Host 185.144.225.9
The Netherlands
Previder B.V.
  • GraphQL introspection is enabled.
    First seen 2025-12-26 07:52
    Last seen 2026-02-01 17:35
    Open for 37 days

    • Severity: medium
      Fingerprint: c2db3a1c40d490db1a0bbaa3963a6961657aa9a37a33ccc77916daa3538955cb

      GraphQL introspection enabled at /graphql
Types: 65 (by kind: ENUM: 14, INPUT_OBJECT: 21, OBJECT: 24, SCALAR: 6)
Operations:
- Query: Query | fields: getApiKey, getApiKeys, getAsset, getOrder, getOrders
- Mutation: Mutation | fields: createApiKey, createOrder, deleteApiKey, planOrder, updateApiKey
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
      Found on 2026-02-01 17:35
      70.7 kBytes
    Create report
  • GraphQL introspection is enabled.
    First seen 2025-11-11 05:00
    Last seen 2026-01-01 22:12
    Open for 51 days

    • Severity: medium
      Fingerprint: c2db3a1c40d490db2337d3d62337d3d62337d3d62337d3d62337d3d62337d3d6

      GraphQL introspection enabled at /api/graphql
      Found on 2026-01-01 22:12

    • Severity: high
      Fingerprint: c2db3a1c40d490db2337d3d644fafe67cc659655b9ec58338ad9a2f2c3239bdd

      GraphQL introspection enabled at /api/graphql
Types: 3367 (by kind: ENUM: 74, INPUT_OBJECT: 322, OBJECT: 2952, SCALAR: 8, UNION: 11)
Operations:
- Query: Query | fields: User, Users, countUsers, docAccessUser, meUser
- Mutation: Mutation | fields: createUser, deleteUser, logoutUser, refreshTokenUser, updateUser
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 10
Users (args: optional/default) : limit=10 page=1 pagingCounter=1 hasNextPage=false hasPrevPage=false
countUsers (args: optional/default) : totalDocs=2
ProductTypes (args: optional/default) : page=1 pagingCounter=1 hasNextPage=false hasPrevPage=false limit=10
countProductTypes (args: optional/default) : totalDocs=6
Categories (args: optional/default) : limit=10 page=1 pagingCounter=1 hasNextPage=false hasPrevPage=false
countCategories (args: optional/default) : totalDocs=6
Products (args: optional/default) : hasNextPage=true hasPrevPage=false limit=10 nextPage=2 page=1 pagingCounter=1
countProducts (args: optional/default) : totalDocs=305
PriceRules (args: optional/default) : hasNextPage=true hasPrevPage=false limit=10 nextPage=2 page=1 pagingCounter=1
countPriceRules (args: optional/default) : totalDocs=29
      Found on 2025-11-11 05:00
      2.1 MBytes 32 rows
    Create report
  • GraphQL introspection is enabled.
    First seen 2025-11-25 08:18
    Last seen 2025-12-24 04:44
    Open for 28 days

    • Severity: medium
      Fingerprint: c2db3a1c40d490db2337d3d62337d3d62337d3d62337d3d62337d3d62337d3d6

      GraphQL introspection enabled at /api/graphql
      Found on 2025-12-24 04:44

    • Severity: medium
      Fingerprint: c2db3a1c40d490db2337d3d65c96a4b849508f5c3048818ca26f843f819931e7

      GraphQL introspection enabled at /api/graphql
Types: 2762 (by kind: ENUM: 39, INPUT_OBJECT: 277, OBJECT: 2422, SCALAR: 8, UNION: 16)
Operations:
- Query: Query | fields: User, Users, countUsers, docAccessUser, meUser
- Mutation: Mutation | fields: createUser, deleteUser, logoutUser, refreshTokenUser, updateUser
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
      Found on 2025-11-25 08:18
      1.7 MBytes
    Create report
  • GraphQL introspection is enabled.
    First seen 2025-12-07 09:34
    Last seen 2025-12-24 04:18
    Open for 16 days

    • Severity: medium
      Fingerprint: c2db3a1c40d490db1a0bbaa3fe501f0dcbb2b42f1450e9dd135fff742a265094

      GraphQL introspection enabled at /graphql
Types: 108 (by kind: ENUM: 28, INPUT_OBJECT: 38, OBJECT: 35, SCALAR: 7)
Operations:
- Query: Query | fields: appGetActivities, appGetActivity, appGetProvider, appGetProviders, appGetRelatedActivities
- Mutation: Mutation | fields: appCreateActivitySignup, appRegisterProvider, bulkActionActivities, createActivity, updateActivity
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
      Found on 2025-12-24 04:18
      140.7 kBytes
    Create report
  • GraphQL introspection is enabled.
    First seen 2025-12-19 19:38
    Last seen 2025-12-23 00:17
    Open for 3 days
    Create report
  • MacOS file listing through .DS_Store file
    First seen 2025-11-24 13:38
    Last seen 2025-12-18 15:32
    Open for 24 days

    • Severity: high
      Fingerprint: 5f32cf5d6962f09cccdd54a0ccdd54a045a029b6d46c00b0f50236eff230fd4c

      Found 13 files trough .DS_Store spidering:

/wp-content
/wp-content/languages
/wp-content/plugins
/wp-content/plugins/theme-my-login
/wp-content/plugins/tml-redirection
/wp-content/themes
/wp-content/themes/index.php
/wp-content/themes/pinkpop
/wp-content/themes/pinkpop/fonts
/wp-content/themes/pinkpop/images
/wp-content/themes/pinkpop/includes
/wp-content/upgrade
/wp-content/upgrade-temp-backup
      Found on 2025-12-18 15:32

    • Severity: high
      Fingerprint: 5f32cf5d6962f09cec7f8772ec7f8772e264d2ecd052a2be0a90a0a97f19eda1

      Found 11 files trough .DS_Store spidering:

/wp-content
/wp-content/languages
/wp-content/plugins
/wp-content/plugins/theme-my-login
/wp-content/plugins/tml-redirection
/wp-content/themes
/wp-content/themes/index.php
/wp-content/themes/pinkpop
/wp-content/themes/pinkpop/images
/wp-content/upgrade
/wp-content/upgrade-temp-backup
      Found on 2025-11-28 14:17
    Create report
  • Swagger API description is publicly available
    First seen 2025-10-19 10:27
    Last seen 2025-12-16 09:31
    Open for 57 days
    Create report
  • GraphQL introspection is enabled.
    First seen 2025-10-19 10:27
    Last seen 2025-12-16 09:31
    Open for 57 days

    • Severity: medium
      Fingerprint: c2db3a1c40d490db1a0bbaa394bab0c50d3a23072cc256b4db0b7de58f9b4ec6

      GraphQL introspection enabled at /graphql
Types: 94 (by kind: ENUM: 9, INPUT_OBJECT: 24, INTERFACE: 3, OBJECT: 46, SCALAR: 12)
Operations:
- Query: Query | fields: getAsset, getContact, getDeal, getDealProduct, ping
- Mutation: Mutation | fields: createMeasurementFormItem, deleteMeasurementFormItem, finalizeMeasurementForm, signMeasurementForm, updateDeliverySlip
Directives: defer, deprecated, experimental_disableErrorPropagation, include, oneOf, skip, specifiedBy (total: 7)
      Found on 2025-12-16 09:31
      110.3 kBytes

