231.firstfind.nl
Software: nginx /
Resource Hash: a97392a02775136f7fcda1786540414e4a6595f79c49dc1bc9c790f472a9a9f3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:09 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 15:09:58 GMT
server: nginx
etag: W/"6054bec6-113ab"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Thu, 25 May 2023 16:31:09 GMT

GET
H2 200 core-compiled.js Show response
forum.festileaks.com/js/xf/ 218 KB
63 KB 110ms
71ms Script
application/javascript 5.157.87.144
CLDIN-NL Total We...

General

Check archive.org

Show headers Download Go to

Full URL: https://forum.festileaks.com/js/xf/core-compiled.js?_v=2e74f03f
Requested by: Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS: vps-b5231.firstfind.nl
Software: nginx /
Resource Hash: cd5051d15ab5051e0cbd9414ebd4327bf42bcbe0ba0b528b27835c14bb43c7cf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:09 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 11:51:41 GMT
server: nginx
etag: W/"610a7f4d-3693c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Thu, 25 May 2023 16:31:09 GMT

GET
H2 200 inline_mod.min.js Show response
forum.festileaks.com/js/xf/ 7 KB
3 KB 111ms
74ms Script
application/javascript 5.157.87.144
CLDIN-NL Total We...

General

Check archive.org

Show headers Download Go to

Full URL: https://forum.festileaks.com/js/xf/inline_mod.min.js?_v=2e74f03f
Requested by: Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS: vps-b5231.firstfind.nl
Software: nginx /
Resource Hash: 0682e25804d75ee67c4be9254e80883e3ee2df63c57dac331fc3e38c255c83eb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:09 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 11:51:41 GMT
server: nginx
etag: W/"610a7f4d-1cbd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Thu, 25 May 2023 16:31:09 GMT

GET
H2 200 ripple.min.js Show response
forum.festileaks.com/js/themehouse/uix/ 1 KB
914 B 111ms
75ms Script
application/javascript 5.157.87.144
CLDIN-NL Total We...

General

Check archive.org

Show headers Download Go to

Full URL: https://forum.festileaks.com/js/themehouse/uix/ripple.min.js?_v=2e74f03f
Requested by: Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS: vps-b5231.firstfind.nl
Software: nginx /
Resource Hash: d4e14fe027197ebdbd6e9ab1f0d963379e4851fdbe85225acf84ef2f1f67558d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:09 GMT
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 14:08:33 GMT
server: nginx
etag: W/"6059f661-58c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Thu, 25 May 2023 16:31:09 GMT

GET
H2 200 20210125.min.js Show response
forum.festileaks.com/js/themehouse/global/ 11 KB
4 KB 111ms
75ms Script
application/javascript 5.157.87.144
CLDIN-NL Total We...

General

Check archive.org

Show headers Download Go to

Full URL: https://forum.festileaks.com/js/themehouse/global/20210125.min.js?_v=2e74f03f
Requested by: Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS: vps-b5231.firstfind.nl
Software: nginx /
Resource Hash: 7e5c23918762997e2851f5ca38481431503c5a7036e19a128035804a935c0e4e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:09 GMT
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 14:08:33 GMT
server: nginx
etag: W/"6059f661-2b29"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Thu, 25 May 2023 16:31:09 GMT

GET
H2 200 index.min.js Show response
forum.festileaks.com/js/themehouse/uix/ 8 KB
3 KB 111ms
75ms Script
application/javascript 5.157.87.144
CLDIN-NL Total We...

General

Check archive.org

Show headers Download Go to

Full URL: https://forum.festileaks.com/js/themehouse/uix/index.min.js?_v=2e74f03f
Requested by: Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS: vps-b5231.firstfind.nl
Software: nginx /
Resource Hash: 03e9903204561f2a2bdc85b768de9cebb2a59d97513c8e41fe32f250dc144294

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:09 GMT
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 14:08:33 GMT
server: nginx
etag: W/"6059f661-2026"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Thu, 25 May 2023 16:31:09 GMT

GET
H2 200 jquery.hoverIntent.min.js Show response
forum.festileaks.com/js/themehouse/uix/vendor/hover-intent/ 2 KB
1 KB 111ms
76ms Script
application/javascript 5.157.87.144
CLDIN-NL Total We...

General

Check archive.org

Show headers Download Go to

Full URL: https://forum.festileaks.com/js/themehouse/uix/vendor/hover-intent/jquery.hoverIntent.min.js?_v=2e74f03f
Requested by: Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS: vps-b5231.firstfind.nl
Software: nginx /
Resource Hash: 844723d288a84c14a3f75ff2db1463fca5b4c4c710e3cc3a111624ed959665d9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:09 GMT
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 14:08:33 GMT
server: nginx
etag: W/"6059f661-8c4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Thu, 25 May 2023 16:31:09 GMT

GET
H2 200 defer.min.js Show response
forum.festileaks.com/js/themehouse/uix/ 18 KB
4 KB 627ms
597ms Script
application/javascript 5.157.87.144
CLDIN-NL Total We...

General

Check archive.org

Show headers Download Go to

Full URL: https://forum.festileaks.com/js/themehouse/uix/defer.min.js?_v=2e74f03f
Requested by: Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS: vps-b5231.firstfind.nl
Software: nginx /
Resource Hash: 4ca5c394b025a327b799f80fb140f4702eac4838bbcbf6d19c1c3c27dcfa26a0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:09 GMT
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 14:08:33 GMT
server: nginx
etag: W/"6059f661-4625"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Thu, 25 May 2023 16:31:09 GMT

GET
H2 200 deferFab.min.js Show response
forum.festileaks.com/js/themehouse/uix/ 3 KB
1 KB 627ms
598ms Script
application/javascript 5.157.87.144
CLDIN-NL Total We...

General

Check archive.org

Show headers Download Go to

Full URL: https://forum.festileaks.com/js/themehouse/uix/deferFab.min.js?_v=2e74f03f
Requested by: Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS: vps-b5231.firstfind.nl
Software: nginx /
Resource Hash: 3bb0e231fc7fd3a5401b3159990a4718a2257c594cdba910d15b47a80f27ead3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:09 GMT
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 14:08:33 GMT
server: nginx
etag: W/"6059f661-cec"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Thu, 25 May 2023 16:31:09 GMT

GET
H2 200 deferNodesCollapse.min.js Show response
forum.festileaks.com/js/themehouse/uix/ 3 KB
1 KB 628ms
599ms Script
application/javascript 5.157.87.144
CLDIN-NL Total We...

General

Check archive.org

Show headers Download Go to

Full URL: https://forum.festileaks.com/js/themehouse/uix/deferNodesCollapse.min.js?_v=2e74f03f
Requested by: Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS: vps-b5231.firstfind.nl
Software: nginx /
Resource Hash: 0740cfa18f7a531068226a5942c41a8f0624789cd2cb46597a7ca0259752295a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:09 GMT
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 14:08:33 GMT
server: nginx
etag: W/"6059f661-b62"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Thu, 25 May 2023 16:31:09 GMT

GET
H2 200 deferWidthToggle.min.js Show response
forum.festileaks.com/js/themehouse/uix/ 2 KB
1 KB 628ms
600ms Script
application/javascript 5.157.87.144
CLDIN-NL Total We...

General

Check archive.org

Show headers Download Go to

Full URL: https://forum.festileaks.com/js/themehouse/uix/deferWidthToggle.min.js?_v=2e74f03f
Requested by: Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),
Reverse DNS: vps-b5231.firstfind.nl
Software: nginx /
Resource Hash: 12a4495dcf4f799da379ec9caf3cfd5fbc675b6228d9ce5dc00eed49bfb5128c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/members/online-casino-nederland.41364/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:09 GMT
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 14:08:33 GMT
server: nginx
etag: W/"6059f661-94c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Thu, 25 May 2023 16:31:09 GMT

GET
H/1.1 200
OK sspp.js Show response
resources.adrequest.net/player/latest/ 253 KB
85 KB 106ms
89ms Script
application/javascript 91.224.242.15
INTERRACKS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.adrequest.net/player/latest/sspp.js

Requested by

Host: resources.adrequest.net
URL: https://resources.adrequest.net/scripts/festileaks.com.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

91.224.242.15 , Netherlands, ASN42093 (INTERRACKS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

eeedfd9404ebf11862c1c06b21162cbbb8a1c40b2ad18a76137a47fee0814349

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:31:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 24 Jan 2022 09:28:37 GMT
Server: nginx
ETag: W/"61ee7145-3f2c8"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Wed, 25 May 2022 16:31:08 GMT