    • Severity: medium
      Fingerprint: c2db3a1c40d490db1a0bbaa3cb2908d79644b5059248ee9ed66da337524dc67c

      GraphQL introspection enabled at /graphql
Types: 92 (by kind: ENUM: 9, INPUT_OBJECT: 23, INTERFACE: 3, OBJECT: 45, SCALAR: 12)
Operations:
- Query: Query | fields: getAsset, getContact, getDeal, getDealProduct, ping
- Mutation: Mutation | fields: createMeasurementFormItem, deleteMeasurementFormItem, finalizeMeasurementForm, signMeasurementForm, updateDeliverySlip
Directives: defer, deprecated, experimental_disableErrorPropagation, include, oneOf, skip, specifiedBy (total: 7)
      Found on 2025-10-30 20:46
      108.5 kBytes
    Create report
  • Git configuration and history exposed
    First seen 2023-07-11 07:16
    Last seen 2023-11-08 05:16
    Open for 119 days

    • Severity: critical
      Fingerprint: 2580fa947178c88c8f88f4f64b143e4f192660cba91884022e566c819f093115

      [init]
	defaultBranch = none
[fetch]
	recurseSubmodules = false
[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://gitlab-ci-token:64_7QzyXy-5_Zn6ByhnNcHF@vcs.code14.nl/code14/lento/lento-demo.git
	fetch = +refs/heads/*:refs/remotes/origin/*
      Found on 2023-11-08 05:16
      316 Bytes
    Create report
  • MacOS file listing through .DS_Store file
    First seen 2023-05-27 12:18
    Last seen 2023-05-27 12:18

    • Severity: low
      Fingerprint: 5f32cf5d6962f09cdc57c57adc57c57a3fae486eda0e106c1f3f2e02fc49a33d

      Found 19 files trough .DS_Store spidering:

/favicon.ico
/index.css
/index.html
/LICENSE
/oauth2-redirect.html
/swagger-initializer.js
/swagger-ui-bundle.js
/swagger-ui-bundle.js.map
/swagger-ui-es-bundle-core.js
/swagger-ui-es-bundle-core.js.map
/swagger-ui-es-bundle.js
/swagger-ui-es-bundle.js.map
/swagger-ui-standalone-preset.js
/swagger-ui-standalone-preset.js.map
/swagger-ui.css
/swagger-ui.css.map
/swagger-ui.js
/swagger-ui.js.map
/v1
      Found on 2023-05-27 12:18
    Create report

  • Open service 185.144.225.9:80 · spa.deburen.shockapp.io

    2026-01-26 14:34 

    HTTP/1.1 308 Permanent Redirect
date: Mon, 26 Jan 2026 14:34:04 GMT
content-type: text/html
content-length: 164
location: https://spa.deburen.shockapp.io
connection: close

Page title: 308 Permanent Redirect

<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
<hr><center>nginx</center>
</body>
</html>
    Found 2026-01-26 by HttpPlugin
    Create report

  • Open service 185.144.225.9:443 · a1pr4ktf.app.ondemand.shockapp.io

    2026-01-26 12:39 

    HTTP/1.1 200 OK
Date: Mon, 26 Jan 2026 12:39:29 GMT
Content-Type: text/html
Content-Length: 47
Connection: close
Last-Modified: Thu, 18 Sep 2025 14:40:06 GMT
ETag: "2f-63f1454457d80"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000; includeSubDomains


<h1>This application is not deployed yet.</h1>
    Found 2026-01-26 by HttpPlugin
    Create report

  • Open service 185.144.225.9:80 · a1pr4ktf.app.ondemand.shockapp.io

    2026-01-26 12:39 

    HTTP/1.1 308 Permanent Redirect
date: Mon, 26 Jan 2026 12:39:29 GMT
content-type: text/html
content-length: 164
location: https://a1pr4ktf.app.ondemand.shockapp.io
connection: close

Page title: 308 Permanent Redirect

<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
<hr><center>nginx</center>
</body>
</html>
    Found 2026-01-26 by HttpPlugin
    Create report

  • Open service 185.144.225.9:443 · mwddn6ao.app.ondemand.shockapp.io

    2026-01-26 12:27 

    HTTP/1.1 200 OK
Date: Mon, 26 Jan 2026 12:27:29 GMT
Content-Type: text/html
Content-Length: 47
Connection: close
Last-Modified: Thu, 18 Sep 2025 14:40:06 GMT
ETag: "2f-63f1454457d80"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000; includeSubDomains


<h1>This application is not deployed yet.</h1>
    Found 2026-01-26 by HttpPlugin
    Create report

  • Open service 185.144.225.9:80 · cs7809mw.app.ondemand.shockapp.io

    2026-01-26 11:27 

    HTTP/1.1 308 Permanent Redirect
date: Mon, 26 Jan 2026 11:27:44 GMT
content-type: text/html
content-length: 164
location: https://cs7809mw.app.ondemand.shockapp.io
connection: close

Page title: 308 Permanent Redirect

<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
<hr><center>nginx</center>
</body>
</html>
    Found 2026-01-26 by HttpPlugin
    Create report

  • Open service 185.144.225.9:443 · plantuml.kik-v-publicatieplatform.nl

    2026-01-26 03:00 

    HTTP/1.1 302 Found
Date: Mon, 26 Jan 2026 03:00:13 GMT
Content-Length: 0
Connection: close
Location: http://plantuml.kik-v-publicatieplatform.nl/uml/SyfFKj2rKt3CoKnELR1Io4ZDoSa70000
Strict-Transport-Security: max-age=31536000; includeSubDomains
    Found 2026-01-26 by HttpPlugin
    Create report

  • Open service 185.144.225.9:80 · www.yeslease.nl.wiredev.nl

    2026-01-25 10:24 

    HTTP/1.1 308 Permanent Redirect
date: Sun, 25 Jan 2026 10:24:40 GMT
content-type: text/html
content-length: 164
location: https://www.yeslease.nl.wiredev.nl
connection: close

Page title: 308 Permanent Redirect

<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
<hr><center>nginx</center>
</body>
</html>
    Found 2026-01-25 by HttpPlugin
    Create report

  • Open service 185.144.225.9:443 · www.werkenvoor.denhaag.nl

    2026-01-25 00:20 

    HTTP/1.1 301 Moved Permanently
Date: Sun, 25 Jan 2026 00:20:52 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: close
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Feature-Policy: geolocation 'self'
Permissions-Policy: geolocation=self
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' *.doubleclick.net *.cookiebot.com *.facebook.net *.licdn.com *.piwik.pro *.salesforce-sites.com *.google.com *.googleapis.com *.googletagmanager.com *.google-analytics.com; style-src 'report-sample' 'self' 'unsafe-inline' *.salesforce-sites.com *.gstatic.com; object-src 'none'; base-uri 'self'; connect-src 'self' *.googlesyndication.com *.cookiebot.com *.google.com *.linkedin.com *.salesforce-sites.com *.piwik.pro *.googleapis.com *.google-analytics.com *.doubleclick.net; font-src 'self' data:; frame-src 'self' *.doubleclick.net *.cookiebot.com *.salesforce-sites.com *.youtube-nocookie.com; img-src 'self' data: *.cookiebot.com *.googletagmanager.com *.facebook.com *.linkedin.com *.toegankelijkheidsverklaring.nl *.salesforce-sites.com *.gstatic.com *.gravatar.com *.google.com *.google.nl *.gstatic.com *.youtube-nocookie.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
X-Powered-By: PHP/8.0.30
X-Redirect-By: WordPress
Location: https://werkenvoor.denhaag.nl/
    Found 2026-01-25 by HttpPlugin
    Create report