GET
H/1.1 200
OK sspp.prebid6.10.0.js Show response
resources.adrequest.net/prebid/ 220 KB
80 KB 205ms
98ms Script
application/javascript 91.224.242.15
INTERRACKS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.adrequest.net/prebid/sspp.prebid6.10.0.js

Requested by

Host: resources.adrequest.net
URL: https://resources.adrequest.net/scripts/festileaks.com.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

91.224.242.15 , Netherlands, ASN42093 (INTERRACKS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

10af9b7e04c1c83b6d8bf2b00d0cfa2a5cd7c0ad7d02fb449fac19a38a8b12d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:31:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 09 Feb 2022 11:30:09 GMT
Server: nginx
ETag: W/"6203a5c1-36feb"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Wed, 25 May 2022 16:31:09 GMT

GET
H/1.1 200
OK sm-6022606566e96 Show response
feeds.adrequest.net/api/prebid/ 6 KB
2 KB 698ms
56ms XHR
application/json 91.224.242.17
INTERRACKS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://feeds.adrequest.net/api/prebid/sm-6022606566e96

Requested by

Host: resources.adrequest.net
URL: https://resources.adrequest.net/scripts/festileaks.com.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

91.224.242.17 , Netherlands, ASN42093 (INTERRACKS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

73bb8fd1e325eef56403ccaaa4a2e2937e062d0530deda9863782b200b3f0804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:31:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, Origin
Transfer-Encoding: chunked
X-RateLimit-Remaining: 59
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Server: nginx
X-Frame-Options: SAMEORIGIN
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://forum.festileaks.com
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
X-RateLimit-Limit: 60
Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With
X-Content-Type-Options: nosniff

GET
H2 200 AGSKWxX3kHH-EhgLXqy8Gnpw7LM2w1r5sQ8q0lImVir0_5qVF9kbrYdplJKusY_O27qpPfcNSCmJM2M24osXOO7YwoQ= Show response
fundingchoicesmessages.google.com/f/ 93 KB
33 KB 689ms
78ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX3kHH-EhgLXqy8Gnpw7LM2w1r5sQ8q0lImVir0_5qVF9kbrYdplJKusY_O27qpPfcNSCmJM2M24osXOO7YwoQ=

Requested by

Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2690fdc6622463a1120289c4bb6cdca939d326b395ffd84a93c95a99865cbcb6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5E9I0k_-CP9WXHdV6N03Vg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-5E9I0k_-CP9WXHdV6N03Vg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-5E9I0k_-CP9WXHdV6N03Vg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-5E9I0k_-CP9WXHdV6N03Vg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
date: Wed, 25 May 2022 16:31:10 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 176 KB
61 KB 655ms
45ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TH5RJSX

Requested by

Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4252b9bd0ca5d7be35fbe99a675563040de1a8606c0c11ea0c1251a70fd45dd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62284
x-xss-protection: 0
last-modified: Wed, 25 May 2022 16:06:54 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 25 May 2022 16:31:10 GMT

GET
H2 200 47a225948528c2c017b73af26e0f7137
secure.gravatar.com/avatar/ 36 KB
36 KB 117ms
13ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/47a225948528c2c017b73af26e0f7137?s=192
Requested by: Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 460037b31250d5410c909ac7bb553b4de2dcbcbc52a9f7699a7fcf2afc2e6461

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Wed, 25 May 2022 16:31:10 GMT
last-modified: Mon, 07 Sep 2020 13:46:28 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="47a225948528c2c017b73af26e0f7137.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/47a225948528c2c017b73af26e0f7137?s=192>; rel="canonical"
content-length: 36989
expires: Wed, 25 May 2022 16:36:10 GMT

GET
H2 200 about Show response
forum.festileaks.com/members/online-casino-nederland.41364/ 1 KB
838 B 74ms
37ms XHR
application/json 5.157.87.144
CLDIN-NL Total We...

General

Check archive.org

Show headers Download Go to

Full URL

https://forum.festileaks.com/members/online-casino-nederland.41364/about?_xfRequestUri=%2Fmembers%2Fonline-casino-nederland.41364%2F&_xfWithData=1&_xfToken=1653496269%2Ca1b4cfea8f62551dcc3b875cebf28f9d&_xfResponseType=json

Requested by

Host: forum.festileaks.com
URL: https://forum.festileaks.com/js/vendor/jquery/jquery-3.5.1.min.js?_v=2e74f03f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.157.87.144 , Netherlands, ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL),

Reverse DNS

vps-b5231.firstfind.nl

Software

nginx /

Resource Hash

5ebd3e09e85bba0efa38f6e93cce1c628184937ba49387def07667f3f4991a3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://forum.festileaks.com/members/online-casino-nederland.41364/
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 25 May 2022 16:31:10 GMT
server: nginx
x-frame-options: SAMEORIGIN
x-cache: not cached
content-type: application/json; charset=utf-8
cache-control: private, no-cache, max-age=0
vary: Accept-Encoding
content-length: 566
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 pubads_impl_2022052301.js Show response
securepubads.g.doubleclick.net/gpt/ 365 KB
124 KB 120ms
34ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052301.js?cb=31067762

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

ff001b4fea7547936382d86aa800d19d3e42028007fc40326ee9c96fd7bb244d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 19:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76813
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126527
x-xss-protection: 0
last-modified: Mon, 23 May 2022 08:37:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 24 May 2023 19:10:57 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 125 B
740 B 124ms
44ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=forum.festileaks.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e80a6b4b666563841ab840a29d19a5ed27166c62c072d1f0df31321e3aed64f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 16:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
expires: Wed, 25 May 2022 16:31:10 GMT

POST
H3 204 AGSKWxXUQNHMNmE55OYQlA9zlqC9xS-FBAaO1QzfJ2n9dZ6zJzTFrTlYYMhV7hpkqmsRlFguzS1DA6miiJ1-PZYnvm4= Show response
fundingchoicesmessages.google.com/el/ 0
29 B 147ms
58ms XHR
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXUQNHMNmE55OYQlA9zlqC9xS-FBAaO1QzfJ2n9dZ6zJzTFrTlYYMhV7hpkqmsRlFguzS1DA6miiJ1-PZYnvm4=?pvid=9DF587E5-D771-484E-BA51-0C2DE5FCDC4B&anonid=4725B388-C254-4BDA-85B7-B1D146127590

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.Eah8cQf-CHo.es5.O/d=1/rs=AJlcJMzqF0iVskCpwsc67lP7h0rjB4gITA/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SXK7SZPsP3O2SaXQ5Abw1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-SXK7SZPsP3O2SaXQ5Abw1w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://forum.festileaks.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 25 May 2022 16:31:11 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://forum.festileaks.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-SXK7SZPsP3O2SaXQ5Abw1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-SXK7SZPsP3O2SaXQ5Abw1w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxWqCLeCTPjGqY4LZsrUMS_oo1UHb8sD5FJnMVLjcm_k6i5Sbql-6s6XOLfxp-Gd84tVv-Ipd1TKp0buOWIJ4Ig= Show response
fundingchoicesmessages.google.com/f/ 273 KB
55 KB 90ms
89ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWqCLeCTPjGqY4LZsrUMS_oo1UHb8sD5FJnMVLjcm_k6i5Sbql-6s6XOLfxp-Gd84tVv-Ipd1TKp0buOWIJ4Ig=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjUzNDk2MjcwLDk2MzAwMDAwMF0sIjlERjU4N0U1LUQ3NzEtNDg0RS1CQTUxLTBDMkRFNUZDREM0QiIsIjQ3MjVCMzg4LUMyNTQtNEJEQS04NUI3LUIxRDE0NjEyNzU5MCIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2ZvcnVtLmZlc3RpbGVha3MuY29tL21lbWJlcnMvb25saW5lLWNhc2luby1uZWRlcmxhbmQuNDEzNjQvIixudWxsLFtdXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abe90b6279c35c6633c0a1a5853d5eb79f7ac0ff427597996698860bea1f726d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Zn4Rzf1i2tYrJk1kI2Pd7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Zn4Rzf1i2tYrJk1kI2Pd7w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-Zn4Rzf1i2tYrJk1kI2Pd7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Zn4Rzf1i2tYrJk1kI2Pd7w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
date: Wed, 25 May 2022 16:31:11 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
68 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H1GQCMWBQ8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TH5RJSX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c6f9a8f76b8e088372777f8cec3c44c2e3f3dd874f44581103b697f22d12df56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:11 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69497
x-xss-protection: 0
expires: Wed, 25 May 2022 16:31:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 82ms
59ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TH5RJSX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 723
date: Wed, 25 May 2022 16:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 25 May 2022 18:19:08 GMT