  • Open service 185.144.225.9:443 · demo.daas.tribe.test.test-k8s.tribeagency.nl

    2026-01-23 08:52 

    HTTP/1.1 200 OK
Date: Fri, 23 Jan 2026 08:52:53 GMT
Content-Type: text/html
Content-Length: 520
Connection: close
Last-Modified: Tue, 16 Dec 2025 10:40:11 GMT
ETag: "6941370b-208"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Access-Control-Max-Age: 1728000

Page title: KIK-V Datastation

<!doctype html>
<html lang="en">
  <head>
    <meta charset="UTF-8" />
    <link rel="icon" type="image/svg+xml" href="/favicon.ico" />
    <link rel="stylesheet" href="/theme/kikv.css" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <title>KIK-V Datastation</title>
    <script type="module" crossorigin src="/assets/index-CJTIasIY.js"></script>
    <link rel="stylesheet" crossorigin href="/assets/index-DlF64BGj.css">
  </head>
  <body>
    <div id="root"></div>
  </body>
</html>
    Found 2026-01-23 by HttpPlugin
    Create report

  • Open service 185.144.225.9:80 · cms.samenstellen.kozien.nl

    2026-01-23 08:07 

    HTTP/1.1 308 Permanent Redirect
date: Fri, 23 Jan 2026 08:07:27 GMT
content-type: text/html
content-length: 164
location: https://cms.samenstellen.kozien.nl
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
connection: close

Page title: 308 Permanent Redirect

<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
<hr><center>nginx</center>
</body>
</html>
    Found 2026-01-23 by HttpPlugin
    Create report

  • Open service 185.144.225.9:443 · api.kik-v-credentialsplatform.nl

    2026-01-23 05:17 

    HTTP/1.1 404 Not Found
Date: Fri, 23 Jan 2026 05:17:25 GMT
Content-Type: application/json
Content-Length: 118
Connection: close
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: DENY
X-XSS-Protection: 0
Referrer-Policy: no-referrer


{"timestamp":"2026-01-23T05:17:25.449+00:00","path":"/","status":404,"error":"Not Found","requestId":"76422876-25264"}
    Found 2026-01-23 by HttpPlugin
    Create report

  • Open service 185.144.225.9:443 · acceptatie.kik-v-credentialsplatform.nl

    2026-01-23 01:52 

    HTTP/1.1 200 OK
Date: Fri, 23 Jan 2026 01:52:02 GMT
Content-Type: text/html
Content-Length: 670
Connection: close
Last-Modified: Tue, 13 Jan 2026 12:19:51 GMT
ETag: "69663867-29e"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Access-Control-Max-Age: 1728000

Page title: KIK-V - Credentialsplatform

<!doctype html>
<html lang="en">
    <head>
        <meta charset="utf-8" />
        <link rel="icon" href="/favicon.ico" />
        <meta name="viewport" content="width=device-width, initial-scale=1" />
        <meta name="theme-color" content="#000000" />
        <link rel="manifest" href="/manifest.json" />
        <title>KIK-V - Credentialsplatform</title>
      <script type="module" crossorigin src="/assets/index-B7xWy-om.js"></script>
      <link rel="stylesheet" crossorigin href="/assets/index-dbVBNbY8.css">
    </head>
    <body>
        <noscript>You need to enable JavaScript to run this app.</noscript>
        <div id="root"></div>
    </body>
</html>
    Found 2026-01-23 by HttpPlugin
    Create report

  • Open service 185.144.225.9:443 · widoco.acceptatie.kik-v-credentialsplatform.nl

    2026-01-23 01:51 

    HTTP/1.1 200 OK
Date: Fri, 23 Jan 2026 01:51:12 GMT
Content-Type: text/html
Content-Length: 5
Connection: close
Last-Modified: Wed, 22 Jan 2025 10:45:50 GMT
ETag: "6790cc5e-5"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000; includeSubDomains


test
    Found 2026-01-23 by HttpPlugin
    Create report

  • Open service 185.144.225.9:443 · api.acceptatie.kik-v-credentialsplatform.nl

    2026-01-23 01:49 

    HTTP/1.1 404 Not Found
Date: Fri, 23 Jan 2026 01:49:47 GMT
Content-Type: application/json
Content-Length: 118
Connection: close
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: DENY
X-XSS-Protection: 0
Referrer-Policy: no-referrer


{"timestamp":"2026-01-23T01:49:47.346+00:00","path":"/","status":404,"error":"Not Found","requestId":"a64eb348-24786"}
    Found 2026-01-23 by HttpPlugin
    Create report

  • Open service 185.144.225.9:80 · api.daas.tribe.test.test-k8s.tribeagency.nl

    2026-01-22 07:24 

    HTTP/1.1 308 Permanent Redirect
date: Thu, 22 Jan 2026 07:24:37 GMT
content-type: text/html
content-length: 164
location: https://api.daas.tribe.test.test-k8s.tribeagency.nl
connection: close

Page title: 308 Permanent Redirect

<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
<hr><center>nginx</center>
</body>
</html>
    Found 2026-01-22 by HttpPlugin
    Create report

  • Open service 185.144.225.9:443 · api.daas.tribe.test.test-k8s.tribeagency.nl

    2026-01-22 07:24 

    HTTP/1.1 404 Not Found
Date: Thu, 22 Jan 2026 07:24:38 GMT
Content-Type: application/json
Content-Length: 118
Connection: close
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: DENY
X-XSS-Protection: 0
Referrer-Policy: no-referrer


{"timestamp":"2026-01-22T07:24:38.790+00:00","path":"/","status":404,"error":"Not Found","requestId":"e1dad307-31947"}
    Found 2026-01-22 by HttpPlugin
    Create report

  • Open service 185.144.225.9:80 · drs6omp8.app.shared.shockapp.io

    2026-01-12 11:06 

    HTTP/1.1 308 Permanent Redirect
date: Mon, 12 Jan 2026 11:06:33 GMT
content-type: text/html
content-length: 164
location: https://drs6omp8.app.shared.shockapp.io
connection: close

Page title: 308 Permanent Redirect

<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
<hr><center>nginx</center>
</body>
</html>
    Found 2026-01-12 by HttpPlugin
    Create report

  • Open service 185.144.225.9:443 · visavionline.witty.bespeak.acc.test-k8s.tribeagency.nl

    2026-01-12 08:26 

    HTTP/1.1 200 OK
Date: Mon, 12 Jan 2026 08:26:51 GMT
Content-Type: text/html
Content-Length: 2716
Connection: close
Last-Modified: Mon, 05 Jan 2026 09:17:12 GMT
ETag: "695b8198-a9c"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Access-Control-Max-Age: 1728000