GET
H2 200 hotjar-2908695.js Show response
static.hotjar.com/c/ 4 KB
2 KB 181ms
74ms Script
application/javascript 108.157.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2908695.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TH5RJSX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-21.dus51.r.cloudfront.net

Software

Resource Hash

5bf834b967a994e6053529d48691c1aaebae0e5248aa4a31f7ac77e73c22af4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:11 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: DUS51-P2
etag: W/2d0a31e51be9977baf88fe5f28a16947
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: k_tmh_WxCn7ta_z4BKubjtNbCU07gUcagcJZ-xcANzpBqXNTHfB1kg==
via: 1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 48ms
48ms Ping
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-H1GQCMWBQ8&gtm=2oe5n0&_p=1489849821&_z=ccd.NNB&cid=1890978990.1653496271&ul=en-us&sr=1600x1200&_s=1&sid=1653496270&sct=1&seg=0&dl=https%3A%2F%2Fforum.festileaks.com%2Fmembers%2Fonline-casino-nederland.41364%2F&dt=Online%20Casino%20Nederland%20%7C%20Festileaks%20Festival%20Forum&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H1GQCMWBQ8&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:31:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://forum.festileaks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-24751788-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 723
date: Wed, 25 May 2022 16:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 25 May 2022 18:19:08 GMT

GET
H3 200 css
fonts.googleapis.com/ 60 KB
4 KB 125ms
51ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.nl.Y1JK6hQ3rEI.es5.O/d=1/rs=AJlcJMzBVW80OyrfaBcLUPRK53v0OUP8aw/m=iabtcfv2wallscript

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f230a444e08c75e1ef387df50bb23b6cc0a63386bed85918c3d6e5b88d5c09d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 25 May 2022 16:31:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 25 May 2022 16:31:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 May 2022 16:31:11 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 42ms
42ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1489849821&t=pageview&_s=1&dl=https%3A%2F%2Fforum.festileaks.com%2Fmembers%2Fonline-casino-nederland.41364%2F&ul=en-us&de=UTF-8&dt=Online%20Casino%20Nederland%20%7C%20Festileaks%20Festival%20Forum&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=973701681&gjid=994665654&cid=1890978990.1653496271&tid=UA-24751788-1&_gid=1424330570.1653496271&_r=1&gtm=2wg5n0TH5RJSX&z=1283694103

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://forum.festileaks.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:31:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://forum.festileaks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 43ms
41ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1489849821&t=pageview&_s=1&dl=https%3A%2F%2Fforum.festileaks.com%2Fmembers%2Fonline-casino-nederland.41364%2F&ul=en-us&de=UTF-8&dt=Online%20Casino%20Nederland%20%7C%20Festileaks%20Festival%20Forum&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=2105436978&gjid=1748931261&cid=1890978990.1653496271&tid=UA-24751788-1&_gid=1424330570.1653496271&_r=1&gtm=2ou5n0&z=610720322

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://forum.festileaks.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:31:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://forum.festileaks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVUHd3JXDJJfDQ_Mf_IJVxdspFRfDOx965QI8besL81lYRT3OsfyNRj8Ct8eMzhsDF6O7lqxdzrUfef1bN08gsjAjIQT77luUhL5WrKCGoQj_1yTAYKEXwJyfVR46d8buwq6KyRFperXtBTT59tcBR5t-vzgZqbQpsG0gKCp0zVSegLKzuLYq1-vMTv Show response
fundingchoicesmessages.google.com/el/ 0
29 B 49ms
49ms XHR
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVUHd3JXDJJfDQ_Mf_IJVxdspFRfDOx965QI8besL81lYRT3OsfyNRj8Ct8eMzhsDF6O7lqxdzrUfef1bN08gsjAjIQT77luUhL5WrKCGoQj_1yTAYKEXwJyfVR46d8buwq6KyRFperXtBTT59tcBR5t-vzgZqbQpsG0gKCp0zVSegLKzuLYq1-vMTv?dmid=913dd1d6d7ae46e

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qdcIRK2o_SFED8R4T28Vkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-qdcIRK2o_SFED8R4T28Vkw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://forum.festileaks.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 25 May 2022 16:31:11 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://forum.festileaks.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qdcIRK2o_SFED8R4T28Vkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-qdcIRK2o_SFED8R4T28Vkw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 118ms
34ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-24751788-1&cid=1890978990.1653496271&jid=973701681&gjid=994665654&_gid=1424330570.1653496271&_u=YADAAEAAAAAAAC~&z=800221022

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://forum.festileaks.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 25 May 2022 16:31:11 GMT
content-type: text/plain
access-control-allow-origin: https://forum.festileaks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v129/ 124 KB
125 KB 121ms
34ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v129/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d8fbe04b63d3e31f3316706bf9ee8ad684beb9e85739d793e49013b99bd9bb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://forum.festileaks.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 20:01:17 GMT
x-content-type-options: nosniff
age: 73794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127244
x-xss-protection: 0
last-modified: Tue, 24 May 2022 18:27:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 20:01:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 148ms
73ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://forum.festileaks.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 163396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 19:07:55 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 156ms
132ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://forum.festileaks.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 12:16:38 GMT
x-content-type-options: nosniff
age: 188073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 12:16:38 GMT

GET
H2 200 modules.7a321ecb93fde9f07226.js Show response
script.hotjar.com/ 243 KB
63 KB 140ms
44ms Script
application/javascript 108.157.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7a321ecb93fde9f07226.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2908695.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-122.dus51.r.cloudfront.net

Software

Resource Hash

ee667207ac60603f3c61f3b703583aace2b20211971808fa86f4e4c93619d958

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103504
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63914
access-control-allow-origin: *
last-modified: Tue, 24 May 2022 11:46:00 GMT
etag: "913be037dec49b596e1cf5ff932a2a6e"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: ABEp45KGKZxJv5LLI4y6JKde0b8f3JeIilETY17lz-bttclPc9T08Q==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 44ms
43ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-24751788-1&cid=1890978990.1653496271&jid=2105436978&gjid=1748931261&_gid=1424330570.1653496271&_u=YADAAUABAAAAAC~&z=1279086770

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://forum.festileaks.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 25 May 2022 16:31:11 GMT
content-type: text/plain
access-control-allow-origin: https://forum.festileaks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 139ms
60ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-24751788-1&cid=1890978990.1653496271&jid=973701681&_u=YADAAEAAAAAAAC~&z=1267098558

Requested by

Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:31:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
501 B 135ms
56ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-24751788-1&cid=1890978990.1653496271&jid=973701681&_u=YADAAEAAAAAAAC~&z=1267098558

Requested by

Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:31:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 122ms
60ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-24751788-1&cid=1890978990.1653496271&jid=2105436978&_u=YADAAUABAAAAAC~&z=2035810234

Requested by

Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:31:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 120ms
59ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-24751788-1&cid=1890978990.1653496271&jid=2105436978&_u=YADAAUABAAAAAC~&z=2035810234

Requested by

Host: forum.festileaks.com
URL: https://forum.festileaks.com/members/online-casino-nederland.41364/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:31:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-4924254a9ce4dc9b959b6e4a9b662d60.html Show response
vars.hotjar.com/ Frame 17C8 2 KB
1 KB 132ms
36ms Document
text/html 108.157.4.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2908695.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-102.dus51.r.cloudfront.net
Software: /
Resource Hash: 67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9

Request headers

Referer: https://forum.festileaks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 3649325
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Apr 2022 10:49:06 GMT
etag: "1635635016e428baa170305e9282c34a"
last-modified: Wed, 13 Apr 2022 10:48:29 GMT
vary: Accept-Encoding
via: 1.1 6eb77e673c2aa566dbadbc817458b976.cloudfront.net (CloudFront)
x-amz-cf-id: 92ARNeDI6W5bTc8PRnxv4mDf3T9G5UFq24kpakdedmssYlB6DyAnmQ==
x-amz-cf-pop: DUS51-P2
x-cache: Hit from cloudfront
x-robots-tag: none

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2908695/ 147 B
322 B 150ms
46ms XHR
application/json 54.76.37.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2908695/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.7a321ecb93fde9f07226.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.37.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-37-156.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3e8e76a70b5ec0a97f60491364274ab39aebd8f949b6a310a174633b015d4738