<!doctype html>
<html lang="nl" data-loaded="false">
    <head>
        <meta charset="utf-8" />
        <link
            rel="icon"
            type="image/x-icon"
            href="/favicon.ico"
            sizes="16x16"
        />
        <link
            rel="icon"
            type="image/png"
            href="/static/images/favicon-32x32.png"
            sizes="32x32"
        />
        <link
            rel="icon"
            type="image/png"
            href="/static/images/favicon-16x16.png"
            sizes="16x16"
        />
        <meta name="viewport" content="width=device-width, initial-scale=1" />
        <meta name="theme-color" content="#BD285F" />
        <meta name="description" content="Witty" />
        <style>
            #loader {
                position: fixed;
                place-items: center;
                align-content: center;
                width: 100px;
                height: 100px;
                top: 50%;
                left: 50%;
                transform: translate(-50%, -50%);
                pointer-events: none;
                transition: opacity 1s;
            }

            #loader > svg {
                width: 100%;
                height: 100%;
            }

            [data-loaded="false"] #root {
                opacity: 0;
            }

            [data-loaded="false"] #loader {
                opacity: 1;
            }

            [data-loaded="true"] #loader {
                opacity: 0;
            }
        </style>
      <script type="module" crossorigin src="/assets/index-DLjs62ni.js"></script>
      <link rel="stylesheet" crossorigin href="/assets/index-DjawU6In.css">
    </head>
    <body>
        <noscript>You need to enable JavaScript to run this app.</noscript>
        <div id="root"></div>
        <div id="loader">
            <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 300 150">
                <path
                    fill="none"
                    stroke="currentColor"
                    stroke-width="15"
                    stroke-linecap="round"
                    stroke-dasharray="300 385"
                    stroke-dashoffset="0"
                    d="M275 75c0 31-27 50-50 50-58 0-92-100-150-100-28 0-50 22-50 50s23 50 50 50c58 0 92-100 150-100 24 0 50 19 50 50Z"
                >
                    <animate
                        attributeName="stroke-dashoffset"
                        calcMode="spline"
                        dur="2"
                        values="685;-685"
                        keySplines="0 0 1 1"
                        repeatCount="indefinite"
                    />
                </path>
            </svg>
        </div>
    </body>
</html>
    Found 2026-01-12 by HttpPlugin
    Create report

  • Open service 185.144.225.9:443 · innovam.bespeak.nl

    2026-01-11 07:25 

    HTTP/1.1 200 OK
Date: Sun, 11 Jan 2026 07:25:14 GMT
Content-Type: text/html
Content-Length: 2716
Connection: close
Last-Modified: Thu, 08 Jan 2026 10:28:18 GMT
ETag: "695f86c2-a9c"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Access-Control-Max-Age: 1728000


<!doctype html>
<html lang="nl" data-loaded="false">
    <head>
        <meta charset="utf-8" />
        <link
            rel="icon"
            type="image/x-icon"
            href="/favicon.ico"
            sizes="16x16"
        />
        <link
            rel="icon"
            type="image/png"
            href="/static/images/favicon-32x32.png"
            sizes="32x32"
        />
        <link
            rel="icon"
            type="image/png"
            href="/static/images/favicon-16x16.png"
            sizes="16x16"
        />
        <meta name="viewport" content="width=device-width, initial-scale=1" />
        <meta name="theme-color" content="#BD285F" />
        <meta name="description" content="Witty" />
        <style>
            #loader {
                position: fixed;
                place-items: center;
                align-content: center;
                width: 100px;
                height: 100px;
                top: 50%;
                left: 50%;
                transform: translate(-50%, -50%);
                pointer-events: none;
                transition: opacity 1s;
            }

            #loader > svg {
                width: 100%;
                height: 100%;
            }

            [data-loaded="false"] #root {
                opacity: 0;
            }

            [data-loaded="false"] #loader {
                opacity: 1;
            }

            [data-loaded="true"] #loader {
                opacity: 0;
            }
        </style>
      <script type="module" crossorigin src="/assets/index-7I0L2spx.js"></script>
      <link rel="stylesheet" crossorigin href="/assets/index-DjawU6In.css">
    </head>
    <body>
        <noscript>You need to enable JavaScript to run this app.</noscript>
        <div id="root"></div>
        <div id="loader">
            <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 300 150">
                <path
                    fill="none"
                    stroke="currentColor"
                    stroke-width="15"
                    stroke-linecap="round"
                    stroke-dasharray="300 385"
                    stroke-dashoffset="0"
                    d="M275 75c0 31-27 50-50 50-58 0-92-100-150-100-28 0-50 22-50 50s23 50 50 50c58 0 92-100 150-100 24 0 50 19 50 50Z"
                >
                    <animate
                        attributeName="stroke-dashoffset"
                        calcMode="spline"
                        dur="2"
                        values="685;-685"
                        keySplines="0 0 1 1"
                        repeatCount="indefinite"
                    />
                </path>
            </svg>
        </div>
    </body>
</html>
    Found 2026-01-11 by HttpPlugin
    Create report

  • Open service 185.144.225.9:443 · auth.platform.onderwijsenregio.nl

    2026-01-10 10:59 

    HTTP/1.1 302 Found
Date: Sat, 10 Jan 2026 10:59:53 GMT
Content-Length: 0
Connection: close
Location: https://auth.platform.onderwijsenregio.nl/admin/
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
    Found 2026-01-10 by HttpPlugin
    Create report

  • Open service 185.144.225.9:443 · auth.tijd-voor-toekomst.provincie-groningen.test.test-k8s.tribeagency.nl

    2026-01-10 10:14 

    HTTP/1.1 302 Found
Date: Sat, 10 Jan 2026 10:14:14 GMT
Content-Length: 0
Connection: close
Location: https://auth.tijd-voor-toekomst.provincie-groningen.test.test-k8s.tribeagency.nl/admin/
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
    Found 2026-01-10 by HttpPlugin
    Create report

  • Open service 185.144.225.9:80 · x1pmtp6e.app.shared.shockapp.io

    2026-01-09 09:44 

    HTTP/1.1 308 Permanent Redirect
date: Fri, 09 Jan 2026 09:44:12 GMT
content-type: text/html
content-length: 164
location: https://x1pmtp6e.app.shared.shockapp.io
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
connection: close

Page title: 308 Permanent Redirect

<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
<hr><center>nginx</center>
</body>
</html>
    Found 2026-01-09 by HttpPlugin
    Create report

  • Open service 185.144.225.9:443 · x1pmtp6e.app.shared.shockapp.io

    2026-01-09 09:44 

    HTTP/1.1 200 OK
Date: Fri, 09 Jan 2026 09:44:11 GMT
Content-Type: text/html
Content-Length: 1134
Connection: close
Last-Modified: Tue, 09 Dec 2025 08:08:25 GMT
ETag: "6937d8f9-46e"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Access-Control-Max-Age: 1728000

Page title: Platform Onderwijs & Regio Groningen

<!doctype html><html lang="en"><head><script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
              new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],
              j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src=
              'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);
              })(window,document,'script','dataLayer','GTM-PD7FT3ZD');</script><meta charset="UTF-8"/><link rel="icon" type="image/png" href="/favicon-96x96.png" sizes="96x96"/><link rel="icon" type="image/svg+xml" href="/favicon.svg"/><link rel="shortcut icon" href="/favicon.ico"/><link rel="apple-touch-icon" sizes="180x180" href="/apple-touch-icon.png"/><link rel="manifest" href="/site.webmanifest"/><meta name="viewport" content="width=device-width,initial-scale=1"/><meta name="robots" content="index, follow"/><title>Platform Onderwijs & Regio Groningen</title><script type="module" crossorigin src="/assets/index-CLWUfO-X.js"></script><link rel="stylesheet" crossorigin href="/assets/index-DUG2eat1.css"></head><body><div id="root"></div></body></html>
    Found 2026-01-09 by HttpPlugin
    Create report

  • Open service 185.144.225.9:443 · vopluddo.app.shared.shockapp.io

    2026-01-09 09:43 

    HTTP/1.1 200 OK
Date: Fri, 09 Jan 2026 09:43:13 GMT
Content-Type: text/html
Content-Length: 491
Connection: close
Last-Modified: Wed, 17 Dec 2025 08:10:42 GMT
ETag: "69426582-1eb"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Access-Control-Max-Age: 1728000

Page title: Tijd voor Toekomst

<!doctype html><html lang="en"><head><meta charset="UTF-8"/><link rel="icon" href="/favicon.ico" type="image/x-icon"/><meta name="viewport" content="width=device-width,initial-scale=1"/><meta name="robots" content="index, follow"/><title>Tijd voor Toekomst</title><script type="module" crossorigin src="/assets/index-bRKu92iU.js"></script><link rel="stylesheet" crossorigin href="/assets/index-STl4n8gT.css"></head><body><div id="root" class="flex min-h-screen flex-col"></div></body></html>
    Found 2026-01-09 by HttpPlugin
    Create report

  • Open service 185.144.225.9:80 · c1ynujxx.app.shared.shockapp.io

    2026-01-08 09:28 

    HTTP/1.1 308 Permanent Redirect
date: Thu, 08 Jan 2026 09:28:46 GMT
content-type: text/html
content-length: 164
location: https://c1ynujxx.app.shared.shockapp.io
connection: close

Page title: 308 Permanent Redirect

<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
<hr><center>nginx</center>
</body>
</html>
    Found 2026-01-08 by HttpPlugin
    Create report

  • Open service 185.144.225.9:443 · c1ynujxx.app.shared.shockapp.io

    2026-01-08 09:28 

    HTTP/1.1 503 Service Temporarily Unavailable
Date: Thu, 08 Jan 2026 09:28:47 GMT
Content-Type: text/html
Content-Length: 190
Connection: close
Strict-Transport-Security: max-age=31536000; includeSubDomains

Page title: 503 Service Temporarily Unavailable

<html>
<head><title>503 Service Temporarily Unavailable</title></head>
<body>
<center><h1>503 Service Temporarily Unavailable</h1></center>
<hr><center>nginx</center>
</body>
</html>
    Found 2026-01-08 by HttpPlugin
    Create report

  • Open service 185.144.225.9:80 · xg3auucx.app.shared.shockapp.io

    2026-01-08 08:30 

    HTTP/1.1 308 Permanent Redirect
date: Thu, 08 Jan 2026 08:30:08 GMT
content-type: text/html
content-length: 164
location: https://xg3auucx.app.shared.shockapp.io
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
connection: close

Page title: 308 Permanent Redirect

<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
<hr><center>nginx</center>
</body>
</html>
    Found 2026-01-08 by HttpPlugin
    Create report

  • Open service 185.144.225.9:443 · e6rvoh7g-keycloak.app.shared.shockapp.io

    2026-01-08 07:11 

    HTTP/1.1 302 Found
Date: Thu, 08 Jan 2026 07:11:54 GMT
Content-Length: 0
Connection: close
Location: https://e6rvoh7g-keycloak.app.shared.shockapp.io/admin/
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
    Found 2026-01-08 by HttpPlugin
    Create report

  • Open service 185.144.225.9:80 · yeslease.nl.wiredev.nl

    2026-01-08 03:51 

    HTTP/1.1 308 Permanent Redirect
date: Thu, 08 Jan 2026 03:51:53 GMT
content-type: text/html
content-length: 164
location: https://yeslease.nl.wiredev.nl
connection: close

Page title: 308 Permanent Redirect

<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
<hr><center>nginx</center>
</body>
</html>
    Found 2026-01-08 by HttpPlugin
    Create report

  • Open service 185.144.225.9:443 · yeslease.nl.wiredev.nl

    2026-01-08 03:51 

    HTTP/1.1 503 Service Temporarily Unavailable
Date: Thu, 08 Jan 2026 03:51:52 GMT
Content-Type: text/html
Content-Length: 190
Connection: close
Strict-Transport-Security: max-age=31536000; includeSubDomains

Page title: 503 Service Temporarily Unavailable

<html>
<head><title>503 Service Temporarily Unavailable</title></head>
<body>
<center><h1>503 Service Temporarily Unavailable</h1></center>
<hr><center>nginx</center>
</body>
</html>
    Found 2026-01-08 by HttpPlugin
    Create report

  • Open service 185.144.225.9:80 · reb3l7rw.app.shared.shockapp.io

    2026-01-05 15:03 

    HTTP/1.1 308 Permanent Redirect
date: Mon, 05 Jan 2026 15:03:49 GMT
content-type: text/html
content-length: 164
location: https://reb3l7rw.app.shared.shockapp.io
connection: close

Page title: 308 Permanent Redirect

<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
<hr><center>nginx</center>
</body>
</html>
    Found 2026-01-05 by HttpPlugin
    Create report

  • Open service 185.144.225.9:443 · 00g5h1r1.app.shared.shockapp.io

    2026-01-05 06:24 

    HTTP/1.1 503 Service Unavailable
Date: Mon, 05 Jan 2026 06:24:01 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 299
Connection: close
Strict-Transport-Security: max-age=31536000; includeSubDomains

Page title: 503 Service Unavailable

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>503 Service Unavailable</title>
</head><body>
<h1>Service Unavailable</h1>
<p>The server is temporarily unable to service your
request due to maintenance downtime or capacity
problems. Please try again later.</p>
</body></html>
    Found 2026-01-05 by HttpPlugin
    Create report

  • Open service 185.144.225.9:80 · arrivals.lento.eu

    2026-01-02 18:05 

    HTTP/1.1 308 Permanent Redirect
date: Fri, 02 Jan 2026 18:05:02 GMT
content-type: text/html
content-length: 164
location: https://arrivals.lento.eu
connection: close

Page title: 308 Permanent Redirect

<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
<hr><center>nginx</center>
</body>
</html>
    Found 2026-01-02 by HttpPlugin
    Create report

  • Open service 185.144.225.9:443 · cms.samenstellen.kozien.nl

    2026-01-01 22:12 

    HTTP/1.1 302 Found
Date: Thu, 01 Jan 2026 22:12:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 28
Connection: close
X-Powered-By: Express
Location: /admin
Vary: Accept
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Access-Control-Max-Age: 1728000