Request headers

Referer: https://forum.festileaks.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 25 May 2022 16:31:11 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 2908695 Show response
vc.hotjar.io/sessions/ 0
255 B 478ms
209ms XHR
text/plain 52.85.247.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2908695?s=0.25&r=0.04662738047259385
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.7a321ecb93fde9f07226.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.247.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-247-60.ord51.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://forum.festileaks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:31:12 GMT
via: 1.1 428a2ed921cd3013591e242ee4178786.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: ORD51-C4
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: XCuogKTcr-PYhR3b_9hA29xpVB-0h4vuGJcjH0qIYjsMaraEET8t2g==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cmp.nextday.media
URL: https://cmp.nextday.media/cmp.ndmtag.bundle.js

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
forum.festileaks.com/	1969-12-31 23:59:59	Name: xf2_csrf Value: IBAq2R0Rk_1bF9Du
.festileaks.com/	1970-01-20 20:49:28	Name: _ga_H1GQCMWBQ8 Value: GS1.1.1653496270.1.0.1653496271.0
.festileaks.com/	1970-01-20 20:49:28	Name: _ga Value: GA1.2.1890978990.1653496271
.festileaks.com/	1970-01-20 03:19:42	Name: _gid Value: GA1.2.1424330570.1653496271
.festileaks.com/	1970-01-20 03:18:16	Name: _gat_UA-24751788-1 Value: 1
.festileaks.com/	1970-01-20 03:18:16	Name: _gat_gtag_UA_24751788_1 Value: 1
.festileaks.com/	1970-01-20 12:03:52	Name: _hjSessionUser_2908695 Value: eyJpZCI6ImE3MWUxM2Q3LWM1MzUtNTMwNC05YjdlLTcyMmUzMTFhYjNmNyIsImNyZWF0ZWQiOjE2NTM0OTYyNzE3MTksImV4aXN0aW5nIjpmYWxzZX0=
.festileaks.com/	1970-01-20 03:18:18	Name: _hjFirstSeen Value: 1
forum.festileaks.com/	1970-01-20 03:18:16	Name: _hjIncludedInSessionSample Value: 0
.festileaks.com/	1970-01-20 03:18:18	Name: _hjSession_2908695 Value: eyJpZCI6ImUwZGFjNjQ1LTY4MDMtNDM5Yi1iMWY3LTE1ZGE5NWVkZDhhYyIsImNyZWF0ZWQiOjE2NTM0OTYyNzE3NDYsImluU2FtcGxlIjpmYWxzZX0=
forum.festileaks.com/	1970-01-20 03:18:16	Name: _hjIncludedInPageviewSample Value: 1
.festileaks.com/	1970-01-20 03:18:18	Name: _hjAbsoluteSessionInProgress Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cmp.nextday.media/cmp.ndmtag.bundle.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://forum.festileaks.com/lazy-load.min.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cmp.nextday.media
feeds.adrequest.net
festileaks.com
fonts.googleapis.com
fonts.gstatic.com
forum.festileaks.com
fundingchoicesmessages.google.com
in.hotjar.com
resources.adrequest.net
script.hotjar.com
secure.gravatar.com
securepubads.g.doubleclick.net
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
vc.hotjar.io
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.googletagservices.com
cmp.nextday.media
108.157.4.102
108.157.4.122
108.157.4.21
142.250.185.226
2a00:1450:4001:801::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2004
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c08::9c
2a04:fa87:fffe::c000:4902
5.157.87.144
52.85.247.60
54.76.37.156
91.224.242.15
91.224.242.17
03e9903204561f2a2bdc85b768de9cebb2a59d97513c8e41fe32f250dc144294
0682e25804d75ee67c4be9254e80883e3ee2df63c57dac331fc3e38c255c83eb
0740cfa18f7a531068226a5942c41a8f0624789cd2cb46597a7ca0259752295a
07bc57e035505f4e21fbca448d989e90d8945eeda2bf78d921492c729a709a71