Found. Redirecting to /admin
    Found 2026-01-01 by HttpPlugin
    Create report

  • Open service 185.144.225.9:80 · reverse-it.net

    2025-12-23 03:14 

    HTTP/1.1 308 Permanent Redirect
date: Tue, 23 Dec 2025 03:14:14 GMT
content-type: text/html
content-length: 164
location: https://reverse-it.net
connection: close

Page title: 308 Permanent Redirect

<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
<hr><center>nginx</center>
</body>
</html>
    Found 2025-12-23 by HttpPlugin
    Create report

  • Open service 185.144.225.9:443 · reverse-it.net.wireurl.nl

    2025-12-23 00:48 

    HTTP/1.1 200 OK
Date: Tue, 23 Dec 2025 00:48:38 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: close
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-security-policy-report-only: default-src 'self';connect-src 'self' www.googletagmanager.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.google.nl https://*.google.be https://*.google.de https://*.google.co.uk https://*.ads.linkedin.com *.hsforms.com *.hubspot.com https://consentcdn.cookiebot.com https://consent.cookiebot.com https://consentcdn.cookiebot.eu https://consent.cookiebot.eu https://www.gstatic.com/draco/versioned/decoders/1.5.5/draco_wasm_wrapper.js https://www.gstatic.com/draco/versioned/decoders/1.5.5/draco_decoder.wasm blob: *.sentry.io https://www.google.com/ccm/collect https://*.googlesyndication.com/ccm/collect https://pagead2.googlesyndication.com/pagead/landing;script-src 'self' 'nonce-NzhjODQwNTgtMWMzMy00ZTIyLTljZTctOTc2M2E3NDA2Mjk4' 'strict-dynamic' https://*.googletagmanager.com *.hsforms.com *.hsforms.net 'wasm-unsafe-eval' https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com;style-src 'self' 'unsafe-inline';img-src 'self' blob: data: cdn.reverse-it.net www.googletagmanager.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.google.nl https://*.google.be https://*.google.de https://*.google.co.uk https://*.ads.linkedin.com *.hsforms.com *.hsforms.net https://*.cookiebot.com https://googleads.g.doubleclick.net https://www.google.com https://google.com;frame-src https://td.doubleclick.net *.hsforms.com *.hsforms.net https://consentcdn.cookiebot.com https://www.googletagmanager.com;font-src 'self';object-src 'self' cdn.reverse-it.net;base-uri 'self';form-action 'self' *.hsforms.com;frame-ancestors 'self' https://*.reverse-it.net;child-src *.hsforms.com 'self' blob:;worker-src 'self' blob:;report-uri https://o369052.ingest.us.sentry.io/api/4507573416624128/security/?sentry_key=c68ca405e98083c49f1596fb8d59211f;report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":10886400,"endpoints":[{"url":"https://o369052.ingest.us.sentry.io/api/4507573416624128/security/?sentry_key=c68ca405e98083c49f1596fb8d59211f"}]}
x-middleware-rewrite: /default/
Vary: RSC,Next-Router-State-Tree,Next-Router-Prefetch,Accept-Encoding
link: </_next/static/media/26d4368bf94c0ec4-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2"
X-Powered-By: Next.js
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
    Found 2025-12-23 by HttpPlugin
    Create report

  • Open service 185.144.225.9:443 · reverse-it.net.wiredev.nl

    2025-12-23 00:36 

    HTTP/1.1 401 Unauthorized
Date: Tue, 23 Dec 2025 00:36:58 GMT
Content-Type: text/plain;charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-security-policy-report-only: default-src 'self';connect-src 'self' www.googletagmanager.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.google.nl https://*.google.be https://*.google.de https://*.google.co.uk https://*.ads.linkedin.com *.hsforms.com *.hubspot.com https://consentcdn.cookiebot.com https://consent.cookiebot.com https://consentcdn.cookiebot.eu https://consent.cookiebot.eu https://www.gstatic.com/draco/versioned/decoders/1.5.5/draco_wasm_wrapper.js https://www.gstatic.com/draco/versioned/decoders/1.5.5/draco_decoder.wasm blob: *.sentry.io https://www.google.com/ccm/collect https://*.googlesyndication.com/ccm/collect https://pagead2.googlesyndication.com/pagead/landing;script-src 'self' 'nonce-YTVjMWVmMDAtNjBjNS00NjQ1LTk0ODgtOTBiNjZlNmZiNDNl' 'strict-dynamic' https://*.googletagmanager.com *.hsforms.com *.hsforms.net 'wasm-unsafe-eval' https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com;style-src 'self' 'unsafe-inline';img-src 'self' blob: data: d3bgowt54v16im.cloudfront.net www.googletagmanager.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.google.nl https://*.google.be https://*.google.de https://*.google.co.uk https://*.ads.linkedin.com *.hsforms.com *.hsforms.net https://*.cookiebot.com https://googleads.g.doubleclick.net https://www.google.com https://google.com;frame-src https://td.doubleclick.net *.hsforms.com *.hsforms.net https://consentcdn.cookiebot.com https://www.googletagmanager.com;font-src 'self';object-src 'self' d3bgowt54v16im.cloudfront.net;base-uri 'self';form-action 'self' *.hsforms.com;frame-ancestors 'self' https://*.reverse-it.net.wiredev.nl;child-src *.hsforms.com 'self' blob:;worker-src 'self' blob:;report-uri https://o369052.ingest.us.sentry.io/api/4507573416624128/security/?sentry_key=c68ca405e98083c49f1596fb8d59211f;report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":10886400,"endpoints":[{"url":"https://o369052.ingest.us.sentry.io/api/4507573416624128/security/?sentry_key=c68ca405e98083c49f1596fb8d59211f"}]}
x-middleware-rewrite: /api/auth
vary: RSC,Next-Router-State-Tree,Next-Router-Prefetch
www-authenticate: Basic realm='private_pages'


Authentication Required!
    Found 2025-12-23 by HttpPlugin
    Create report

  • Open service 185.144.225.9:443 · c1l7qbuq.app.shared.shockapp.io

    2025-12-23 00:35 

    HTTP/1.1 401 Unauthorized
Date: Tue, 23 Dec 2025 00:35:54 GMT
Content-Type: text/plain;charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-security-policy-report-only: default-src 'self';connect-src 'self' www.googletagmanager.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.google.nl https://*.google.be https://*.google.de https://*.google.co.uk https://*.ads.linkedin.com *.hsforms.com *.hubspot.com https://consentcdn.cookiebot.com https://consent.cookiebot.com https://consentcdn.cookiebot.eu https://consent.cookiebot.eu https://www.gstatic.com/draco/versioned/decoders/1.5.5/draco_wasm_wrapper.js https://www.gstatic.com/draco/versioned/decoders/1.5.5/draco_decoder.wasm blob: *.sentry.io https://www.google.com/ccm/collect https://*.googlesyndication.com/ccm/collect https://pagead2.googlesyndication.com/pagead/landing;script-src 'self' 'nonce-NGEzZDQ1MDktMDMxYy00MzYzLThiZmQtOWIxOWJkZGQ3OTAz' 'strict-dynamic' https://*.googletagmanager.com *.hsforms.com *.hsforms.net 'wasm-unsafe-eval' https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com;style-src 'self' 'unsafe-inline';img-src 'self' blob: data: d3bgowt54v16im.cloudfront.net www.googletagmanager.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.google.nl https://*.google.be https://*.google.de https://*.google.co.uk https://*.ads.linkedin.com *.hsforms.com *.hsforms.net https://*.cookiebot.com https://googleads.g.doubleclick.net https://www.google.com https://google.com;frame-src https://td.doubleclick.net *.hsforms.com *.hsforms.net https://consentcdn.cookiebot.com https://www.googletagmanager.com;font-src 'self';object-src 'self' d3bgowt54v16im.cloudfront.net;base-uri 'self';form-action 'self' *.hsforms.com;frame-ancestors 'self' https://*.reverse-it.net.wiredev.nl;child-src *.hsforms.com 'self' blob:;worker-src 'self' blob:;report-uri https://o369052.ingest.us.sentry.io/api/4507573416624128/security/?sentry_key=c68ca405e98083c49f1596fb8d59211f;report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":10886400,"endpoints":[{"url":"https://o369052.ingest.us.sentry.io/api/4507573416624128/security/?sentry_key=c68ca405e98083c49f1596fb8d59211f"}]}
x-middleware-rewrite: /api/auth
vary: RSC,Next-Router-State-Tree,Next-Router-Prefetch
www-authenticate: Basic realm='private_pages'


Authentication Required!
    Found 2025-12-23 by HttpPlugin
    Create report

  • Open service 185.144.225.9:80 · c1l7qbuq.app.shared.shockapp.io

    2025-12-23 00:35 

    HTTP/1.1 308 Permanent Redirect
date: Tue, 23 Dec 2025 00:35:54 GMT
content-type: text/html
content-length: 164
location: https://c1l7qbuq.app.shared.shockapp.io
connection: close

Page title: 308 Permanent Redirect

<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
<hr><center>nginx</center>
</body>
</html>
    Found 2025-12-23 by HttpPlugin
    Create report

  • Open service 185.144.225.9:443 · cms.configurator.thermototaal.test.test-k8s.tribeagency.nl

    2025-12-23 00:17 

    HTTP/1.1 302 Found
Date: Tue, 23 Dec 2025 00:17:10 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 28
Connection: close
X-Powered-By: Express
Location: /admin
Vary: Accept
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Access-Control-Max-Age: 1728000