0a0221cd6bc510b3b879d264d90aa5f03c88cfb5202b58d5757d6e320a62a3cf
10af9b7e04c1c83b6d8bf2b00d0cfa2a5cd7c0ad7d02fb449fac19a38a8b12d1
1193e835baf1666d6e589dc3bfee84e7482c8a7536c35883d10cc11abd134604
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
12a4495dcf4f799da379ec9caf3cfd5fbc675b6228d9ce5dc00eed49bfb5128c
2690fdc6622463a1120289c4bb6cdca939d326b395ffd84a93c95a99865cbcb6
2d8fbe04b63d3e31f3316706bf9ee8ad684beb9e85739d793e49013b99bd9bb2
2f274476eadd5bd8c51a3609df13ad472202bbc83398474399adbda6f7e2543a
34845bb6344cdad5b3e15a37bcfee67bde497cdf5805d31c952c35a92b630e67
3b137d3cf2f19f06c81e624265c17910d52ea2c73ed522ed1c08215dbf5249e1
3bb0e231fc7fd3a5401b3159990a4718a2257c594cdba910d15b47a80f27ead3
3e8e76a70b5ec0a97f60491364274ab39aebd8f949b6a310a174633b015d4738
4252b9bd0ca5d7be35fbe99a675563040de1a8606c0c11ea0c1251a70fd45dd8
460037b31250d5410c909ac7bb553b4de2dcbcbc52a9f7699a7fcf2afc2e6461
4b7fb9af94daa4c004cca7dcdc0142d75c7924c88b3b9249c3fa846bb8937eef
4ca5c394b025a327b799f80fb140f4702eac4838bbcbf6d19c1c3c27dcfa26a0
555e7d6143a698dfd9bb91775419f620dbcfb6b44d3a1a23f85d1094ddf84159
57048bbc62b788fb4f1b68f8db933924e061d6b3b5dd445c3c9e88a8e8882096
590cc18e3930c115690a4324b121b446a28761f33cc508f4ec900963963960a2
5bf834b967a994e6053529d48691c1aaebae0e5248aa4a31f7ac77e73c22af4f
5ebd3e09e85bba0efa38f6e93cce1c628184937ba49387def07667f3f4991a3b
67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9
73bb8fd1e325eef56403ccaaa4a2e2937e062d0530deda9863782b200b3f0804
76f43d1677e854d0a99af07594a5e7646263159f320b078d18c914f77531958a
7e5c23918762997e2851f5ca38481431503c5a7036e19a128035804a935c0e4e
844723d288a84c14a3f75ff2db1463fca5b4c4c710e3cc3a111624ed959665d9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3e4a88444af4b36d4346b0d279af5cc7c0cb6e648e13cf71b289b7c25cbcc3a
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a97392a02775136f7fcda1786540414e4a6595f79c49dc1bc9c790f472a9a9f3
abaa372b94de7240fc0834dbe48ab3f3b9613d901230ef32c3e69153dbc002f8
abe90b6279c35c6633c0a1a5853d5eb79f7ac0ff427597996698860bea1f726d
b48fc223d524430ef86336e524ca8b95b74927ca840abc04a0407b58e5905823
c6f9a8f76b8e088372777f8cec3c44c2e3f3dd874f44581103b697f22d12df56
cd5051d15ab5051e0cbd9414ebd4327bf42bcbe0ba0b528b27835c14bb43c7cf
d4e14fe027197ebdbd6e9ab1f0d963379e4851fdbe85225acf84ef2f1f67558d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e80a6b4b666563841ab840a29d19a5ed27166c62c072d1f0df31321e3aed64f9
ed8b4cd5a74b5679ce93169e6d951698a7c7b8a7aeebf9a3ed071aa9e7b24a10
ee667207ac60603f3c61f3b703583aace2b20211971808fa86f4e4c93619d958
eeedfd9404ebf11862c1c06b21162cbbb8a1c40b2ad18a76137a47fee0814349
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f230a444e08c75e1ef387df50bb23b6cc0a63386bed85918c3d6e5b88d5c09d5
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f985c5f236e82d857e6411718352aa8c4523f747dbb15c1f9f170b91af85c5bc
ff001b4fea7547936382d86aa800d19d3e42028007fc40326ee9c96fd7bb244d

forum.festileaks.com Open in urlscan Pro 5.157.87.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

63 Requests

98 %HTTPS

50 %IPv6

14 Domains

21 Subdomains

19 IPs

5 Countries

1662 kBTransfer

3999 kBSize

12 Cookies

21 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

forum.festileaks.com Open in urlscan Pro
5.157.87.144 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

98 %
HTTPS

50 %
IPv6

14
Domains

21
Subdomains

19
IPs

5
Countries

1662 kB
Transfer

3999 kB
Size

12
Cookies

63 HTTP transactions
0 data transactions