Found. Redirecting to /admin
    Found 2025-12-23 by HttpPlugin
    Create report
a1pr4ktf.app.ondemand.shockapp.io
Fingerprint:
cf4b3eea271c2029a27d5eb12bce456eb506a0370b4876ce9f6cf3a44d053069
CN:
a1pr4ktf.app.ondemand.shockapp.io
Key:
RSA-2048
Issuer:
R13
Not before:
2026-01-26 11:39
Not after:
2026-04-26 11:39
mwddn6ao.app.ondemand.shockapp.io
Fingerprint:
977215ccac3ab703fc627ec7a29cd4016747290281105a1138092b460b601414
CN:
mwddn6ao.app.ondemand.shockapp.io
Key:
RSA-2048
Issuer:
R13
Not before:
2026-01-26 11:27
Not after:
2026-04-26 11:27
plantuml.kik-v-publicatieplatform.nl
Fingerprint:
3c4b2ed8d8825ae2e9217d7f6b682d798fac20c45ef0b6f775b6402091851ba0
CN:
plantuml.kik-v-publicatieplatform.nl
Key:
RSA-2048
Issuer:
R13
Not before:
2026-01-26 02:00
Not after:
2026-04-26 02:00
www.werkenvoor.denhaag.nl
Fingerprint:
66b1c64ff0e75be075e4042b02c28ab8d3f54439fd3f3f974f4d59a4ba6e4785
CN:
www.werkenvoor.denhaag.nl
Key:
RSA-2048
Issuer:
R12
Not before:
2026-01-24 23:22
Not after:
2026-04-24 23:22
demo.daas.tribe.test.test-k8s.tribeagency.nl
Fingerprint:
ec36a7d1f9b0da21f7b05fcadea53797f10e0ef7db62dd6d4edd7594bc102451
CN:
demo.daas.tribe.test.test-k8s.tribeagency.nl
Key:
RSA-2048
Issuer:
R13
Not before:
2026-01-23 07:52
Not after:
2026-04-23 07:52
api.kik-v-credentialsplatform.nl
Fingerprint:
f026c9267ecc77b05a9427d90d6b1b4f7533cd3d8d07826e04f50f4f7cc2ecb1
CN:
api.kik-v-credentialsplatform.nl
Key:
RSA-2048
Issuer:
R12
Not before:
2026-01-23 04:17
Not after:
2026-04-23 04:17
acceptatie.kik-v-credentialsplatform.nl
Fingerprint:
240b3e592f62fd7b3ff668eb6ac7af4fe1a51d52d42a43f9f8af72f24a87bc8b
CN:
acceptatie.kik-v-credentialsplatform.nl
Key:
RSA-2048
Issuer:
R12
Not before:
2026-01-23 00:51
Not after:
2026-04-23 00:51
widoco.acceptatie.kik-v-credentialsplatform.nl
Fingerprint:
7ede4066548dd6a212b0cca85880fb1390d96bcd1e3ecb4eba8ce99792b436fb
CN:
widoco.acceptatie.kik-v-credentialsplatform.nl
Key:
RSA-2048
Issuer:
R12
Not before:
2026-01-23 00:52
Not after:
2026-04-23 00:52
api.acceptatie.kik-v-credentialsplatform.nl
Fingerprint:
2d4dffddf11e891568a629d29f964e38166e97d9288c7e85c3d6887cb7bd61ae
CN:
api.acceptatie.kik-v-credentialsplatform.nl
Key:
RSA-2048
Issuer:
R12
Not before:
2026-01-23 00:50
Not after:
2026-04-23 00:49
api.daas.tribe.test.test-k8s.tribeagency.nl
Fingerprint:
d3639b181965865379cf0caac7eaa8ec83ce6899e3668ebc35fd38297cb71764
CN:
api.daas.tribe.test.test-k8s.tribeagency.nl
Key:
RSA-2048
Issuer:
R12
Not before:
2026-01-22 06:25
Not after:
2026-04-22 06:25
visavionline.witty.bespeak.acc.test-k8s.tribeagency.nl
Fingerprint:
accd354ae0105d9ff95f6244d5f20edc65d76362f645659a52068ef2d26c1ed8
CN:
visavionline.witty.bespeak.acc.test-k8s.tribeagency.nl
Key:
RSA-2048
Issuer:
R12
Not before:
2026-01-12 07:27
Not after:
2026-04-12 07:27
innovam.bespeak.nl
Fingerprint:
f963c49d35fcdd93faa56c1ad07bc732e38995d232b0eb785ddd1391be54da9a
CN:
innovam.bespeak.nl
Key:
RSA-2048
Issuer:
R13
Not before:
2026-01-03 04:00
Not after:
2026-04-03 04:00
auth.platform.onderwijsenregio.nl
Fingerprint:
388fe29113e6dc58e6048169ca72be32f441c03b2d7a82bf10c91c3e2b0e66a9
CN:
auth.platform.onderwijsenregio.nl
Key:
RSA-2048
Issuer:
R13
Not before:
2026-01-10 10:01
Not after:
2026-04-10 10:01
auth.tijd-voor-toekomst.provincie-groningen.test.test-k8s.tribeagency.nl
Fingerprint:
613b8cfdbfa44baadfc519c0daf4709bf8de3f5fc055d2e1db703cd1d2ea0833
CN:
Key:
RSA-2048
Issuer:
R12
Not before:
2026-01-10 09:15
Not after:
2026-04-10 09:15
x1pmtp6e.app.shared.shockapp.io
Fingerprint:
f7ec1d3dedfc04ec6106f8bff8f285c72c09144f9ab0d4a284f33516d905e28a
CN:
x1pmtp6e.app.shared.shockapp.io
Key:
RSA-2048
Issuer:
R13
Not before:
2026-01-09 08:44
Not after:
2026-04-09 08:44
vopluddo.app.shared.shockapp.io
Fingerprint:
92b7b46f7227ddcc9206caf4a2a23f3f5c6cc40fcb693de3d5672835e669bde2
CN:
vopluddo.app.shared.shockapp.io
Key:
RSA-2048
Issuer:
R12
Not before:
2026-01-09 08:43
Not after:
2026-04-09 08:43
c1ynujxx.app.shared.shockapp.io
Fingerprint:
91a5c736d3856569b4805016a77fb1bea3a2260b3946ae1fe5d8841a25a0ccf4
CN:
c1ynujxx.app.shared.shockapp.io
Key:
RSA-2048
Issuer:
R12
Not before:
2026-01-08 08:30
Not after:
2026-04-08 08:30
e6rvoh7g-keycloak.app.shared.shockapp.io
Fingerprint:
93c64d83a84cae42ba83ab32fc0bceec3678a660e6c61e0d13527f0da1cd3e94
CN:
e6rvoh7g-keycloak.app.shared.shockapp.io
Key:
RSA-2048
Issuer:
R12
Not before:
2025-11-18 07:31
Not after:
2026-02-16 07:31
yeslease.nl.wiredev.nl
Fingerprint:
1b3f0253ff5aa192cb474acb2ab54fcde272ba574d5836bbcdffa8b485f17c43
CN:
yeslease.nl.wiredev.nl
Key:
RSA-2048
Issuer:
R12
Not before:
2026-01-08 02:52
Not after:
2026-04-08 02:52
00g5h1r1.app.shared.shockapp.io
Fingerprint:
a4fcf21b51497d073b327e6a318ba7e7e44e74a6e91ac334a48327b12b67ba41
CN:
00g5h1r1.app.shared.shockapp.io
Key:
RSA-2048
Issuer:
R12
Not before:
2026-01-05 05:24
Not after:
2026-04-05 05:24
cms.samenstellen.kozien.nl
Fingerprint:
3fe2b0bcc539a94089054bee36801a49f859744d4c64436c58668e82607a8c10
CN:
cms.samenstellen.kozien.nl
Key:
RSA-2048
Issuer:
R13
Not before:
2025-11-11 04:00
Not after:
2026-02-09 04:00
reverse-it.net.wireurl.nl
Fingerprint:
aa1f14ff949d1a4975c5c5107ad25e8297d133430d02c84ddb2ae0c77dcf3584
CN:
reverse-it.net.wireurl.nl
Key:
RSA-2048
Issuer:
R13
Not before:
2025-12-22 23:49
Not after:
2026-03-22 23:49
reverse-it.net.wiredev.nl
Fingerprint:
5679895c6286e96e5ec0cf4f7c8e1a70fa34d42f113d1805240083f24ccecd0d
CN:
reverse-it.net.wiredev.nl
Key:
RSA-2048
Issuer:
R12
Not before:
2025-12-22 23:38
Not after:
2026-03-22 23:38
c1l7qbuq.app.shared.shockapp.io
Fingerprint:
c5b1d121cf6cc53084e8c8606bd696d8c851bbf01180b3e3b4fcf294361f570b
CN:
c1l7qbuq.app.shared.shockapp.io
Key:
RSA-2048
Issuer:
R12
Not before:
2025-12-22 23:36
Not after:
2026-03-22 23:36
cms.configurator.thermototaal.test.test-k8s.tribeagency.nl
Fingerprint:
e76834e2ed53f2cd2a487a28f14c806f7f8a07c7cbc01ffdca8e33ed2a9cd92a
CN:
cms.configurator.thermototaal.test.test-k8s.tribeagency.nl
Key:
RSA-2048
Issuer:
R13
Not before:
2025-12-18 08:31
Not after:
2026-03-18 08:31
Data leak
Size
2.1 MB
Collections
10
Rows
32
Domain summary

api.configurator.thermototaal.test.test-k8s.tribeagency.nl 3 pinkpop.nl 2 nskbzh68.app.shared.shockapp.io 2 cms.samenstellen.kozien.nl 3 cms.configurator.thermototaal.test.test-k8s.tribeagency.nl 1 developer.datachecker.nl 1 demo.lento.eu 1 ym2njnd6.app.shared.shockapp.io 1 api.ab-texel.acc.k8s.tribeagency.nl 1 vopluddo.app.shared.shockapp.io 0 yeslease.nl.wiredev.nl 1 widoco.acceptatie.kik-v-credentialsplatform.nl 0 api.acceptatie.kik-v-credentialsplatform.nl 0 api.daas.tribe.test.test-k8s.tribeagency.nl 1 drs6omp8.app.shared.shockapp.io 0 visavionline.witty.bespeak.acc.test-k8s.tribeagency.nl 0 innovam.bespeak.nl 0 auth.platform.onderwijsenregio.nl 0 auth.tijd-voor-toekomst.provincie-groningen.test.test-k8s.tribeagency.nl 0 x1pmtp6e.app.shared.shockapp.io 1 spa.deburen.shockapp.io 0 c1ynujxx.app.shared.shockapp.io 1 xg3auucx.app.shared.shockapp.io 0 e6rvoh7g-keycloak.app.shared.shockapp.io 0 acceptatie.kik-v-credentialsplatform.nl 0 reb3l7rw.app.shared.shockapp.io 0 00g5h1r1.app.shared.shockapp.io 0 arrivals.lento.eu 0 reverse-it.net 0 reverse-it.net.wireurl.nl 0 reverse-it.net.wiredev.nl 0 c1l7qbuq.app.shared.shockapp.io 1 api.kik-v-credentialsplatform.nl 0 demo.daas.tribe.test.test-k8s.tribeagency.nl 0 www.werkenvoor.denhaag.nl 0 www.yeslease.nl.wiredev.nl 0 plantuml.kik-v-publicatieplatform.nl 0 cs7809mw.app.ondemand.shockapp.io 0 mwddn6ao.app.ondemand.shockapp.io 0 a1pr4ktf.app.ondemand.shockapp.io 1

40 recorded

© 2026 LeakIX v2.0.49
About LeakIX - Credits - Take-down and blacklist requests - Security issues - Terms and conditions - Cookie policy - Legal notice